You've been hacked and you just don't know it yet. One of the biggest unknown admins have is whether they've already been breached regardless of the security controls in place. This also applies to personal life.
So how can you identify systems that have been compromised? Detect and Alert using Canary Tokens from the company Thinkst.
Think of a Canary Token as a land mine or a booby trap, when it gets tripped it sends an alert to you that the token has been initiated. Not only that but you can also set the information it gathers from the other end such as DNS information, user agent...
I put these things everywhere with fake juicy information in my email, files, directories... In some instances, i place connection parameters to my Honeypots in a file and have time to make popcorn before they attempt connection.
If you want to know if your BF/GF are snooping on your computer in your absence then you can create a fake conversation in a file on the desktop which has a Canary Token attached to it.
Found hidden or extra directories in your vulnerability scan? Leave them and place juicy token in there so that when they get read, you know someone is doing something they should not.
You get the idea. :)
So how do create them? You can either use an online service or build your own server. Below is the information for both:
Online service, You can generate your various tokens here https://canarytokens.org/generate
Or
Make your server (Docker Install):
-Get yourself a free AWS instance.
-You'll also need a mailer service or mail server but do not recommend using the internal corporate one unless you stay within your private network perimeter.
-Follow the simple instructions found at the link for the installation
https://github.com/thinkst/canarytokens-docker
I am not affiliated with Thinkst or am being compensated by Thinkst for writing this article. Using both online and a private internal installation, I just love how helpful this can be and how easy it is to generate tokens. Just awesome.
Please make sure that you read and follow their licensing guidelines and it is important to note that you cannot sell this potential clients as you do not own the code. Contact Thinkst directly for any arrangement.