Are You a Dork?

Are you a dork? If you’re a regular reader of SourceCon, the answer to that question is probably yes – at least according to the way the federal government defines the term “Google dorking.”

What is Google dorking? Our federal government shared the following definition in a recent warning to business owners. 

“Malicious cyber actors are using advanced search techniques, referred to as “Google dorking,” to locate information that organizations may not have intended to be discoverable by the public or to find website vulnerabilities for use in
subsequent cyber attacks. “Google dorking” has become the acknowledged term for this malicious activity, but it applies to any search engine with advanced search capabilities. By searching for specific file types and keywords, malicious cyber actors can locate information such as usernames and passwords, e-mail lists, sensitive documents, bank account details, and website vulnerabilities. For example, a simple “operator:keyword” syntax, such as “filetype:xls intext:username,” in the standard search box would retrieve Excel spreadsheets containing usernames. Additionally, freely available online tools can run automated scans using multiple dork queries.”

Article Continues Below

Hmm, that type of activity sure sounds familiar (except for the cyber attacks, of course).

 

Jeremy Roberts, SPHR, is VP, Customer Experience at HiringSolved. He is the previous Editor of SourceCon. Prior to joining the ERE Media team, he spent over a decade working as a recruiter, sourcer, and sourcing manager. This time was spent in diverse environments, including third party agency settings (retained and contingent), recruitment process outsourcing (RPO) providers, and internal corporate HR departments. His previous employers include the MHA Group, Ajilon Finance, Korn Ferry Futurestep, Raytheon Space and Airborne Systems, and Randstad Sourceright, US. He resides in Corinth, TX with his wife and 3 children.

Topics