The Basics of Penetration Testing & Ethical Hacking


This year has made it vividly clear that cyber attacks can come from virtually anywhere. In August, malicious hackers used denial-of-service attacks to bring down the 2016 Census website for more than 40 hours. In the last financial year, government systems experienced 1,095 security incidents. And even as you’re reading this; hundreds and thousands of fresh malware attacks and exploitative programs are being used to infiltrate seemingly secured networks and systems.

As these attacks become increasingly more sophisticated, companies realise that rigid security systems alone aren’t going to keep them safe. If companies want to stand a chance against hackers, they have to think like hackers. And there are two ways to go about doing this.

Penetration testing

A company may be running the most up-to-date security systems available; but whether it can actually protect their computers is unclear. One way to gain some clarity is to employ a penetration test; or “pen test,” which is a formal set of procedures aimed at uncovering security flaws in computer systems, applications, and networks that intruders could exploit. Its main objective is to gather information about a company’s network; identify potential backdoors, and report findings to the client. But a pen test doesn’t simply end at uncovering vulnerabilities.

With permission from the client, pen testers will use a number of tools to access seemingly secure systems and networks. For instance, pen testers commonly use Metasploit software to deliver exploits remotely and brute force hacks to pinpoint guessable employee passwords.

And, to simulate external and internal attacks; security evaluations might be either a black box test – where the third-party tester is given no prior information about the client’s systems; or a white box test – where the pen tester already has insider knowledge of the company’s security implementations. The former will do more to test internet-facing security protocols; whereas the latter will let pen testers spend more time probing internal measures.

In essence, a pen test is designed to answer the question: How effective are my existing security protocols against specific attack vectors? So rather than asking for a more expensive full-system assessment, businesses that are particularly worried about certain areas of their defenses — like their firewalls, antivirus software, or intrusion prevention systems — can ask pen testers to focus on finding vulnerabilities in those areas in-depth.

Ethical Hacking

Much like pen testers, ethical hackers (or white hats) infiltrate a system with the intention of finding vulnerabilities that can be exploited by their less friendly counterparts. The difference, however, is that penetration testing is just one of the many testing methods that ethical hackers have at their arsenal.

Pen testers may focus on attacking unpatched applications or bypassing weak firewalls; but ethical hackers utilise a variety of destructive techniques to gain full access to their client’s systems. Less known ethical hacks might include:

  • Planting USB drives in a public area – also known as baiting, white hat hackers take full advantage of the curiosity of employees, encouraging them to plug in a thumbdrive drive with auto-start software into company endpoints.
  • Looking over someone’s shoulder – a lot of information can be gathered by simply looking over someone’s shoulder in a cafe, park, or any other public area.
  • Calling staff as a legitimate entity – by masquerading as an executive or IT technician, white hat hackers can manipulate unwitting employees into giving away their login credentials.

If they are given consent, an ethical hacker could, ultimately; break into your server rooms or steal company-issued laptops to test physical security. And in extreme cases, ethical hackers could also intercept messages, crack encryption systems, and perform denial-of-service attacks over a cloned system to assess the impact of successful attacks.

Another key difference is that white hat hackers require an obligatory Certified Ethical Hacking (CEH) qualification; whereas certifications for pen testers are largely not required.

Which service is best?

Do keep in mind that this shouldn’t be an either-or decision. Although pen testing may help your company fortify its IT infrastructure; it’s usually focused on one or two particular attack vectors. But typical hackers don’t just commit to one type of attack; they use a combination of hacking methods to steal company data and ‘own’ a targeted network.

Likewise, ethical hacking without penetration testing is an incomplete service. To simulate a real attack; white hat hackers need to exploit human vulnerabilities with social engineering tests and hack infrastructure vulnerabilities with penetration testing.

By combining ethical hacking and penetration testing; you get a broader, more thorough analysis of your organisation’s information security framework. This helps you identify problem areas early; and take appropriate action against downtime-inducing bugs and negligent employees. In other words; the issues exposed by an ethical hack not only reveal the feasibility of different attack vectors, but also informs the security decisions you make in order to mitigate risk.

Strengthen your business

It is no longer adequate to buy and install a simple security package in the hopes of protecting your business. To prove your system is secure, you must be determined to push it to its limits. Penetration testing and ethical hacking are powerful tools to do just that. It prepares your staff against real-world attacks, identifies complex vulnerabilities, and seals security holes.

Here at Empower, we have trained security professionals who can assess your systems, and implement security best practices. Contact us today to identify and fix system vulnerabilities and empower your business.