Skip to main Content
Artikel

Ethical Hacking: A Good Defense Starts with Offensive Security

Global Knowledge
  • Dato: 08 October, 2019

The cynic would say there are two types of motorcycle riders: those that have dropped their bike and those that will. In a similar vein, there are two types of networks: those that have been hacked and those that will be.

To defend against hacks, cyber professionals can benefit greatly from ethical hacking programs. Courses such as Certified Ethical Hacker v10 teach the learner how to think and act like an intruder in an attempt to understand the process of a cyberattack.

Don’t succumb to “data breach fatigue”

In medical practices—and especially Intensive Care Units—patients in distress may not get the treatment they need because caregivers are inundated with electronic notifications. There are just too many alarms that can distract staff. “Alarm fatigue” desensitizes caregivers who struggle to process the number of diagnostic tools designed to get the practitioner’s attention.

We, as a community, regularly hear about data breaches that affect hundreds of millions of victims—or more. Whether it’s Equifax, Marriott, Twitter, Yahoo, Uber, MyFitnessPal.com, T-Mobile, Cathay Pacific or British Airlines, we have perhaps become desensitized to massive data breaches. But defenders and security professionals can’t afford to succumb to “data breach fatigue.” One “oh crap” moment wipes out all the “atta boys” that preceded it.

Whether we are defending against competitors, nation-states, rivals, cybercriminals, or just joy-riders, we need to know how adversaries think and operate. Attackers have a huge range of motives from fun-and-profit, to transnational espionage, to political and philosophical motivation, to just being “nasty.” Quoting Sun Tzu, the late sixth century BC general:

“Hence the saying: If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”

Knowing the enemy has its benefits. Enter the world of ethical hacking.

From countermeasures to offensive security

The late comedian George Carlin regularly made fun of oxymorons. (“The term Jumbo Shrimp has always amazed me. What is a Jumbo Shrimp? I mean, it's like Military Intelligence—the words don't go together, man.”)

Some view ethical hacking as an oxymoron. As you please. Feel free to pick another euphemism: penetration testing, tiger (or red) teaming, etc. Whatever you call it, it’s important.

Cybersecurity author Bruce Schneier says good engineering is about making things work. Good cybersecurity is worrying about how they break. And thinking isn’t natural to most of us.

Hacking isn’t all bad. Writing an elegant and efficient piece of code is a good hack. Preventing a data breach by finding a vulnerability before attackers exploit it is great. Whether the hack is a taxi driver or a writer, having a good one at your disposal makes life much more pleasant. I’m a hacker and I’m proud.

Three phases of hacking

We can think of the process of hacking in three phases:

  1. Reconnaissance
  2. Penetration
  3. Exfiltration

Reconnaissance uses internet resources and publicly available information. These include using search engines, web sites, domain and internet information, and a healthy dose of social engineering. Called footprinting or open-source intelligence (OSINT), the goal is to build a view of the target organization and its staff.

Next, we scan the networks for interesting systems, their applications, operating systems and platforms, and their vulnerabilities. This helps build a portfolio of the environment. We document and catalogue the systems and their vulnerabilities. Lastly, we enumerate the systems to catalog user names, services and as much about the systems’ security as we can.

The more thorough the understanding of the victim environment, the easier the next step becomes.

System and network hacking allow us to penetrate the network. Often, the easiest way is to exploit weak passwords from naïve users or break in using similar techniques. Good cybersecurity practice says that people should use a regular (non-administrative) account. This requires one to escalate their privilege on the systems and the network.

Privilege escalation is necessary because most hacker software will require installation—something only done by an administrator. This may be remote access often called a Trojan.

Finally, hackers deploy anti-forensic techniques such as log manipulation. The hacker may also deploy cloaking software called “rootkits” to hide their presence and files they may be using. Using encrypted files and network communications also serve to obfuscate the attacker. Another frequent anti-forensic technique, “steganography,” involves using a visible or audible carrier so the attacker can embed the payload and it remains hidden in plain sight.

These anti-forensic tools and techniques serve two purposes: First, to evade detection during the crime, and secondly, to make it difficult to carry out post-incident analysis.

Security systems, such as intrusion detection systems (IDS) and network firewalls, are designed to limit the flow of information and block inbound and outbound access. Bypassing these systems allows easier infiltration and exfiltration.

