Something called 'Google Dorking' helps hackers find out stuff no one wants them to know
AP
The attack on the dam gave the hacker info about water levels and the dam's sluice gate, which could have allowed the attacker to open the gate and flood part of the city, the US Department of Justice said.
But the hacker was foiled because the sluice gate happened to be offline for maintenance during the hack.
How did the accused person get access to this dam? He Googled it, according to the Wall Street Journal.
It's a technique called "Google Dorking" which involves using Google's advanced search techniques to dig up information on the internet that doesn't easily pop up during a normal search.
In 2014, the Feds even issued a warning to U.S. businesses to be on the lookout for Google Dorking activity as a sign of hackers.
Despite the funny name, "Google Dorking" isn't an April's Fool joke. It's a real thing.
For instance, Google offers a feature called "site," that lets you search a single website for a keyword or photos. (Here's a tutorial on how to use that.) Google also has special search commands called "filetype" and "datarange."
The kind of Google Dorking the feds are worried about, and that hackers use in their attacks, goes further. It's when malicious hackers use these advanced techniques looking for stuff that companies didn't mean to put online.
In the case of the New York dam, the hacker used Google from the other side of the world to find US infrastructure sites that had vulnerable hardware systems attached to the internet, reports the Wall Street Journal.
Of course, Google Dorking is just as often used for good as for evil. Good guy hackers, called "white hats," use these same advanced techniques to test security systems and see if and how they can be breached by the bad guys.
The Infosec Institute, an organization that trains people to be computer security pros, shows how using Google can easily turn up things like username and passwords, sensitive documents, even bank account details.
There are entire projects dedicated to that effort, too, like The Diggity Project and the Google Hacking Database. These projects keep lists of pre-made dorking queries that companies can run on their own websites to see what turns up.
- Having an regional accent can be bad for your interviews, especially an Indian one: study
- Dirty laundry? Major clothing companies like Zara and H&M under scrutiny for allegedly fuelling deforestation in Brazil
- 5 Best places to visit near Darjeeling
- Climate change could become main driver of biodiversity decline by mid-century: Study
- RBI initiates transition plan: Small finance banks to ascend to universal banking status
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market