Privia Security was chosen as one of Türkiye's fastest growing companies!
Privia Security was chosen as one of Türkiye's fastest growing companies!
Hacking translates into Turkish as bilgisayar korsanlığı — computer hacking. It means obtaining unauthorised access to an electronic system. At this point, most people’s minds go to negative or harmful outcomes. However, hacking does not carry a negative meaning. Hacking is in fact the act of identifying vulnerabilities in systems and gaining authorised access to them. People who can find weaknesses or errors in systems and use those errors or vulnerabilities to access those systems are called “hackers”. While a hacker is described as a computer hacker, the act of hacking has been defined as computer hacking.
In reality, hacking emerged as a way to identify flaws or errors in electronic systems in order to improve those systems and provide reports to manufacturers — whether software or hardware. We can use vehicle manufacturers as an example to better understand this concept. For years, vehicle manufacturers have participated in Euro NCAP tests in order to produce safer vehicles.
Euro NCAP tests measure the damage a vehicle sustains in collisions at different speeds and under different environmental conditions, while also revealing how the people inside or outside the vehicle might be affected in the event of an accident. As a result, manufacturers such as Audi, Volvo, Mercedes, and BMW have received feedback based on these test results and begun producing safer vehicles. In today’s technological world, Euro NCAP tests have enabled top-level safety that means people sustain less or no harm in serious accidents.
The word hacking carries the same meaning. Just like cars, electronic systems can also be involved in accidents. In addition to environmental factors such as high voltage and water exposure, malicious cyber attacks can also cause serious damage. At this point, hackers play a major role in ensuring security by providing feedback to software or hardware manufacturers.
The well-intentioned cybersecurity professionals we refer to as hackers are less like criminals and more like salaried employees, freelancers, or consultants working legally for companies. These individuals can work as salaried employees after signing NDA (non-disclosure) agreements with companies, or they can work at cybersecurity firms such as Privia Security that offer consultancy services. In this way, vulnerabilities and errors in systems are found and closed or corrected, with the aim of taking precautions against potential attacks.
Of course, as in every sector, malicious individuals exist in the cybersecurity sector too. These people are also generally referred to as hackers. However, their motivations are criminal in nature — damaging systems through attacks, extorting money through blackmail, rendering systems unusable, and similar goals.
Skilled hackers — master hackers — aim to gather information about a target before launching an attack to compromise a system. In doing so, they behave similarly to a skilled bank robber or other malicious actor. The more information that is gathered about the system to be compromised, the more successful the attacks that can be mounted. A skilled hacker wants to understand as much as possible about the target organisation and its systems. This preparation phase is important. It is one of the reasons why a security-conscious organisation is very careful about what information it allows into the public domain.
The first step in any computer attack is to carry out a passive search. This is referred to as an attempt to gather information that does not involve connecting to the target system. If the target system has firewall logs, an intrusion detection system (IDS), or similar features, an active scan may be detected and could alert the company’s security experts.
Imagine the targeted organisation has announced a transition to a new router model, or that it uses IIS 7.0 for its web server. Any information about the target system allows the attacker to narrow down the volume of vulnerability searches they need to conduct. A new router announcement is broad in scope. However, once an IIS migration has been announced, the attacker can discover the IIS version and conduct searches only for “security flaws in IIS 7.0” or similar queries.
One of the most important steps in the attacker’s information gathering phase is obtaining information about employees in the organisation. Having information such as real names, phone numbers, and office locations will assist in a social engineering attack and enable successful scenarios to be deployed. The more information available about a target organisation, the easier and more successful the attack will be.
Some resources that assist with the information gathering phase are:
While passive scanning can provide a great deal of useful information, at some point the attacker needs to carry out an active scan that involves some real connection to the target system. This is the type of information gathering most likely to be detected. However, it also has the highest probability of providing actionable information. There are various types of active scanning:
A range of tools for active scanning can be found on the internet, ranging from very simple to complex. Anyone involved in the prevention or investigation of computer crimes should be familiar with several of them.
When performing port scanning, you have several options. The most common scan types and their limitations are listed below.
Other scans include the Null scan, which has no flags set, and the XMAS scan, which has multiple flags set. Whichever scan is used, most servers or firewalls will leave a trace of the attack in their logs.
You May Be Interested In These
