Thinking Like a Hacker to Protect Networks

Introduction 

In the current information age, more businesses and institutions are digitizing their processes. This change is through various technological advancements such as machine learning, ubiquitous computing, cloud computing, and the internet. The internet has been the pillar of many systems and has facilitated even more development. It has reduced the world into a global village that anyone can do business from his/her home or office. However, despite the significant advantages, the networks created from these technologies are vulnerable to attacks by cybercriminals. Additionally, computer network security is a challenge determined by the complexity of algorithms or the scale of an attack. Unlike other security fields, network security is a battle of wits between a person trying to carry out an attack on a network and the other who is trying to defend the network (Vigna, 2020). Because of its adversarial nature, computer security entails continuous evolution of attack and defensive techniques. As it happens in many game theories, any movement of the defender or attacker switches the conditions of the game and invalidates the existing defenses or thwart future attacks. In this arms race, technology and attack methods are changing fast; thus, network security administrators should expect the threats to increase. Therefore, securing computer networks forces the security personnel to think like their opponents, or essentially, “think like a hacker.”

Understanding the Hackers and their Mindset

A hacker is a name that has been synonymous with illegal computer activities. In the early days, the hackers were called "geeks," as they formed ARPANET, which created a pathway to the development of the internet. Currently, the name itself creates fear among security teams. However, not all hackers conduct illegal activities, creating three significant categories of hackers in the world today, which are highlighted below. Firstly, there are black hat hackers who are knowledgeable computer experts with malicious intentions. They attack secure networks for unauthorized access and can cause huge damages to the network. Secondly, there are white hat hackers, who are professional hackers with high cybersecurity experience. They are authorized to hack a secure network to find its vulnerabilities. While performing their duties, they are required to abide by the law. Lastly, there are gray hat hackers; they are neither black nor white hat hackers. They do not have any certification and hack systems for their gain or for helping someone.

Understanding the various types of hackers and having their mindset is necessary during the response to an actual attack. The evolution of technology has created a suitable platform for hackers to thrive (Thurston, 2020). Currently, script kiddies can purchase attacking tools online and be guided on using them for a small fee. The phrase "putting yourself in another person's shoes" is mostly used to show understanding and sympathy. However, in the case of hackers, the statement is the exact opposite as IT professionals think like hackers to create barriers that protect their systems.

How the Attack Happens

Attack from hackers on a computer network can have adverse effects on the network owners as it can lead to exposure of sensitive data such as passwords, deletion of files, installation of malware, and total damage of the system. Computer network attacks are performed using various techniques that keep on changing to handle new security upgrades. The various techniques used to exploit networks are discussed.

The first attack method is phishing. This technique uses emails, voice calls, or text messages from an imposter to coax victims into providing their sensitive data like personal identification information, credit card details, and passwords. Due to the development of the internet and communication infrastructure, different phishing types have emerged (Alabdan, 2020). It includes spear phishing, which is a directed phishing attack and targets a specific group such as network security administrators. Whaling is a spear-phishing attack that goes after top executives in the business. Most of the whaling emails indicate that the company is being sued or large money transfers. The last type is vishing, which uses voice calls instead of emails to conduct their attacks.

The next attack technique is switch attacks. This method uses information such as valid server names, IP addresses, network devices, and protocols gathered by attackers for further attacks. It may often be combined with creating of fake wireless access points (WAP). The legitimate network access point may be incapacitated or jammed to allow hackers to insert their rogue access points or evil twin. These compromised network access points enable hackers to read the data packets sent through them if they are not encrypted.

A denial of service is an attack that is conducted on a network with an intent to shut it down, making it inaccessible for its intended users. Hackers achieve this by flooding the targeted network with hoax traffic that prevents it from accepting genuine network requests from users, triggering a network crash (Thomas, 2019). In addition, hackers may use jamming tools to create a DoS attack to install rogue access points or evil twin networks.

The other attack method is keylogging, where attackers use keylogging software that records every keystroke the victim makes. It is a massive threat since the recorded information is sent to a third party (attacker). Hackers may use this software to steal personal information, which they can sell on the dark web for profit (Swinhoe, 2018). Therefore, hackers can manage to learn things like passwords and usernames by recording an individual's keystrokes.

In addition, clickjacking attacks have increased recently due to most businesses and institutions trying to have websites. This attack is also known as the user interface redress attack. Network attackers trick users into clicking webpage elements that are disguised as another element or invisible to them. This attack can make users unwittingly visit malicious pages, disclose sensitive information, or even downloading malware, thus creating a vulnerability to the network.

The last attack technique involves cookies theft, and it occurs when an attacker copies unencrypted session data. This attack often occurs if users visit trusted sites on a public network (Cummings, 2019). Even though the passwords and usernames may be encrypted, the session data exchanged (cookie) is not. After gaining the session data, attackers may mimic an individual cookie over the same network and perform malicious activities.

How to Protect Networks

Computer networks face a lot of threats that are changing every day. Security professionals are required to study past network attacks to determine the common attack patterns used to compromise a network. In addition, security personnel must develop vulnerability analysis skills to detect any network security problems. Also, adopting a hacker mindset provides an easy platform to understand how the attacks happen (Vigna, 2020). Therefore, computer networks can be protected using various techniques highlighted below.

