Introduction Ethical Hacking

According to online estimates, the estimated worldwide cost of cybercrime could be as high as $10.5 trillion annually by 2025. Cybercriminals are constantly on the look out for security vulnerabilities and ways to compromise systems through illegal activities such as ransomware, phishing or various types of cyberattacks.

A security vulnerability is a flaw or weakness in a system that can be exploited by malicious actors to gain access to restricted resources. No system is ever fully secure or free of vulnerabilities. Based on their cause, we can identify five types of security vulnerabilities:

1. Misconfigurations consist of the incorrect manual configuration of security policies. They are the most commonly occurring vulnerability for cloud resources and APIs.
2. Outdated software does not have security patches from software vendors applied to it. The system owners might be slow to apply these updates, exposing themselves to exploitation risk.
3. Zero-day vulnerabilities are flaws discovered by malicious actions but have not been fixed by the software vendor yet. Preventing and detecting these kinds of attacks requires a coordinated effort between the organisation and the vendor.
4. Compromised user credentials can be used to gain unauthorised access to the system, while appearing as a valid user. Brute force attacks can be used to break weak credentials or they can also be stolen through a previous data breach.
5. Network vulnerabilities are caused by exposing either the network's hardware or software through insecure access points or firewalls.

All of the security vulnerabilities presented have a human element to them. The process of securing software involves a constant effort of change control and security review. The table below presents examples of each type of security vulnerability:

Ethical hacking is the practice of testing a system, network or service to find security vulnerabilities. Ethical hackers use the same tools and techniques as malicious hackers, but they undertake this work to support the system owners in securing their system before malicious actors exploit these vulnerabilities.

While they have significant engineering knowledge and skills, ethical hackers operate under a different mindset from engineers. They analyse all possible uses of a resource or library, attempting to uncover errors.

As production systems change and evolve, new vulnerabilities can be introduced by either the system or its third-party dependencies. In effect, this means that no system is fully secured and the work of ethical hackers never stops. They keep up to date with new vulnerabilities discovered in third party tools, assessing their effect on the system they are responsible for and coordinating an action plan to minimise their effect.

The tools and techniques required to detect and fix system vulnerabilities vary according to the system under test. They are typically responsible for the following activities:

1. Perimeter scanning: also known as external vulnerability scanning, this involves scoping the system's external network to detect if it can be accessible by malicious actors. This involves the analysis of firewalls, gateways and network infrastructure.
2. Penetration testing: usually performed before a service or system is live, pentesting is a targeted attack to find exploitable vulnerabilities. The scope of pentesting is very narrow, while the scope of perimeter testing is much wider.
3. Red teaming: the ethical hackers launch a full scale cyber attack against the system in order to check how they would respond in the case of a genuine cyber attack. They use all the techniques a real malicious actor would use, including phishing or social engineering of staff.
4. Training: ethical hackers are also in charge of educating engineers on good security practices, pushing security best practices into the development process and enable them to take ownership of the security of their services.

Red teaming is the most comprehensive hacking technique, as it tests the system as a whole, including the people using it. The table below presents a comparison of the purpose and focus of each technique:

Ethical hacking is an important part of keeping systems secure, as they help us identify and fix vulnerabilities before malicious actors can exploit them.

We have an amazing team of ethical hackers at Form3 to keep our systems, which have access to sensitive financial data, safe.

Further resources

1. If you're interested in learning more about hacking, HackTheBox is a great way to upskill.
2. You can hear more about ethical hacking on our podcast.
3. We have also published interesting articles which demonstrate hacking techniques on our blog: Phishing with GitHub, Adventures into Electron code injection on MacOS, Exploiting Distroless Images, DYLIB Injection in Golang apps on Apple silicon chips