Читать книгу Penetration Testing For Dummies - Robert Shimonski - Страница 23

Cybercrime is the act of conducting criminal activities — for example, data theft, information destruction, and identify theft — using technology such as computer systems and networks. A lot of hacking revolves around cyber activities and cybercrime. Any access to something that is done not with the intention of doing an investigation, including collecting information about access or damage (harm), is in fact against the law. As time has passed, more and more legal aspects of protecting assets has arisen since the earlier 1990s.

Here are some key considerations about cybercrime you should consider before you pen test:

 Those who commit cybercrime are usually out to gain information, access, or leverage to create a competitive edge, or gain wealth or information that can be used or sold.

 The main way that cybercriminals conduct these criminal activities is by surreptitiously accessing information systems to get resources.

 The only way to know how vulnerable you are to cybercrime activities is to test your systems yourself. This enables you to be ahead of the curve in protecting these resources and assets to mitigate risk.

 You must be employed, contracted, or given permission to conduct ethical hacking, pen testing, vulnerability testing, or any other assessment where computer technology will be penetrated and exploited to find vulnerabilities. Pen testing can be considered an act of cyberwarfare if you test on systems and networks you don’t have permission to test on. It reverts your ethical hacking procedures into unethical ones with that simple oversight! If you don’t work in the field and/or for a company hired to conduct pen testing, you must have permission to conduct it.

 Once vulnerabilities are found, you can use the tools to exploit them. However, you must be careful to analyze what that could impact or other problems it could create. For example, you can overwhelm a buffer on a network card or network switch to test its ability to be exploited, creating an outage in the network or on the system.

 You should be careful and assess whether possible irreversible damage can be caused and plan for it. What this means is you might conduct an exploit that could corrupt an operating system and if that happens, it must be restored to get it back to working condition.

 You must be careful not to corrupt (or lose) data as part of the host system, storage unit, server, or other storage facility. Make sure a full backup is done prior to testing.

 You could expose weaknesses to others you might be working with and that could cause problems with information being leaked about security issues that then impact a company’s reputation. This is why it’s recommended to be very careful with giving any information to anyone who doesn’t need to know.

 If you’re the security incident handler (like those on an Incident Response Team, which I discuss in Chapter 2) who’s tracking a cybercriminal, you might be responsible for collecting data and creating a chain of custody of the evidence that can be used in a court of law.

 The dark web (or darknet) is where many attackers go to find their tools as this part of the web is normally not searchable with common search engines. Most of these tools are found on peer to peer networks and other means of distribution and are the leading causes of attacks via script kiddies and low level hackers worldwide. Most cybercrime (and cyberwarfare) is conducted using these means.