Get trained to think like a hacker

After the fundamentals, Certified Ethical Hacking (CEH) adds other tools to the hacker toolbelt:

  • Network eavesdropping (sniffing) and session hijack
  • Web and database hacking
  • Malware and denial of service—all safely done in the lab environment
  • Evasion and bypassing defensive mechanisms

The Certified Ethical Hacker program has matured over nearly 20 years. Versions 1 to 3 were “Kinko’s Specials”—three-holed paper in a white binder. Version 4 introduced perfect-bound books and that continues today. Beginning with version 7 through today’s v10, the courseware simply contains the slides. There are also downloadable versions that include text should students choose to read the course authors’ words. Labs have also migrated from custom in-classroom environments to cloud-based. This allows 24-hour access and the students can use the lab platform for up to six months after the class.

The certification exam has also morphed from a single test to add the CEH Practical exam. Achieving both earns you the title of EH Master.

But remember, the emphasis is on the “ethical” part of hacking. Only use this for good and not for evil. Beware the dark side of the hacker force!

Related training

CEH - Certified Ethical Hacker v10

Related resources

Certified Ethical Hacker Certification

Se relaterede produkter:
Se relaterede emner:

Relaterede artikler
28 jul 2021 Artikel

Two new studies have highlighted the inexorable rise of the cloud, with spending on cloud infrastructure and associated activities expected to rise si...Læs mere

05 jan 2021 Artikel

To help organizations reduce their security vulnerabilities and reduce the chances of human error here are 10 weak points of administrative security t...Læs mere

01 dec 2021 Artikel

Do You Need a VPN or a Firewall or Both? This cybersecurity article answers these questions.

"Vi går op i dit privatliv"

Vi bruger cookies for at give dig den bedste oplevelse på vores hjemmeside. Cookies er filer gemt i din browser og anvendes af de fleste hjemmesider for at personalisere din weboplevelse. Ved at fortsætte med at bruge vores hjemmeside uden at ændre indstillingerne, accepterer du vores brug af cookies.

Brug kun afsnit og links i dette rich text-felt. Et link til side med cookie info

Om din privatliv

Vi behandler dine data til formål såsom at levere indhold eller annoncer og måle leveringen af sådant indhold eller annoncer for at udtrække indsigter om vores hjemmeside. Vi kan dele disse oplysninger med vores partnere. Cookies sat af Global Knowledge er mærket som "førstepart"; du kan udøve dine præferencer i forhold til førstepartscookies ved at skifte knappen for hver førstepartscookiekategori nedenfor. De resterende cookies er tredjepartscookies; du kan udøve dine præferencer i forhold til hvert formål ved at skifte den relevante knap nedenfor eller efter leverandør ved at klikke på "Liste over IAB-leverandører". Disse valg vil blive signaleret globalt til andre hjemmesider, der deltager i Transparency and Consent Framework.
Privatlivspolitik

"Nødvendige cookies"

Disse er cookies, der er nødvendige for Global Knowledge-webstedet at fungere, og de kan ikke slukkes i vores systemer. De inkluderer f.eks. cookies, der gør det muligt for dig at bruge en indkøbskurv eller logge ind på bookingområdet på vores websted.

Analyse Cookies

Analyse-cookies er en valgfri, men vigtig del af vores websites funktionalitet. De hjælper os med at forstå, hvordan du interagerer med vores site ved at indsamle og rapportere information anonymt. De data, der indsamles af analyse-cookies, bruges til at forbedre websitets ydeevne og forbedre brugeroplevelsen. Det er vigtigt at bemærke, at disse cookies ikke indsamler nogen personlige oplysninger, der kan bruges til at identificere dig.

Præferencer Cookies

De foretrukne cookies bruges til at spore besøgende på tværs af hjemmesider med intentionen om at vise annoncer, der er relevante og engagerende for dine interesser.

Præstationscookies

Disse cookies tillader os at genkende og tælle antallet af besøgende på vores hjemmeside, trafikkilder og se, hvordan hjemmesidebesøgende bevæger sig rundt på hjemmesiden, når de bruger den. Dette hjælper os med at forbedre måden, hvorpå hjemmesiden fungerer, og forbedre din hjemmesideoplevelse. Alle oplysninger, disse cookies indsamler, er aggregerede og derfor anonyme.

Cookie Control toggle icon