With technology advancing every day and information becoming more accessible, information security is at an all-time importance. Hackers are becoming more threatening to businesses every day. With all the use of technology in society, it has become easier to be a hacker. There are many different types of hackers with various skill levels, but they all can be equally as dangerous. Because of this rapid growth of hacking with malicious intent the need for ethical hackers as grown. Companies cannot rely on just a single firewall anymore to secure their data. They need someone who can adapt and find flaws. The following insights are based on the “Three Different Shades of Ethical Hacking: Black, White and Gray” by David M. Hafele.
The ethical hacker is an interesting name. It is sort of a paradox because a hacker is typically someone who breaks into a system with intent to steal or corrupt data. It is hard to imagine that being done ethically. An ethical hacker hacks into a system in order to test its security and find its flaws. Without any intent to corrupt or steal any information, they simply find the weaknesses in the network to strengthen it.
An ethical hacker is a priceless tool to have. Companies hire an ethical hacker to hack into their system for the purpose of finding flaws in their security. The job of an ethical hacker becomes very complex, because there are many different types of hackers with many different skill levels making it difficult to emulate all of them.
There are essentially four types of hackers; the Script Kiddies, Technically Astute, Sophisticated (Ueberhacker), and the Insider. All four types have very different skill levels and different motives. The Script Kiddie is not a very experienced hacker but knows a couple security flaws that they can take advantage of. The Script Kiddie usually does not target a specific company, only a certain security flaw. They scan the internet searching for victims with the security flaw they are targeting.
The second type of hacker is the Technically Astute hacker. They are more knowledgeable than the Script Kiddie. The Technically Astute knows about many different operating systems and how each one functions. They also know about programming and network security. Their motive would be more focused towards a specific company than the Script Kiddies would be. The Technically Astute is a good model for an ethical hacker to use because they would be the most common type of hacker you would encounter in the real world.
The third type of hacker is the Sophisticated or Ueberhacker. The Ueberhacker is the scariest of the four because they have extensive knowledge and experience. They know how to develop their own vulnerability programs and would be able to erase any evidence of their attack. They are more intimidating because they know a system very well and are able to find and take advantage of a lot more flaws than the first two types of hackers are even aware of. They are an important model to use, but they are not practical for an ethical hacker to use because they are not as common as the Technically Astute.
The last type of hacker is the Insider. In most cases, the Insider is just a disgruntled employee who is either mad at the company or mad at a person in the company. They are usually not very experienced or skilled in hacking but they are still dangerous because they have a lot of access to company information and the network. Their skill level usually ranks between the Script Kiddie and the Technically Astute. Those are the four types of hackers than an ethical hacker needs to keep in mind when hacking a customers system. They have to know who they are trying to emulate in order to test the system to the best of their abilities.
Additionally, there are three different models for hacking that an ethical hacker needs to keep in mind in order to be more efficient and effective when working for a customer. These models are the Black Box, White Box and Gray Box models. The first is the Black Box model which gives the ethical hacker the least amount of information before the attack. In a Black Box model not very many people in the company will even be aware that someone is going to try to break into the system. Typically, just management is aware of the attack. This is a good model to use to simulate an average hacker because it assumes that the hacker has very limited knowledge of the network. This causes the ethical hacking team to have to start from step one and gather all information on their own just like an outside hacker would have to do.
The second type of model is the White Box Model which gives the ethical hacker the highest amount of knowledge to start off with. This model assumes that the hacker already has a lot of knowledge about the company and their network so the information is supplied to the ethical hacker by the customer at the start. Many companies prefer the White Box over the Black Box due to time and money. If they provide the ethical hacker with information up front, then the hacker does not have to spend as much time finding information and can be done quicker. This model is a good approach to simulate someone who has done a lot of research about the company and network prior to starting the attack.
The last model is the Gray Box approach. As the title implies the Gray Box approach is a mix between the White box and Black Box approaches. The following passage from the SANS Institute paper describes the Gray Box approach “Andrew T. Robinson says that there are two players in this scenario: the untrusted outsider who is working with the trusted insider to compromise the network” (Hafele, 17). This attack model is interesting because it can lead to many different possibilities. One example in the paper is “The outsider may be in the process of initiating Black Box reconnaissance attacks while the Insider is feeding important information to him or her” (Hafele, 17). In this model and in the White Box model, vulnerabilities can be overlooked because the attack team does not have to dig for a way in, because they know more of what they are looking for.
All companies should implement ethical hacking in some form to their company. It is an important tool that can be used to increase the security of every company. From learning about the different types of hackers and approach models I think the most useful model is the Black box approach model. It forces the attack team to dig through more information to find any way in they can. This can help the company discover more security flaws in their system than if they were given a bunch of information from the start. Using the Technically Astute attacker model is the most useful because it is the most common type of attacker that would try and attack their system.
Ethical Hackers are the only thing that will keep companies secure. Security threats are becoming more and more organic. They are starting to adapt and change so they are not spotted through traditional security measures. People are starting to attack companies more often and the best way to combat that is with skilled and experienced people. We are in the Information Age and that means information is becoming more and more valuable and personal. We need to do all that we can do to protect it.