> PENETRATION TESTING
The concept of cyber security is a complete foreign entity to many. Especially at a business level, its amazing how many businesses still do not have sufficient security solutions, on both their network and endpoints. Too often we hear from customers when it’s too late. Cyber security should not be a reaction, but rather a proaction to prevent any potential breach. A bit of investment beforehand, can save a lot of money in the long run, especially if you are holding any sensitive information on your network.
Also known as ethical hacking, penetration testing or ‘pen testing’ is the process of probing a network to discover vulnerabilities in network security or outdated software that a malicious party could exploit. Using a variety of specialised tools and techniques, the tester is able to examine the network from different positions of attack, in order to determine whether or not there is a reasonable level of security. The harder it is for somebody with malicious intent to penetrate your defences, the more likely they are to move on to the next target.
JARGON BUSTER! There are many terms and acronyms surrounding cyber security that can make the whole topic overwhelming. Below we’ve assembled a few of the most common terms, and explained them as simply as possible! Click on the terms to reveal the descriptions.
> PROFILES OF HACKER
> TYPES OF ATTACK
An ‘ethical hack.’ The tester has been given permission and only hacks for the purpose of good.
May hack for the purpose of good but without permission. Most commonly found hackers on the internet. Don’t tend to hack for personal gain, although may sometimes extort a business if a significant vulnerability is found.
Hacking for malicious purposes, also known as ‘crackers.’
Hacks motivated by social or political agendas.
Generally hackers are quite careful to cover their tracks to avoid being detected or traced. Suicide hackers do not care about this and only care about causing as much damage as possible before they are stopped, with no fear of the consequences.
No real knowledge of what they’re doing. Running already built malware and malicious scripts in order to hack, without the skills to develop their own exploits.
A piece of malware including a backdoor that allows the attacker remote access to the target machine, usually activated as an email attachment.
Code injection technique that allows attacker to edit entries in a SQL database to provide different outcomes, such as denial of service, or even altering the price of a product within an online store.
XSS (Cross site scripting) is a web application attack, that involves injecting client-side scripts into web pages, that then run on the machines visiting the website.
ARP (address resolution protocol) poisoning involves attackers sending lots of bogus ARP requests to networking equipment in order to trick it into thinking their device is the gateway for all traffic into and out of the network. This allows attackers to intercept all traffic in and out of the network, potentially “sniffing” out any unencrypted credentials.
Privilege escalation is an exploit whereby an attacker can gain higher level privileges on a system with a lower level user. This allows them to carry out potentially damaging actions that they wouldn’t normally have permissions to do.
The process of going through the waste of a company or individual in order to find personal/confidential information thats useful to the attacker
> PEN TEST CATEGORIES
> PEN TEST TEAMS
The tester has full knowledge of the network and access to all systems. More comprehensive, as it allows a 'behind the scenes' look that an outside attacker would not have access to.
The tester has 'some' knowledge of the network or application they're testing. Sometimes referred to as 'translucent' testing.
Most comparable to a real life hack, in that no details are revealed to the tester prior to beginning the test.
A red team is a group of white hat hackers that work to penetrate the target systems simulating an actual attack.
A blue team is an internal group of security professionals attempting to prevent the red team (or real life hackers) from penetrating the defences.
The purple team was born from trying to concile the red and blue teams. A purple team is a traditional red and blue team working closely together in order to maximise cyber defences via constant communication of potential issues.