Ethical Hacking & Hackers

Ethical Hacking & Hackers


Every 39 seconds, there's a cyber-attack? Today's cyber-attacks are complex and result in significant breaches that are increasing in number and severity. Ethical hacking is a powerful element of a comprehensive security plan.

In my blog we will understand ethical hacking and whilst doing so we'll compare the differences between white, gray, and black hat hackers, recognize information security overview, scrutinize top attack vectors and compare types of cyber-attack.


- What is ethical hacking?

Ethical hacking enables an organization to fine tune their security posture, educate their staff, and implement security practices that protect critical systems, and sensitive data.
Ethical hacking requires advanced security knowledge of security weaknesses, vulnerabilities, and remediation options.
An ethical hackers job is to identify vulnerabilities. Ethical hacking can be done either in house by a trained IT professional, or outsourced. As outsourcing may be expensive, a company may choose to do an ethical hacking assessment in house. If done in house, it is imperative to select an appropriate candidate, although someone might self-identify as a potential White Hat hacker, take care in making your selection.
Recommendations include selecting someone who understands the skills required. Ethical hackers uncover vulnerable entry points before attackers have a chance to exploit them. They have patience and persistence.
Not only do ethical hackers need to find the vulnerabilities, they must suggest, and or implement methods to reduce the threat. An ongoing training is essential. They respect the code of good conduct. The term ethical implies that the candidate understands what is right, and what is wrong. The candidate understands checking, and reporting are to happen only to team members, and management. Reporting such scenarios to a group of friends would possibly compromise the security of the organization. And the candidate is a professional team member, in that the ethical hacker is proficient, and communicating any discoveries, and will work with all team members to ensure a comprehensive approach that supports the overall security plan. Ethical hacking continues to evolve, and is gaining attention as an essential security practice that every organization should perform on a regular basis.


- What is ethical hacker?

The word hacker was first used at MIT in 1960. During that time, a group of computer science students were working on artificial intelligence. Most likely these talented young individuals would hack at a problem until they had a solution. The term hacker was not associated with any malice. However, as time has passed, when someone refers to a hacker, it often has a negative connotation, and many think of a hacker as someone who is trying to break into a system to steal information, or release malware.

There's a subculture of hacking groups. All have different attitudes and goals. Many times someone will group all hackers under the term hacker, but there is a difference. The three main types of hackers are the Black Hat, the Gray Hat, and the White Hat hacker.

1. Black Hat hackers are considered to be the bad guys. A Black Hat may also be referred to as a cracker, as they may try to crack the code, or crack a password. A Black Hat has an objective to cause harm by engaging in criminal activity. Many times they're backed by organized crime, or even a nation state. The Black Hat operates on the dark side of the Internet, damaging organizations, spreading unsavory content, and threatening governments with cyber terrorism, and can cripple a victim's financial wellbeing.
2. White Hat hackers are considered to be the good guys as they are ethical hackers. The White Hat hacker has the support of government, and industry, and are computer experts. Many times they are contract employees hired by security companies, and are trained to test systems, and attempt to break into them, but they can also be an internal team conducting regular penetration testing as part of an overall security plan. Ethical hackers diligently look for any system vulnerabilities in the computer's defense system, which once identified is reported so they can mitigate the vulnerabilities, either by the White Hat hacker team, or the appropriate it personnel, with the idea of improving the company's defense posture.
3. A Gray Hat hacker sits between the good guys, and the bad guys, and that they may try to gain access to a system without permission, but in general, without malice, it's many times they want to see if they can access the system. A Gray Hat hacker will many times notify an organization in some manner that their system was vulnerable. Black Hat hackers have a large arsenal of software tools, malware, and social engineering techniques used to breach a system. Anyone, either internally, or externally with proper motivation, and the right situation has the potential to become a hacker. And that's the idea of the White Hat, or ethical hacking comes into play.


- Information security overview:

When the incident response team sends an alert that your proactive threat detection system has identified and quarantined malware, you investigate and mitigate the threat. However today's threats may have slipped by your systems and found a home on your network. The fact is, it's a challenge to face the daily onset of threats to our infrastructure. Threats can come in many form, malware, phishing, man in the middle attacks, denial of service, cross-site scripting, or SQL injection. The reality is, in 2015, cybercrime worldwide cost $400 billion. However, there is a prediction that by 2022, cybercrime will cost over $8 trillion. Network administrators place security as a top priority. An organization must incorporate safeguards into the security compliance plan to defend against attacks. Safeguards include administrative, physical, and technical controls. Everyone plays a role in keeping an organization's information and systems safe and secure. An attack occurs when someone tries to break into a secured system to steal or modify information or to introduce malicious code. An attack can be against any of the security services, confidentiality, integrity, availability, or authentication.
The two main types of attacks in a computer system are passive, such as sniffing traffic or scanning for open ports or weaknesses in a system. Active attacks include releasing malware or creating a distributed denial of service. The security analyst is responsible for providing services to ensure the confidentiality, integrity, and availability of an organization's assets. It's become a challenge, as today's attacks are more aggressive and can cause a great deal of damage. There are standards and regulations, and there are also guidelines / framework that help security professionals effectively manage and protect their information and infrastructure. Companies are hypervigilant and recognize the importance of human expertise in a complex security environment. As a result, an organization must continually assess the security methods that are in place in order to defend against ongoing threats. Ethical hacking is an important element of a comprehensive security plan, as it provides a method to test a computer system or network with the purpose of identifying and addressing vulnerabilities.


