The Five Phases of Ethical Hacking
Cyber security is no longer ‘just an IT issue’, it is a problem that is affecting the brand equity of an organization. In fact, entrepreneurs like Elon Musk, founder, and CEO of Tesla, are giving top priority to security.
Security breaches are real. It is a challenge that every organization is staring at today.
A recent survey by PriceWaterhouseCoopers, “The Global State of Information Security Survey 2018”, shows that business leaders are concerned about the security risks associated with emerging technologies such as automated or robotic systems.
39 percent of the 9,500 interviewed executives fear loss or compromise in sensitive data and over 32 percent believe that the quality of the product is susceptible to damage.
Initially, the hacker tries to gather information about the target. This information includes identifying the target, finding the IP address, network, DNS records, and so on.
This step involves capturing information from what has been identified during the identification process. Tools that the hacker may use during the scanning process may include
include dialers, port scanners, network mappers, sweepers, and vulnerability scanners.
Hackers are looking for information to help them attack, including computers, IP addresses, and user accounts.
Gaining Access Getting Access:
At this point the actual hacking is done. The vulnerabilities discovered during the detection and scanning phase are now being used to gain access.
The method of communication used by the hacker can be through a LAN or wireless LAN, local access to a computer,
over the Internet or offline.
For example, attacks like stack based buffer overflows, denial of service (DoS), and session hijacking are such. In the hacking world, access is known as system owner access.
In this case, we have the following:
Maintaining Access Maintaining Access:
Once a hacker has gained access, he must retain it for future attacks. Sometimes hackers secure their access to the system from other hackers or security personnel. They do this with backdoors, rootkits, and Trojans.
When the hacker becomes the owner of the system, it can use it as a base to launch subsequent attacks. In this case, this system is known as a zombie system.
Covering Tracks Traces Cleansing:
Once the hacker accesses the system, it must clear its traces to prevent security personnel from identifying, continuing to use the victim system, removing evidence from the hacking and preventing legal action. E
The deer try to remove all traces of the attack, such as log files or intrusion detection (IDS) messages.
Examples of activities at this stage include steganography, the use of tunneling protocols and modification of log files.
As more organizations move into the digital space, safeguarding data from hacking and cyber-attacks is more significant than ever before. Companies are now acknowledging the potential dangers of these attacks and thinking of preemptive solutions—one of them being ethical hacking.
What is Ethical Hacking and How Is It Different From Hacking?
In a webinar on five phases of ethical hacking hosted by Simplilearn, Kevin King, director of technical innovation at EC-Council, described how hackers exploit vulnerabilities and compromise security controls to gain unauthorized access to system resources in an organization. He showed attendees how hacking can modify system or application features contrary to the original purpose and can pilfer, corrupt and redistribute data leading to billions of dollars lost.
In contrast, ethical hacking involves using the same hacking tools and techniques to identify vulnerabilities in a system and address them before they can be exploited. According to King, to beat a hacker, you need to think like a hacker.
There are different types of hackers:
- Black Hat Hackers: Individuals with extraordinary computing skills who use these advanced skills with malicious intent.
- White Hat Hackers: Ethical hackers with advanced computing skills who use their skills for defensive purposes.
- Gray Hat Hackers: Advanced computer users who work both offensively and defensively and often are security consultants, or white hat hackers who moonlight as black hat hackers.
Why Organizations Recruit Ethical Hackers
According to King, on an average, organizations take 200 days to realize that hackers have created havoc in their system. Organizations are now hiring ethical hackers to curb security breaches.
Ethical hackers must uncover vulnerabilities in the systems and review the compliance of existing security practices to industry standards. Afterwards
, it is their responsibility to analyze and strengthen security policies, network infrastructure, and end-user practices to safeguard the organization from cyber threats.
Drawing parallels with self-defence classes, King says that ethical hacking is legal and helps defend and not attack the systems.
The Five Phases of Ethical Hacking
While the phases discussed in the webinar are from the perspective of a hacker, King explains that these are the same phases used by a white hat hacker to test an organization’s network. To put it simply, an attacker uses this approach to breach the network, while the ethical hacker uses it to protect it.
Reconnaissance: Reconnaissance, also known as the preparatory phase, is where the hacker gathers information about a target before launching an attack and is completed in phases prior to exploiting system vulnerabilities.
One of the first phases of Reconnaissance is dumpster diving. It is during this phase that the hacker finds valuable information such as old passwords,
names of important employees (such as the head of the network department) and performs an active reconnaissance to know how the organization functions.
As a next step, the hacker completes a process called footprinting to collect data on the security posture, reduces the focus area such as finding out specific IP addresses,
identifies vulnerabilities within the target system, and finally draws a network map to know exactly how the network infrastructure works to break into it easily.
Footprinting provides important information such as the domain name, TCP and UDP services, system names and passwords. There are also other ways to do footprinting,
including impersonating a website by mirroring it, using search engines to find information about the organization and even using information of current employees for impersonation.
Scanning: In this phase, the hacker identifies a quick way to gain access to the network and look for information. There are three methods of scanning: pre-attack, port scanning/sniffing and information extraction.
Each of these phases demonstrates a specific set of vulnerabilities which the hacker can utilize to exploit the system weaknesses. The pre-attack phase is where the hacker scans the network for specific information based on the information gathered during reconnaissance.
The port scanner or sniffing phase is where scanning includes the use of diallers, port scanners, vulnerability scanners and other data-gathering equipment.
The information extraction phase is where the attackers collect information about ports, live machines and OS details to launch an attack.
Gain Access: The hacker gains access to the system, applications, and network, and escalates their user privileges to control the systems connected to it.
Maintain Access: Here, the hacker secures access to the organization’s Rootkits and Trojans and uses it to launch additional attacks on the network.
Cover Tracks: Once the hacker gains access, they cover their tracks to escape the security personnel. They do this by clearing the cache and cookies, tampering the log files and closing all the open ports. This step is important because it clears the system information making hacking a great deal harder to track.
What is The Future of Ethical Hacking?
According to King, the idea of ethical hacking is still foreign to many audiences. However,
with the increase in cyber-attacks and security breaches,
people are slowly realizing that ethical hackers are the real protectors of the system.
Regarding the future challenges in hacking, King,
observes that AI hack attacks (Artificial Intelligence specially build to hack a system) will be the next potential danger.
Adding that, in such cases,
systems will have to defend themselves from AI hacks in the same manner as they do advanced hacks.
How Can You Become a Certified Ethical Hacker?
If you have a deep understanding of OSI model and are well versed with the three legs of hacking: computing, networking, and programming, consider a certification in ethical hacking.