Hacking, in most minds, is an illegal or unauthorized intrusion into a computer, system, or network; this action is often performed in the goal of obtaining sensitive information, stealing funds, or merely inflicting damage. However, hacking can be used in other ways as well, deterring unauthorized hackers while operating on the right side of the law.
Ethical hacking, often called penetration testing, is the action of attempting to penetrate or intrude into a system, network, or piece of hardware, with proper authorization. Why would an individual or business wish to pay to have someone hack their systems? The answer is simple; you must fight fire with fire.
How It Works
Utilizing many of the same methods illicit hackers use, ethical (also known as white hat) hackers will run vulnerabilities scanners, take advantage of weak passwords, perform spoofing and phishing attacks, rootkits, trojan horses, key loggers, and even viruses, all in the hopes of finding gaps within a client’s security. Apart from digital attacks, ethical hackers will also engage in social engineering concepts like dumpster diving (looking for sensitive information in the trash), pretexting (creating a fabricated scenario to gain access, such as posing as a mailman to gain entry to the building), baiting (leaving infected USB drives around the building), and tailgating/piggybacking (gaining access to the building by following an employee closely or persuading them to open the door for you).
Large organizations often employ ethical hackers to ensure that their systems are always tested prior to launching a new product and to maintain the day-to-day security of the entire company. Ethical hackers, armed with a Certified Ethical Hacker (CEH) certification, can earn quite the salary keeping a company one step ahead of the bad guys; ethical hackers earn a median income of around $84K (Payscale, 2019).
The 7 Steps of Penetration Testing
So, what would a penetration test look like? Let me give you a brief example. Say a large company is opening a new location, and before it goes live, the security must be thoroughly checked for weak points and hidden gaps in the network. In my opinion, there are seven steps of penetration testing: Planning & Preparation, Reconnaissance, Discovery, Analyzing Information & Risks, Active Intrusion Attempts, Final Analysis, and Report Preparation.
In the Planning & Preparation stage, the objectives and tasks of the penetration testing should be clearly identified by both the client and the tester.
Now, proper Reconnaissance should be performed, building a detailed and thorough list of all systems, networks, addresses, and plans; while this step can be aided by the client (such as handing the tester the list of everything that needs to be covered), this phase is a penetration test in itself; a non-ethical hacker should not be able to obtain a complete list of everything technical that the company uses and manages.
Next, the tester will use automated tools to scan the client’s assets in the Discovery stage; these scans can include network discovery (locating additional servers, systems, and devices), host discovery (finds any open ports), and service interrogation (interrogates ports to determine what services are running on them).
During the Analyzing Information and Risks stage, the tester will determine how to use the information that has been gathered so far for the actual penetration testing. Due to the potentially expansive networks and resources of many companies, as well as the risks involved to the system, penetration testing needs to be carefully regulated to ensure that the tester’s actions don’t do more harm than good.
Now, the stage where the magic happens is finally here. During Active Intrusion Attempts, the weak and ineffective security measures you previously identified should be assessed to determine the actual risks. By carefully penetrating both the internal and external physical protections of the building, as well as the security software, email services, routers, etc., you can locate the methods of which an unauthorized hacker could gain access or damage the client’s networks or systems.
For the Final Analysis, the findings from all previous steps need to be compiled and researched, and the plan for closing the security gaps that have been identified needs to be provided.
Finally, during the Report Preparation stage, all of the information that the tester has accumulated during the testing process should be built into an easy-to-read report, detailing the vulnerabilities of the client’s systems and networks, as well as the steps on how to fix them. Additionally, the tester should include the costs of the project, the complexity and chances of an attack for each vulnerability found, and suggestions for security advancements into the future.
Payscale. (2019). “Average Ethical Hacker Salary”. Retrieved from https://www.payscale.com/research/US/Job=Ethical_Hacker/Salary.