Cyber security is a growing industry as more and more businesses are waking up to the reality of their responsibility to ensure that their clients’ information is kept safe and secure. To be a successful ethical hacker requires you to be able to think like one. It is the role of the ethical hacker to attempt to break into the company network and access their personal data which is locked away carefully behind as many levels of security as necessary. Companies need to ensure that their defences can keep malicious cyber criminals out. This is not an easy task when ever more increasingly sophisticated technology is constantly being developed. Hackers will need to stay ahead of the game so as to retain their clients’ trust whilst maintaining their own credibility in protecting sensitive information in this fast paced race. Hackers most commonly simulate an attack against a network, to discover weaknesses in an organisation’s security posture, and ensure their security team is battle-tested.

Links with the CyberEPQ Modules

• 3. & 4. Vulnerability Assessment and Pen Testing
• 5. Information Security Vulnerability Concepts

What do (Ethical) Hackers do?

Ethical Hackers simulate how a cyber criminal may attack the system, thus resulting in assisting how the entire organisation will become more secure against future such attacks whilst ensuring that everything that an attacker may think of is secure. Ethical hackers attempt to breach an organisation’s systems, in a controlled manner in what is known as the red team/blue team exercises in which each team is pitted against the other. The objectives may include testing the procedures, readiness and teamwork of security staff, cooperation between in-house and outsourced security providers, security vulnerabilities and gaps, security tools and defences and incident response processes. It is a realistic test that helps an organisation discover its security weaknesses and remediate them.

Instead of waiting for a real breach to help an organisation discover its weaknesses and test its security practices, an ethical hacker will do it in a controlled manner, allowing the organisation to prepare. Such security practices are not limited to networks — they can also be performed against single web applications, or subsets of the network or infrastructure.

The penetration testing process emulates the cyber security kill chain. Penetration testers begin by planning their attack, scanning the target system for vulnerabilities, penetrating the security perimeter, and maintaining access without being detected. Essentially there are five different stages involved. The first one concerns planning and reconnaissance where discussions with company stakeholders who ordered the test occurs so as to gain an understanding of the goals and scope of the test, the systems to be tested, and the testing methods to take place. These tests may be open-ended and some may test specific malicious tactics, techniques and procedures (TTPs). Intelligence at this stage to understand the architecture of the target system, its network structure and security tooling will also be collated.

The second phase involves scanning whereby automated tools are used to analyse the target systems whilst checking the system’s code for bugs or security gaps. Vulnerability scans, looking for old or unpatched components that may be vulnerable to known exploits are also conducted. Thirdly, the Ethical Hackers gain access based on the results of the second stage by selecting a weak point in the target system that they can use to penetrate. They may perform brute force or password cracking attacks to break through weak authentication, perform SQL injection or cross site scripting to run malicious code on the target system, or deliver malware into a system inside the security perimeter.

During the penultimate stage, the ethical hacker will maintain access and will typically act like an advanced persistent threat (APT), looking for ways to escalate privileges and perform lateral movement to gain access to sensitive assets. To this end, the ethical hackers will discover the vulnerabilities of internal systems, not just those deployed on the security perimeter or network edge, but also the security team will detect malicious activity inside the network.

The final stage is analysis. It is at this point that the ethical Hacker will compile a report detailing what vulnerabilities they discovered in their test (including those that were not actually exploited), how they breached the system, which internal systems or sensitive data they were able to compromise, whether they were detected, and how the organisation responded. The organisation can then use this data to remediate vulnerabilities, bolster security processes and adjust security tool configuration.

What are companies looking for?

• Someone who is a flexible and out of the box thinker with a holistic view towards security testing who is happy to challenge the status-quo where required.
• Someone who has experience of developing and delivering high-quality penetration tests and bespoke attack simulations within a fast-paced and outcomes-based environment.
• Someone who has good verbal and written communication skills.
• Someone who has a love of learning and desire to continually develop their skills whilst being as a quick learner.
• Someone who is passionate about cyber security.

UK Earning Potential

Upwards of £35,000 depending on geography, experience and definition.*

* source: Indeed March 2020

References

• Sam Humphries, Feb 2020, Penetration Testing: Process and Tools, viewed 11th March 2020
• Damon Culbert, March 2019, 10 reasons to become an ethical hacker, viewed 16th March 2020
• Why and How to Become a Penetration Tester, viewed 16th March 2020

Learn more about the Seven Personae of Cyber