Different types of threats and ethical hackers

There are many different types of threats that can compromise information security.

Focusing on cyberattacks, we can separate them into three main categories:

• Technical attacks – usually take advantage of vulnerabilities, such as bugs in software or misconfiguration of the services
• Social engineering – this targets what we might call ‘the weakest link’ in an organisation’s security – its employees
• Insider threats – these will usually involve the misuse of trust relations within the organisation

We’ll be covering each of these attacks in more detail throughout this Ethical Hacking program.

Ethical hackers

As the title implies, the main expectations for ethical hackers are that they will behave ethically and comply with the relevant laws and regulations. That’s the main difference between the ‘good’ and the ‘bad’ guys. As for just about everything else, they’re using the same tools, techniques and processes.

It’s vitally important that the ethical hacker is authorised to attack their targets before they take any action and that they stay within the scope of the assignment at all times. An ethical hacker would act in the best interest of the client organisation and treat all information uncovered during the test as confidential.

How ethical hacking works

Before the penetration testing begins, the ethical hackers will agree on a formal contract with the client organisation. As part of that, they will specify the rules of engagement covering the scope (targets such as servers, networks, employees, etc), dates, times and so on.

There are also two types of penetration tests often referred to as ‘white-box’ and ‘black-box’. The difference is in how much information and access is provided to the ethical hackers before the test.

White-box penetration test

In the case of a ‘white-box’ penetration test, hackers may have access to things like network diagrams, Wi-Fi passwords, source code and even some internal accounts.

The advantage of this is that the ethical hackers will have a much better view of the system and will potentially find more vulnerabilities. It will also take less time and be cheaper.

Black-box penetration test

On the other hand, a ‘black-box’ pentest will not provide much information to the testers, apart from defining the targets in scope. The testers will have to find all the information and gain access themselves.

The advantage of this approach is that the hackers are simulating a real attack much more closely – a malicious hacker would typically work based on the information they gathered during the first part of their attack (known as reconnaissance).

Do you have what it takes?

The skillset required for ethical hacking is significant. Thinking about the technical skills alone, you will need to cover virtually the full span of digital technologies, as you never know what technology your clients will use.

This is one of the main reasons that ethical hacking is a team job, with different members of the team specialising in different technologies and tools.

So, in a team you might have people specialising in hardware and networking, others specialising in Windows and active domains, others in web applications, social engineering, and so on.

In any case, all of the team members need to possess good ‘soft’ skills, such as teamwork, coordination, cooperation, problem management and report writing.