Thieves breaking in homes have been on the news time and time again. But in the digital age, they look different from our conventional masked, stealth experts. They steal something far more precious than any of our homes could harbour: data. Keep reading to learn how to save your external network's confidential data from falling into wrong hands.
It's the collection of your company's digital platforms and systems directly connected to the Internet. Your web-facing platforms such as web, mail, and FTP servers are all considered a part of your external network at large. This contrasts with your internal network composed of systems exclusively accessible to your employees or partners.
Let's circle back to the situation with thieves. We protect our houses with padlocks and security officers. However, despite all our security measures, thieves find ways to break into our houses.
Similarly, we secure our networks with passwords, two factor authentication and screening the traffic for suspicious requests. Just like our failed house security, our network security measures fail. It's frustrating, but it happens. After all, a hacker has to get it right one time while we must get it right all the time.
The external network penetration test, or pentest, comes into play in this situation. Unlike what we would like to do with our houses, we hire an ethical hacker to breach our system via the external network. This exposes the exploitable vulnerabilities of your business systems, if any.
Prevention is always better than cure. Performing a simulated hacking in a control environment and coming out successful gives you the assurance that it'll perform well even in the real world. So, the purpose is to proactively check and double check our padlocks and avoid becoming a data point in the global list of recent security breaches.
It is entirely an optional measure. But just like investing in insurance, performing this test is a way to try and cover all possible grounds. To feel we did our best. Of course, it's our choice. But we should keep in mind the more important the resources we have, the more we have to lose in the unfortunate event of a cyber security incident. Investing in a certified pentest could help you mitigate the risk.
We generally follow a five-step process to ensure we cover all possible vulnerabilities. They are:
In the penetration testing service, the first phase is reconnaissance. In this phase, the tester gathers as much information about the target system as they can, including information about the network topology, operating systems and applications, user accounts, and other relevant information. The goal is to gather as much data as possible so that the tester can plan an effective attack strategy.
Reconnaissance can be categorized as either active or passive depending on what methods are used to gather information.Passive reconnaissance pulls information from resources that are already publicly available, whereas active reconnaissance involves directly interacting with the target system to gain information. Typically, both methods are necessary to form a full picture of the target’s vulnerabilities.
Once all the relevant data has been gathered in the reconnaissance phase, it’s time to move on to scanning. In this penetration testing phase, the tester uses various tools to identify open ports and check network traffic on the target system. Because open ports are potential entry points for attackers, penetration testers need to identify as many open ports as possible for the next penetration testing phase.
This step can also be performed outside of penetration testing; in those cases, it’s referred to simply as vulnerability scanning and is usually an automated process. However, there are drawbacks to only performing a scan without a full penetration test—namely, scanning can identify a potential threat but cannot determine the level at which hackers can gain access. So, while scanning is essential for cybersecurity, it also needs human intervention in the form of penetration testers to reach its full potential.
The third penetration testing phase is vulnerability assessment, in which the tester uses all the data gathered in the reconnaissance and scanning phases to identify potential vulnerabilities and determine whether they can be exploited. Much like scanning, vulnerability assessment is a useful tool on its own but is more powerful when combined with the other penetration testing phases.
When determining the risk of discovered vulnerabilities during this stage, penetration testers have many resources to turn to. One is the National Vulnerability Database (NVD), a repository of vulnerability management data created and maintained by the U.S. government that analyzes the software vulnerabilities published in the Common Vulnerabilities and Exposures (CVE) database. The NVD rates the severity of known vulnerabilities using the Common Vulnerability Scoring System (CVSS).
Once vulnerabilities have been identified, it’s time for exploitation. In this penetration testing phase, the penetration tester attempts to access the target system and exploit the identified vulnerabilities, typically by using a tool like Metasploit to simulate real-world attacks.
This is perhaps the most delicate penetration testing phase because accessing the target system requires bypassing security restrictions. Though system crashes during penetration testing are rare, testers must still be cautious to ensure that the system isn’t compromised or damaged
Once the exploitation phase is complete, the tester prepares a report documenting the penetration test’s findings. The report generated in this final penetration testing phase can be used to fix any vulnerabilities found in the system and improve the organization’s security posture.
Building a penetration testing report requires clearly documenting vulnerabilities and putting them into context so that the organization can remediate its security risks. The most useful reports include sections for a detailed outline of uncovered vulnerabilities (including CVSS scores), a business impact assessment, an explanation of the exploitation phase’s difficulty, a technical risk briefing, remediation advice, and strategic recommendations.