To quote Sun Tzu's The Art of War, 'To know your enemy, you must become your enemy’. These words are particularly relevant to cybersecurity today. With the amount of data breaches and cyber threats only growing, predicting the next move of cyber-criminals has shifted from being a nice-to-have to a critical requirement.
Ethical hacking has become increasingly popular over the past decade and this has given organizations new insight into the tools and techniques attackers may use. So how does understanding the offensive side of the cyber playing field change how you perceive security?
Becoming Conscious of Your Data
Attempting to mimic the attacker’s techniques often brings with it a sober reflection of your own security. Suddenly the password that you thought was impenetrable seems mediocre, you rush to enable two-factor authentication on all accounts that permit it, and you’re checking your laptop’s network ports for signs of intrusion. Losing your data in a breach doesn’t seem as far-fetched as it once did.
According to a report by Digital Shadows, there are now more than 15 million stolen credentials from over 100,000 data breaches available to cyber-criminals. Attackers will crawl the breached records with an automated tool or use a web-based lookup tool such as Dehashed, giving them millions of credentials at their fingertips. It’s a good example of why we all have to be more conscious about the value of our data and the absolute requirement to protect it.
Good Security Starts with the Basics
There’s an abundance of cutting-edge security technologies designed to protect organizations, and yet every year more organizations are falling victim to cyber-attacks. However according to the Online Trust Alliance (OTA), 93% of breaches could have been prevented with the implementation of basic security measures. This won’t be news to any ethical hacker, as it’s often the basic security oversights that provide the low-hanging fruit and allow infiltration into an organization’s network.
Attackers aim for simplicity; they’re often looking for the weakest link in an organization’s security posture. Whether this be credential stuffing with breached credentials, or manipulating staff with social engineering attacks, attackers are looking for the easy wins. The risk of some of the most common attacks can often be significantly reduced by maintaining basic security hygiene.
An effective password policy, regular staff awareness training and a practical risk assessment goes a long way to maintaining a strong security posture at minimal cost. For many organizations, ensuring the effective implementation of security fundamentals will provide a greater level of protection when compared to expensive security solutions.
No Organization is Impenetrable
It's only until you begin ethical hacking that you start to understand that nothing is 100% secure, even with a large security budget. It’s the functionality that we give systems and applications that is both their greatest asset and their biggest weakness. As long as there is a human element to security, there will always be the risk of human error and with it, vulnerabilities to be exploited.
This brings about a realization that the constant battle against cybercrime will always be weighted in the attacker’s favor. Cyber-criminals only have to find and exploit one critical vulnerability in a system or application among the many assets administered by a target institution to cause some major damage. Unfortunately, as the functionality of systems and applications becomes increasingly rich, so too will the criminals capitalizing on their security oversights.
How to Get Started
With the explosion of content related to ethical hacking, there’s never been a better time to start learning the offensive side of security. Everyone has the potential to pick up these skills, no matter your background and technical knowledge. The most important qualities you’ll need are perseverance and a willingness to learn. Here’s a recommended list of resources to help you get started:
- Practical Ethical Hacking, The Complete Course: A great course for beginners by The Cyber Mentor himself, Heath Adams, which covers everything from the basics to more intermediate penetration testing techniques.
- PortSwigger’s Web Security Academy: A free web security learning platform from the creators of the Burp Suite web testing tool, that takes you through the A-Z of web testing.
- Penetration Testing with Kali Linux (PEN-200): A self-paced course offered by Offensive Security that provides access to a lab of vulnerable machines. Students who complete the course and pass the grueling 24-hour exam will achieve the coveted Offensive Security Certified Professional (OSCP).
- Virtual Hacking Labs: Another self-paced course that gives users access to training material and a range of vulnerable machines for beginners and those with intermediate experience.
- HackTheBox: An online platform for users of all experience levels to practice their ethical hacking skills against vulnerable machines. HackTheBox’s premium option provides their retired machines along with a range of tutorials to follow along with.
- HackerOne: A platform for discovering bug bounty programs. HackerOne also provides several resources to help users learn how to get started with bug bounties.
Jason is a Co-Founder and Penetration Tester at Predatech, he is a certified OSCP, CREST CRT and an IASME Governance Assessor. He lives in Staines-upon-Thames and has previously worked for financial firms including Royal Bank of Scotland and Rabobank.