What Is Ethical Hacking?

A very brief introduction

solution What Is Ethical Hacking?

As you may know, Fluid Attacks is a company that specializes in ethical hacking. We are a big red team, an offensive security team with the mission of detecting security vulnerabilities in IT systems. As we recently realized that we didn't have an informative, introductory blog post about what ethical hacking is, we decided to create it. This text is aimed mainly at those who're new to the subject and want to get an introduction. It is based on a recent workshop given by our Red Team Leader, Andres Roldan, to a group of journalists.

As Andres did, let's start by answering a couple of basic questions:

What is cybersecurity?

It is said that almost five billion people currently use the Internet, which corresponds to nearly 63% of the world's population. Moreover, around 92% of these users, at some point, virtually from anywhere, have access to the network through mobile devices. We are undoubtedly in a highly interconnected digital world where, as in the "tangible" reality, menaces exist from the outset. In the face of constant threats, cybersecurity has become necessary. Gartner, partially right, defines this term as "the combination of people, policies, processes and technologies employed by an enterprise to protect its cyber assets." (I said "partially" because it is also true that as an individual user, you can access cybersecurity). But what should cyber assets be protected against? —Cyberattacks.

What are cyberattacks?

These are assaults carried out by cybercriminals who attack one or more IT systems from one or more computers. Cyberattacks can disable victims' systems, steal their data or use them as launching points for other assaults. According to an IBM security report, the top cyberattack types (tactics) last year included the following: ransomware, unauthorized server access, business email compromise, data theft and credential harvesting. And among the most frequently used techniques to achieve these objectives were the following: phishing, vulnerability exploitation, stolen credentials, brute force and remote desktop.

What is hacking?

Cyberattacks can be seen as a part of hacking, which is the process of identifying security issues in systems to gain access to them. Many cybercriminals who execute the assaults are so-called malicious hackers, threat actors or black hat hackers. Among their primary motivations is the idea of obtaining some financial reward. They may also attack just to express their disagreement with the decisions of governments or companies. There are also attacks resulting from the mere desire of hackers to take risks and achieve recognition in certain groups of people. Sometimes, cybercriminals are even hired by dishonest firms to spoil projects and affect the reputation of their rivals. Something similar happens among governments (e.g., the Russia-Ukraine cyberwar). (If you want to know more about how hackers think, visit this blog post.) Regardless, in a universe where we can experience lots of counter-stimuli, it is to be expected that there are white hats if there are black hats. Namely, if there is malicious hacking, there is also ethical hacking.

Ethical hacking

Ethical hacking is perhaps the best way to respond to malicious hacking. To give a simple ethical hacking definition, this is when cyberattacks are conducted by white hat hackers in favor of organizations' cybersecurity. Systems are attacked to find out their vulnerabilities by copying threat actors' tactics, techniques and procedures. The big difference is that the attack is carried out with the system owner's consent, who will be responsible for remediating the reported security vulnerabilities.

Get started with Fluid Attacks' Ethical Hacking solution right now

In ethical hacking, experts must keep up to date on the existence and use of hacking tools, as well as on the attack trends used by adversaries. In their reports, ethical hackers provide information about identified vulnerabilities, including how critical they are. They do this by following public frameworks such as CVE and CVSS. They also provide evidence of the exploitation of vulnerabilities and which information assets can be compromised in an attack. Beyond finding known vulnerabilities, ethical hackers can also conduct research to discover and record zero-day vulnerabilities, i.e., previously unknown threats.

How does ethical hacking work?

For the ethical hacking process to happen, the systems' owner must previously define and approve an attack surface and a target of evaluation (i.e., part or all of the attack surface). The targets can be web or mobile apps, APIs and microservices, thick clients, cloud infrastructure, networks and hosts, IoT devices and operational technology. The commonly used ethical hacking methodology can be divided into reconnaissance, enumeration, analysis, exploitation and reporting phases.

  1. Passive reconnaissance phase: In this first phase, ethical hackers collect information from external sources without interacting directly with the target. They employ, for example, Open Source Intelligence (i.e., publicly available information) collection techniques. They can resort to common web search engines such as Google and Bing to discover relevant details about the target. Due to the characteristics of this phase, there is little chance of hackers being detected.

  2. Active reconnaissance phase: In this phase, the ethical hackers already have direct contact with the target. They identify sources of information and technology belonging to the organization that owns the system under evaluation. They interact with the organization's services, systems and even personnel to collect data and define attack vectors. The chances of hackers being discovered increase considerably if we compare this phase with the previous one.

  3. Enumeration phase: In this phase, ethical hackers set out to sketch the target's security state and prepare for the attack. They identify its strengths and weaknesses and begin envisioning the possible impacts that may result from the assault. According to the particular characteristics of the target, hackers prepare a special arsenal for it.

  4. Analysis phase: In this phase, ethical hackers are responsible for determining the exact impact of attacking each of the vulnerabilities they have identified. They evaluate each scenario and attack vector, as well as the difficulties of exploitation. They take into account the damage to the integrity, confidentiality and availability of the target in each case. In addition, the hackers examine the potential impact on systems close to the target.

  5. Exploitation phase: According to Roldan, it's this phase where ethical hacking differs from the operation of automated security testing tools. The tool is limited to identifying vulnerabilities, while the ethical hacker means to exploit them to reach high-value objectives within their target of evaluation. In this way, they can identify the real effects that a cybercriminal could achieve by exploiting these vulnerabilities.

  6. Reporting phase: After the exploitation is completed, ethical hackers have to present the findings to all stakeholders. One of the hackers' deliverables is an executive summary, thanks to which the managers of the organization that owns the target can easily understand the identified risks. From this report, they can manage processes for risk mitigation. Another deliverable is a technical summary so that developers or other professionals can understand each vulnerability in detail and proceed with remediation.

For whom is ethical hacking recommended?

Financial institutions are the ones that hire the services of ethical hacking companies the most, mainly due to regulations that require it. However, it's recommended that any organization with a presence on the Internet or developing digital products test the security of their systems with ethical hacking, meaning to prevent successful cyberattacks against them from happening.

Follow this link if you and your company are interested in knowing details about Fluid Attacks' Ethical Hacking solution. But if what you'd like is to wear a white hat and be an ethical hacker on our red team, follow this one. For more details on each case, don't hesitate to contact us.

Share

Subscribe to our blog

Sign up for Fluid Attacks’ weekly newsletter.

Recommended blog posts

You might be interested in the following related posts.

Photo by Pierre Bamin on Unsplash

Watch out for keylogging/keyloggers

Photo by Denis Tuksar on Unsplash

There's not an only way but here's a good one

Photo by Jelleke Vanooteghem on Unsplash

Benefits and risks of these increasingly used programs

Photo by Sven Mieke on Unsplash

A hacker's view of the performance of Researcher CNAs

Photo by Phil Hearing on Unsplash

Why so many are switching to Rust

Photo by Rohit Tandon on Unsplash

Description and critique of CEH certifications

Photo by Pramod Tiwari on Unsplash

An OffSec Experienced Pentester review

Photo by David Ramírez on Unsplash

Or what makes the ethical hacker

Start your 21-day free trial

Discover the benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial
Fluid Logo Footer

Hacking software for over 20 years

Fluid Attacks tests applications and other systems, covering all software development stages. Our team assists clients in quickly identifying and managing vulnerabilities to reduce the risk of incidents and deploy secure technology.

Copyright © 0 Fluid Attacks. We hack your software. All rights reserved.