V3ndta Cybersecurity

Cyberspace is the battleground of our time and it is essential that private companies, nation-states, and even individuals protect themselves as a well-executed cyber-attack can cripple even the most robust of systems.

I grew up during the ’90s and loved old-school movies that would portray hackers typing away on a DOS-looking screen able to bring whole countries to their knees with a few keystrokes in ten seconds.

While I loved these movies they were utterly terrible and didn’t have any idea what a real cyber-attack entails, a guilty pleasure movie of mine is the horrendously bad Under Seige 2 where the main villain manages to hack his way into the Pentagon using a laptop and cries out “A Gig of RAM should do it”, oh just saying that out loud makes me cringe.

In real life, this isn’t how a real hack works and when setting up your business to defend against real-world threat actors it is always good to know on a basic level how they actually attack a system. Here I’m going to break down the basic steps a hacker takes to attempt to break into a particular system.

1. Recon — The first stage of any attack or pen-test for that matter is reconnaissance and hackers have a varied toolbox in order to assist them with this. We start with passive recon where we search your website, social media accounts, find staff names and then search their sites and their social media accounts. Then we move on to active recon which is where we employ tools to scan your networks, your websites, your software, and anything you may have that we can exploit.
2. Enumeration — This is where the hacker reviews the information gathered from the recon stage and searches for any vulnerabilities in your system or where they can stage their attack. This is where your security comes into play, I believe any and every system can be broken with enough effort but this isn’t what hackers want, they want low-hanging fruit and the easiest time. If you make it difficult enough they will move on.
3. Attack — If the hacker has decided there is a way to attack your system that may yield results they will now employ it. It could be a DOS attack or an attack against a poorly configured network or even a phishing or spear-phishing attack against your employees.
4. Expansion — Depending on the kind of attack the next stage is expansion or escalation. If the hacker has managed to gain access to your system their aim will be to achieve the goal they had in mind(gain money, steal intel, cause disruption). Here they will be in your system may be trying to get admin privileges, spreading ransomware or some other malware, or a multitude of other attacks.
5. Covering of tracks — Depending on the kind of attack and the aim of the hacker they will now delete their tracks of entering the system and make it difficult for investigators to trace the source of the hack or even what may have been compromised.

This is a framework that every ethical hacker is taught at the beginning of their career and we use it every day. The amount of tools that are created to assist hackers is unbelievable and businesses should take much better care of their systems and invest heavily in IT and security.

Hackers are at the frontline in a lot of industries on both sides trying to attack and defend and cybercrime and cyber warfare are the main fields in which both businesses and governments should be investing.