Open in app

Sign in

Write

Sign in

Ethical Hacking

Ravindugunarathna
6 min readMay 29, 2021

What is hacking?

Hacking is the activity of identifying weaknesses in a computer system or a network to exploit the security to gain access to personal data or business data.

When we create computer systems for companies, we need to connect them to external networks for the communication purposes, that exposes them to the outside world and hacking. System hacking means using computers to commit fraudulent acts such as fraud, privacy invasion, stealing corporate/personal data, etc. Cybercrimes cost many organizations millions of dollars every year. Businesses need to protect themselves against such attacks.

What is Ethical Hacking?

Ethical hacking, also known as penetration testing or pen testing, is legally breaking into computers and devices to test an organization’s defenses. It’s among the most exciting IT jobs any person can be involved in. You are literally getting paid to keep up with the latest technology and get to break into computers without the threat of being arrested.

Ethical Hacking is identifying weakness in computer systems and/or computer networks and coming with countermeasures that protect the weaknesses.

What is a security threat?

Security Threat is defined as a risk that which can potentially harm computer systems and organization. The cause could be physical such as someone stealing a computer that contains vital data. The cause could also be non-physical such as a virus attack. In these tutorial series, we will define a threat as a potential attack from a hacker that can allow them to gain unauthorized access to a computer system.

What are physical threats?

  • Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
  • External: These threats include Lightning, floods, earthquakes, etc.
  • Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.

What are non-physical threats?

The non-physical threats are also known as logical threats. The following list is the common types of non-physical threats;

  • Virus
  • Trojans
  • Worms
  • Spyware
  • Key loggers
  • Adware
  • Denial of Service Attacks
  • Distributed Denial of Service Attacks
  • Unauthorized access to computer systems resources such as data
  • Phishing
  • Other Computer Security Risks

What is a Trojan

A Trojan horse is a program that allows the attack to control the user’s computer from a remote location. The program is usually disguised as something that is useful to the user. Once the user has installed the program, it has the ability to install malicious payloads, create backdoors, install other unwanted applications that can be used to compromise the user’s computer.

What is a Warm

A worm is a malicious computer program that replicates itself usually over a computer network.

What is a Virus

A virus is a computer program that attaches itself to legitimate programs and files without the user’s consent. Viruses can consume computer resources such as memory and CPU time. The attacked programs and files are said to be “infected”. A computer virus may be used to,

· Access private data such as user id and passwords

· Display annoying messages to the user

· Corrupt data in your computer

· Log the user’s keystrokes.

What is a Cybercrime?

Cybercrime is defined as an unlawful action against any person using a computer, its systems, and its online or offline applications. It occurs when information technology is used to commit or cover an offense. However, the act is only considered Cybercrime if it is intentional and not accidental.

Cybercrime can attack in various ways. Here, is some most common cybercrime attack mode:

Hacking:

It is an act of gaining unauthorized access to a computer system or network.

Denial of Service Attack:

In this cyberattack, the cyber-criminal uses the bandwidth of the victim’s network or fills their e-mail box with spammy mail. Here, the intention is to disrupt their regular services.

Software Piracy:

Theft of software by illegally copying genuine programs or counterfeiting. It also includes the distribution of products intended to pass for the original.

Phishing:

Phishing is a technique of extracting confidential information from the bank/financial institutional account holders by illegal ways.

Spoofing:

It is an act of getting one computer system or a network to pretend to have the identity of another computer. It is mostly used to get access to exclusive privileges enjoyed by that network or computer.

Types of Hackers

Hackers are classified according to the intent of their actions. The following list classifies types of hackers according to their intent.

Ethical Hacker (White hat): A security hacker who gains access to systems with a view to fix the identified weaknesses. They may also perform penetration Testing and vulnerability assessments.

Cracker (Black hat): A hacker who gains unauthorized access to computer systems for personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts etc.

Grey hat: A hacker who is in between ethical and black hat hackers. He/she breaks into computer systems without authority with a view to identify weaknesses and reveal them to the system owner.

Script kiddies: A non-skilled person who gains access to computer systems using already made tools.

Hacktivist: A hacker who use hacking to send social, religious, and political, etc. messages. This is usually done by hijacking websites and leaving the message on the hijacked website.

Phreaker: A hacker who identifies and exploits weaknesses in telephones instead of computers.

Ethical Hacking experts follow four key protocol concepts:

1. Stay legal. Obtain proper approval before accessing and performing a security assessment.

2. Define the scope. Determine the scope of the assessment so that the ethical hacker’s work remains legal and within the organization’s approved boundaries.

3. Report vulnerabilities. Notify the organization of all vulnerabilities discovered during the assessment. Provide remediation advice for resolving these vulnerabilities.

4. Respect data sensitivity. Depending on the data sensitivity, ethical hackers may have to agree to a non-disclosure agreement, in addition to other terms and conditions required by the assessed organization.

As an ethical hacker, you will need to understand various hacking techniques such as −

  • Password guessing and cracking.
  • Session hijacking
  • Session spoofing
  • Network traffic sniffing
  • Denial of Service attacks
  • Exploiting buffer overflow vulnerabilities
  • SQL injection

Process of Ethical Hacking

Certified Ethical Hacker, the entire process can be categorized into the following six phases.

Reconnaissance

Reconnaissance is the phase where the attacker gathers information about a target using active or passive means. The tools that are widely used in this process are NMAP, Hping, Maltego, and Google Dorks.

Scanning

In this process, the attacker begins to actively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are Nessus, Nexpose, and NMAP.

Gaining Access

In this process, the vulnerability is located and you attempt to exploit it in order to enter into the system. The primary tool that is used in this process is Metasploit.

Maintaining Access

It is the process where the hacker has already gained access into a system. After gaining access, the hacker installs some backdoors in order to enter into the system when he needs access in this owned system in future. Metasploit is the preferred tool in this process.

Clearing Tracks

This process is actually an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process.

Reporting

Reporting is the last step of finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.

CIA Triad in Information Security

Confidentiality, integrity, and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity, and confidentiality) to avoid confusion with the Central Intelligence Agency. Although elements of the triad are three of the most foundational and crucial cybersecurity needs, experts believe the CIA triad needs an upgrade to stay effective.

  • Confidentiality: Only authorized users and processes should be able to access or modify data
  • Integrity: Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously
  • Availability: Authorized users should be able to access data whenever they need to do so

Machine Learning For Gathering Information:

The use of AI has become more widespread with hackers launching noise generation attacks to weaken the automated defense systems. The first step is gathering information and getting an unauthorized access by knowing common security exploits. The more information is collected, the better the chances are of success. That is why hackers collect large amounts of data to improve social engineering techniques.

Hacking
Ethical Hacking
Malware
Hacker
Cybersecurity

--

--

Ravindugunarathna

Written by Ravindugunarathna

42 Followers

Software Engineering Graduate at University Of Kelaniya | Software Engineer |Tech Enthusiasist

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams