
Penetration Testing
A penetration test, colloquially known as a pentest, is the mechanism by which a defined enterprise surface, either total or partial, is tested in order to detect attack paths, exploiting the vulnerabilities found, that an attacker could exploit to carry out an attack. It is an empirical demonstration of the risk associated with a given vulnerability by simulating an actual attack against the system.
A penetration test begins with the security professional conducting an inventory of the target network to find vulnerable systems and/or accounts. To do this, each system in the network is checked for open ports on which services are running. It is extremely rare that all services on a network are properly configured, properly password protected, and completely up-to-date. Once the penetration tester properly understands the network and existing vulnerabilities, a penetration testing tool is used to exploit a vulnerability and thus gain unauthorized access. However, security experts do not only examine systems. Pentesters often attack users of a network by sending phishing e-mails or attempting to manipulate targets at will over the phone or Internet/Intranet (pre-SMS or social engineering).
An organization’s users represent an additional risk factor. Attacks on a network through human error or compromised credentials are nothing new. If the constant cyber attacks and instances of data theft have taught us anything, it is that the easiest way for a hacker to break into a network and steal data or money is through network users.
Compromised credentials are the most common attack vector of all reported data breaches, as the Verizon Data Breach Report shows year after year. Part of a penetration tester’s job is to address security threats caused by user errors. A pen tester will attempt to use a brute force attack (brute force) to guess passwords of discovered accounts to gain access to systems and applications. Although compromising a device may result in a security breach, in a real-world scenario a malicious user will typically use lateral movement to reach a critical resource.
Simulating phishing attacks is another common way to test the security of network users. Phishing attacks use customized communication methods to persuade the victim to do something that is not in their best interest. For example, a phishing attack might convince a user that it is time to “reset the required password” and then click on an embedded e-mail link. Whether clicking the malicious link releases malware or simply opens the door for attackers to steal credentials for future use, a phishing attack is one of the easiest ways to exploit network users. It is indeed important to use penetration testing tools that have these features.