Firstly, computer users must keep updating application software. Users of a network should be encouraged to update the application they are using. Updates help fix vulnerabilities in the old version that could be exploited using new technologies. Secondly, users should install antivirus software. Antivirus software helps detect viruses and malware before they infect the network. The software also alerts the user in case of an insecure connection or intrusion into the network.

Thirdly, computer users should use proper HTTPS and SSL connections. These standard technologies safeguard any sensitive data being sent between two systems and keep an internet connection secure (Durumeric et al., 2017). Using these connections prevents attackers from reading or altering information being transferred. Fourthly, enabling a network firewall will help filter out the malicious packets containing phishing emails or malware. It also prevents compromised applications from running. The fifth protection mechanism involves using two-factor authentication. It is a new security concept that users provide two distinct authentication factors in order to access something on a network.

The next method involves using virtual private networks to secure communication in an unsecured network. VPNs also mask the IP address on devices in a network, making it hard for attackers to launch a switch attack or create fake WAP. In addition, users are advised to clear their browsing cookies to prevent session hijacking regularly. Lastly, individuals should classify documents and social accounts regarding their importance and use various techniques to protect the most critical files. This process also reduces the cost of implementing security in a network since the important documents and social accounts are secured first.

Future Trends of Network Security

New networks and technologies are being established at an exponential rate. This trend has seen an increase in the number of attacks on computer networks. Businesses send sensitive information through the internet, an infrastructure that was never created to be secure. Several trends are going to be observed.

Firstly, cloud network security will be implemented on a larger scale. Cloud networks face many DoS attacks, which will only make them increase security levels to fulfill the increasing users' demands (Bonnay, 2020). Secondly, the Internet of Things increased vulnerabilities. IoT comprises several intelligent devices that are connected to a shared network (Salam, 2019). These devices are from different manufacturers, and their security protocols may be different, thus creating a vulnerability in the network.

Thirdly, the constant attacks on various works will lead to the discovery of challenging to break encryption protocols and devices that are not susceptible to any form of attack. As attackers are racing to launch their malicious activities, different researchers are researching the best ways to curb these attacks, including coming up with new network devices. Fourthly, phishing attacks will keep on rising as more people join the internet. This trend takes advantage of the limited users' knowledge of how internet security works. Lastly, malware threats are also going to increase, and this will incorporate a new form of malware that may be fileless to trick users into believing they are not malware (EBR, 2021).

Conclusion

Network security threats are not going away soon. The more users and systems are connected to the network; vulnerabilities will always be present. Despite the software patches and updates, attackers may find new ways to exploit networks since they have unlimited methods to choose from. However, in protecting data in a network, security personnel need to think like the attacker. It might be difficult initially, but the mastery of these skills can be used to identify vulnerabilities in computer networks. In addition to providing a solution to these threats, users of networks need to be educated on developing good security practices.

References

Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches.  Future Internet ,  12 (10), 168.  https://doi.org/10.3390/fi12100168

Bonnay, J. (2020, September 17).  Five cybersecurity trends from 2020 – And what the future holds . Security.  https://www.securitymagazine.com/articles/93377-five-cybersecurity-trends-from-2020-and-what-the-future-holds

Cummings, L. (2019). Describing the cookie theft picture.  Pragmatics and Society ,  10 (2), 153-176.  https://doi.org/10.1075/ps.17011.cum

Durumeric, Z., Ma, Z., Springall, D., Barnes, R., Sullivan, N., Bursztein, E., Bailey, M., Halderman, J. A., & Paxson, V. (2017). The security impact of HTTPS interception.  Proceedings 2017 Network and Distributed System Security Symposium .  https://doi.org/10.14722/ndss.2017.23456

The European Business Review (EBR). (2021, January 6).  6 cybersecurity trends from 2020 – And what the future holds .  https://www.europeanbusinessreview.com/6-cybersecurity-trends-from-2020-and-what-the-future-holds/

Salam, A. (2019). Internet of things for sustainability: Perspectives in privacy, cybersecurity, and future trends.  Internet of Things , 299-327.  https://doi.org/10.1007/978-3-030-35291-2_10

Swinhoe, D. (2018, December 11).  What is a keylogger? How attackers can monitor everything you type . CSO Online.  https://www.csoonline.com/article/3326304/what-is-a-keylogger-how-attackers-can-monitor-everything-you-type.html

Thomas, P. (2019, July 1).  What are top 10 common hacking techniques . Hack Ware News.  https://hackwarenews.com/top-10-common-hacking-techniques/

Thurston, P. (2020, July 29).  Why you need to think like a hacker to keep your network safe . CISO Platform.  https://cisoplatform.com/profiles/blogs/why-you-need-to-think-like-a-hacker-to-keep-your-network-safe

Vigna, G. (2020, July 10).  How to think like a hacker . Dark Reading.  https://www.darkreading.com/vulnerabilities---threats/how-to-think-like-a-hacker/a/d-id/1335989