Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Ethical Hacking Tactics

You're reading from   Hands-On Ethical Hacking Tactics Strategies, tools, and techniques for effective cyber defense

Arrow left icon
Product type Paperback
Published in May 2024
Publisher Packt
ISBN-13 9781801810081
Length 464 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Shane Hartman Shane Hartman
Author Profile Icon Shane Hartman
Shane Hartman
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1:Information Gathering and Reconnaissance
2. Chapter 1: Ethical Hacking Concepts FREE CHAPTER 3. Chapter 2: Ethical Hacking Footprinting and Reconnaissance 4. Chapter 3: Ethical Hacking Scanning and Enumeration 5. Chapter 4: Ethical Hacking Vulnerability Assessments and Threat Modeling 6. Part 2:Hacking Tools and Techniques
7. Chapter 5: Hacking the Windows Operating System 8. Chapter 6: Hacking the Linux Operating System 9. Chapter 7: Ethical Hacking of Web Servers 10. Chapter 8: Hacking Databases 11. Chapter 9: Ethical Hacking Protocol Review 12. Chapter 10: Ethical Hacking for Malware Analysis 13. Part 3:Defense, Social Engineering, IoT, and Cloud
14. Chapter 11: Incident Response and Threat Hunting 15. Chapter 12: Social Engineering 16. Chapter 13: Ethical Hacking of the Internet of Things 17. Chapter 14: Ethical Hacking in the Cloud 18. Index 19. Other Books You May Enjoy

Why do intrusions and attacks happen?

Attacks do not operate in a vacuum, and as such, attacks and intrusions can be broken down into three core areas, sometimes referred to as the intrusion triangle or crime triangle. In other words, certain conditions must exist before an attack can occur. These core areas are Motive, Means, and Opportunity.

We’ll look at what each of these in the following sections.

Motive

An attacker must have a reason to want to attack a network. These motives include exploration, data manipulation, and causing damage, destroying, or stealing data. Motives may also be more personal, including financial, retaliation, or revenge. Examples include a disgruntled employee who wants to do damage based on some grievance with the company managers or coworkers. Another would be a cybercrime group targeting a company or industry to extort money through ransomware or some other means. Still, another would be a script kiddie who stumbled upon the network and thought it might be interesting to see what they could get access to. More on script kiddies in the Types and profiles of attackers and defenders section.

For investigators, it is also important to differentiate between motives for criminal activity and the operational goals and objectives associated with the larger crime. As an example, compromising user accounts is not the goal of an attack; gaining access to the corporate network and stealing data is. The account compromise is simply an operational goal.

It may also be important to understand the intensity of an attack and the motives behind it. People who are desperate are more determined to achieve their goals. The employee who is in a bad financial situation may see accessing and stealing company funds as the only means to alleviate the situation. And with that, the higher the pressure, the more likely it is that the employee will not only commit the crime but take larger risks to meet that goal.

Means

Once an attacker has a motive, they need the means to perform the attack. Means refers to the technology plus an individual’s or group’s skills, knowledge, and available resources. By understanding these requirements to commit a given crime, plus the potential motivations, investigators can narrow down attribution to individuals or groups and eliminate others. Additionally, investigators need to be aware of technological innovations as potential means of committing cybercrimes in relation to the crime committed. By way of example, a nation-state actor in China would not have the means to access and sabotage an electrical plant in the United States physically. However, once the electrical plant installed IoT sensors and connected them to the internet, the means would be made available.

Opportunity

The third part, completing the triangle, is opportunity. Used in conjunction with motive and means, an opportunity is that moment or chance where the attack can be completed successfully. For an opportunity to be available, it means that various protective mechanisms were either ineffective or non-existent. This means that human, technological, or environmental factors were conducive to the crime being committed. For example, a power failure might cause locked doors to fail open for safety but allow criminals free access to all areas of the company. Or, unpatched servers exposed to the internet might be discovered during a scan, informing attackers what exploit(s) will be successful in accessing the core network. You can see a visual representation of the crime triangle in the following figure:

Figure 1.1 – Crime triangle

Figure 1.1 – Crime triangle

Of the three areas, the ethical hacker has the most control over opportunity. As a defender, you cannot eliminate motive as that comes from the personal desires of the attacker, whether they are acting as an individual or a group. You also cannot eliminate means as knowledge is readily available, and skills can be acquired. This leaves opportunity as the area from which the odds of defending against and preventing most attacks are the most successful.

Now that we have looked at why intrusions happen, let’s take a look at the different types of people that make up the cyber security landscape, from attacker to defender.

You have been reading a chapter from
Hands-On Ethical Hacking Tactics
Published in: May 2024
Publisher: Packt
ISBN-13: 9781801810081
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image