Being a CEH: What is an Ethical Hacker?
Recently; Insinia has appeared on a number of news and media outlets, including LBC and BBC News. One question we always get asked is "What is an "ethical hacker"?" Quite simply; an ethical hacker (CEH, white hat, security specialist etc) is someone who posesses the same skills as a nefarious hacker, but with an interest in securing data and enhancing security, not exploiting it.
Similar skills are utilized by locksmiths. They have the required skills to crack safes, but they don't go robbing banks. This is down to their motives, ethics and morality.
What is a "Hacker"? The term “hacker” generally refers to any person who enjoys understanding, modifying, and exploring programmable systems, particularly computers and computer systems. “Hacker” has been used to describe individuals who bypass security measures for malicious purposes or criminal activity; however, most people within the hacker community refer to these individuals as “crackers.” There is an elaborated version of this description on the PCTools website HERE.
Types of Hackers: The term "hacker" has been loosely thrown around over the last 15 years, and people automatically associate "hacker" with "criminal". This is often far from the truth, and there's many different types of hackers. Some of the below are more common that others, but these are definitions as taught on the EC-Council Certified Ethical Hacker course. 1. Black Hats Black Hats are also known as "Crackers", amongst other terms, and are often highly skilled hackers with extraordinary skills. These hackers generally resort to malicious or destructive activity, usually for some kind of profit or monetary gain. 2. White Hats Similar to Black Hats, but with the opposite intention. Without repeating the above; a White Hat is also commonly known as a Cyber Security Specialist, professing hacking skills and utilizing them for defensive purposes.
3. Grey Hats These hackers work in a "grey" area (hence the name!) between white and black. Grey Hats will sometimes be professional PenTesters or analysts who are strongly against animal cruelty, religious motives etc. White Hat by day, Black Hat by night, or somewhere in between. 4. Cyber Terrorists Cyber Terrorists use a range of methods to destory infrastructure, recruit actors, cause chaos or maliciously hack targets, usually private individuals, governments, military or large corporations. 5. Espionage / State Sponsored Attacks These attacks often come from large countries, or countries with a relatively up-to-speed cyber warfare team. China, Russia, America, the UK, Israel, Germany and many others are known to employ cyber espionage and disruption techniques.
6. Hacktivists Hacktivists are hackers (at a range of levels) who engage in activism roles to do what they believe is the "right thing". Hacktivist attacks have included some pretty complex and advanced skills and are not to be taken lightly. Some of the world's best hackers work as hacktivists. The Ashley Madison hack was a prime example, and targets range from Political Parties to Fracking Companies!
7. Script Kiddies Script Kiddies are often relatively unskilled hackers who compromise systems by running scripts, tools and software that is pre-written by more highly skilled hackers. Using the skills of script kiddies is a highly effective way for online organisations to amplify their attacks without having to train every actor to a high level. 8. Suicide Hackers Hackers who are willing to "fight the cause" and often aim to bring down critical infrastructure or expose confidential information without the fear of being caught. This type of hacker isn't seen often and usually comes under the hacktivist category.
What do we do as Certfied Ethical Hackers?
As Certified Ethical Hackers, we utilise the same skills and attack targets in the same way as a nefarious hacker, but we work within the "scope" of a Penetration Test to ensure that no persons personal or private data is actually breached. Insinia will be approached by a company or client who wishes to test their infrastructure. This could be anything from testing the physical security of a bank vault to attempting to penetrate a banking server in a distant location. Either way; the objective stays the same. Find the clients weak spots and help to secure them. We start by discussing the "scope" of the test, or the criteria of what we're set to carry out. We discuss "no-go" areas. For example; if we were testing medical facilities then we would PoC (proof of concept) an attack without actually entering confidential medical records. Once the scope of the test has been discussed and agreed; we get straight to work!
Insinia will spend time carrying out Reconaissance, Scanning Targets (Enumeration), Exploitation and Stealth Access. Techniques we use as Ethical Hackers include: -: Network Attacks Trying to infiltrate networks, infrastructure, data and information from a local or web based location. This will include intercepting data for further interrogation.
-: Social Engineering Attacks Trying to trick staff members in to disclosing confidential data, such as passwords, access codes, vendors and suppliers etc. -: Physical Hacking This often includes hacking entry phones and systems, RFID tags and access cards, biometric systems, retina scanners, pin codes and passwords and much more. -: Web Attacks Carrying out SAS attacks (Structured Attack Simulation) to emulate web app attacks, DoS / DDoS attacks, SQL injection, XSS and much more. -: E-Mail / VoIP / Comms Attacks This attacks includes intercepting all types of communication, from e-mail to VoIP, Skype, PBX and all other communication methods. -: Plus much more! All of these attacks are carried out in the exact same way as a nefarious hacker would do so. We're highly skilled in what we do, as are your potential attackers, so we have to ensure the test remains as realistic as possible at all times. Insinia have attacked and tested all kinds of infrastructure, from cloning vehicle keys and bank cards to testing websites, apps and operating systems. Penetration Tests range in duration from a single day to a whole month or year, depending on the clients requirement. Once we've completed the test we provide a full comprehensive PenTest Report as well as screen shots, print outs and recommendations on how clients can improve their infrastructure to make their companies more secure. So are we hackers? Yes. Do we break the law? No. We do the exact same things as Black Hats, play with the same toys, attack the same targets, watch the same talks and read the same articles by the same people. But Ethical Hackers hack with permission, and without spending our lives on the run from authorities or constantly looking over our shoulders!
PenTesting's a great environment to work in, with some truly fascinating and devoted people. We love what we do, and we love providing an exceptional service to our clients. Penetration Tests are Insinia's chance to shine, and with a 100% success rate (thus far!) we have a proven track record for being amongst some of the best in the industry. Want to know more? Contact Insinia today!