Luckily for the city dwellers, the hacking was foiled because the sluice gate happened to be offline for maintenance during the hack. But how could the hackers get such detailed information from Google? This method is called ‘Google Dorking’ Though it may sound childish but this is a pretty serious tool in wrong hands.
What is Google Dorking?
Google Dorking is the practice of using advanced search techniques – more specifically, specialized search parameters – to locate hard-to-find web pages and information. While the search parameters can be used for good by making a concerted search using various parameters. Google Dorking has a dark side – so dark, federal authorities are warning website owners of its dangerous nature. According to a report on Ars Technica, the Department of Homeland Security issued an alert to law enforcement and public safety agencies that Google Dorking could help and abet hackers. The feds cited two examples, on from 2011 and one from 2013, where the hackers used Google Dorking to locate vulnerable website files and proprietary information. It also recommended website owners take advantage of The Diggity Project, a free online tool that lets users automate Google Dork queries to identify online vulnerabilities. For instance, Google offers a feature called “site,” that lets you search a single website for a keyword or photos. Google also has special search commands called “filetype” and “datarange.” In the case of the New York dam, the hacker used Google from the other side of the world to find US infrastructure sites that had vulnerable hardware systems attached to the internet, reports the Wall Street Journal. There are websites dedicated to Dorking like The Diggity Project and the Google Hacking Database. These projects keep lists of pre-made dorking queries that companies can run on their own websites to see what turns up.