- Navigating attack vectors

An attack vector is the method by which someone gains unlawful entry into a system, and can include email, webpages, mobiles, and the user. The goal is to deliver malicious payload or other malicious acts by taking advantage of system vulnerabilities, or known weak spots in order to gain entry. Old school viruses have been declining. However, serious malware makers have progressed to more aggressive attacks, using trojan horses, rootkits and spyware.
Most methods involve programming, yet some involve social engineering. Malicious email attachments are making a comeback as a popular attack vector. Email and email attachments are one of the original methods to send malware, spam, and bogus links, and continue to improve in sophistication. Email attachments are handy and used by just about everyone. When antivirus scans are tuned to scan for viruses and attachments, modern-day malware is polymorphic in nature, and can change to elude detection. To minimize this attack vector, keep antivirus updated, and educate users to use caution when opening attachments.
Webpages and pop-ups take advantage of the ability browsers have to access various programming languages. When clicked, the malware can install spyware, adware, hijackers, dialers, trojans, or even other malware. The best practice is to stay away from risky websites.
Instant messaging, Internet Relay Chat (IRC), and peer-to-peer file-sharing programs many times start with the user having to install custom software to enable the service to work. Unfortunately, this makes your machine vulnerable to an attack, as when the install takes place, the user generally agrees to the end user license agreement, which may include wording that allows additional functions or ad-ons, such as an app that allows Bitcoin mining on your machine. Avoid these services. But if they must be used, read the end-user license agreement, and make sure malware protection is used with egress filtering to block communication with malicious websites.
Wireless networks are pervasive in today's world, and provides an attractive attack vector. The Institute of Electrical and Electronics Engineers (IEEE 802.11) Local Area Network (LAN) standard or Wi-Fi is characteristically insecure, and will continue to be more vulnerable to attack than a wired network. Protect against attacks by minimizing the vulnerabilities by taking advantage of the secure methods that are available.
A recent attack vector includes the automobile, most modern vehicles can be hacked. Research is revealing how fragile modern vehicle's computer systems can be, as accessing a car's internal network can infiltrate computer control systems, including the brakes, and the engine. Car manufacturers and anti-malware companies are looking into those vulnerabilities to prevent a hacker from taking control of a number of functions, such as brakes, display, radio and windshield wipers. Watch and respond to manufacturers recall notifications. In addition, because many attacks are done through remote connections, be cautious and avoid connecting to rogue wireless networks, which could allow an attacker to steal credentials for remote mobile apps.
The reality is approximately one in four of all internet users are affected by some form of cybercrime. That includes online scams, malware and phishing attacks, credit card fraud, compromised social engineering profiles, sexual predators and child exploitation. Although humans can be our weakest link, steps can be taken to avoid falling prey to cybercrime, and protect your data online and offline.

a. Change your password often, and don't use the same password for all sites.
b. Don't friend strangers.
c. Don't click on suspicious links.
d. And use caution when using public Wi-Fi networks.


- Comparing attack types

Information security is founded on an overall organizational strategy based on risk analysis. The goal is to create, implement, monitor, assess, maintain and continuously improve the security poster. Awareness of the various attacks is an important first step in this process. Different types of attacks can threaten an organization, such as physical, social engineering, brute force and others.
An attack can result in theft of information, exposure to sensitive information and consequences can range from loss of productivity, damage to the business reputation, and possible legal implications. Physical security is often overlooked in an organization, however, any object can be stolen, damaged, or destroyed by an unauthorized individual. Many attacks are linked to social engineering. Best practices for physical computer security involve securing access to buildings and rooms, such as the server room, by using locks or access cards and possibly used surveillance, disabled external access such as USB posts, audit services, users and administrators to verify compliance with security policies and secure any backup media. Social engineering is a con game relying on influence, social skills, and human interaction to obtain information about an organization or computer systems.
Gaining access to a user account's password and you will have the same rights as the user.
1. A brute force attack will try all possible combination of characters such as password guessing.
2. A dictionary attack is a subset of a brute force attack and this uses a list of common passwords, most likely using automated software.
3. Not all attacks are active. Active attacks are designed to interrupt service, destroy data or steal information.
4. A reconnaissance attack is a passive attack and this includes things such as scanning or sniffing which is done because of a need to discover information about a network.
5. A denial of service attack is designed to disrupt a service with so many requests, legitimate users are locked out. An example is a SIP flood. Session Initiation Protocol is used to set up, maintain and end user session for communication protocols such as Voiceover IP or instant messaging. With a SIP flood, the clients are flooded with multiple invite messages to take down the phone.
6. Malware is a term used to refer to a variety of forms of malicious software, including viruses, worms, trojan horses, ransomware and spyware. Malware can be in the form of scripts, executables, or active content from the web, such as animated gifs, embedded objects or ActiveX applications. It also can include hybrids, polymorphic and fileless malware that lives in a system's memory and uses system admin tools to execute and propagate. Although there are different types of malware, two of the main types of malware include viruses and worms.
- a. A virus can self-replicate and spread to other programs within a system. The results can be as simple as a screen turning upside down or have more serious effects such as disabling antivirus or even destroying files.
- b. A worm is like a virus, however, it can spread without any help from a transport agent such as an email attachment and it can replicate through a system consuming resources such as memory and processing.


So as you can see, there are many different types of attacks that include physical and brute force attacks, social engineering, malware, reconnaissance, and denial of service.

It is paramount to be vigilant and protect your organisations digital data.


About the Author
Mr. Merzyan Bhamgara

Head of Cybersecurity