Google Hacking: Why being a Google dork is hurting your company - Information Security Magazine - Page 1

Google Hacking: Why being a Google dork is hurting your company

A simple search can expose security secrets. Black hats are aware of it. Are you?

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.
More information from SearchSecurity.com

Learn how to Google hack your business before black hats do.

Our glossary definition of Google hacking provides basic preventative measures.

Visit our resource center for tips and expert advice on hacking tools and techniques.

Dorks love Google. Being a Googledork, however, is nothing to aspire to.

Yes, that's an actual term. Haven't heard of it? Well, it's about time you did. Googledork refers to anyone who has unknowingly exposed sensitive information on the Web, enabling search engines to index material that wasn't intended for public consumption.

Are you a Googledork? Are your coworkers? Think long and hard. Then do a pen test to make sure you and your company are in the clear. You might be surprised at what you find.

Google hacking--the practice of using specially crafted search engine queries to cull information about a target--is now a feather in virtually every black hat's cap. They're pulling off real intrusions, using real information gleaned from the simplest of queries on Google and other search engines to attack unsuspecting companies. And, they do it without leaving a trace.

What should worry CISOs most? There's the troubling fact that you may be unaware that your company's sensitive information is a sitting duck on the Internet. Just as disturbing, though, is the alarming simplicity with which these hacks can be executed. All the tools to pull off a successful Google hack are readily available on the Internet.

Security practitioners are starting to learn that this is more than silly Web gibberish. If it's your job to secure information, being a Googledork could land you in the unemployment line. You can't be in the dark about this phenomenon...or how to keep from falling prey to it.

This was first published in March 2006

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top