After seven Iranian hackers were indicted by the U.S. Justice Department for their involvement in hacking financial institutions and a New York dam, reports have emerged indicated that the hackers used a method known as “Google Dorking” to obtain information on the dams. Google Dorking is the name for a technique involving advanced string searches on Google that enable users to uncover otherwise-hidden information on web pages.
The Department of Homeland Security issued a public safety alert on Google Dorking to help mitigate its effects, which read: “Malicious cyber actors are using advanced search techniques, referred to as ‘Google dorking’ to locate information that organizations may not have intended to be discoverable by the public or to find website vulnerabilities for use in cyber attacks… By searching for specific file types and keywords, malicious cyber actors can locate information such as usernames and passwords, email lists, sensitive documents, bank account details, and website vulnerabilities.”
For more, see MEMRI CJL Report, Seven Iranian Hackers Charged With Hacking U.S. Financial Institutions, New York Dam, March 25, 2016.
Source: Techworm.net, April 3, 2016.