4. The Need for Cybersecurity: Cyber Attacks “It’s about time someone wrote a book to teach the good guys what the bad guys already know.” - Bruce Schneier’s endorsement for Exploiting Software The previous chapter on hackers previewed some of the content in this chapter: the activities of hackers. Learning how cyber adversaries go about their hacking and the tricks of the hacking trade make clear the risk and the corresponding need for cybersecurity. At the end of the chapter, after we review the basic approaches to hacking, we examine the overarching goals of cybersecurity. Understanding cyber attackers and their activities is prerequisite knowledge for cyber defenders seeking to thwart attacks. The more the defense understands the offense, the better chance they have of competing on a level playing field. 4.1 Cyber Attacks Not all cyberattacks are carefully planned. Some are conducted by unsophisticated script kiddies attacking targets at random. Other attackers look for low-hanging fruit—any victim that is an easy target. The Shodan Search Engine is a website that continually scans the Internet and catalogs accessible software and hardware devices. If a hacker knows of a vulnerability for a particular hardware device, he may be able to use Shodan to find a list of targets. For example, if he discovers a vulnerability in a specific webcam make and model, Shodan may be able to return a list of those webcams that he can start attacking. There are also sophisticated attacks that are carefully planned against deliberately chosen targets. These types of attacks usually follow certain steps. One general model for the phases of a cyber attack was defined by white hat hacker, Ed Skoudis. He identifies five phases (see Table 4.1). Chapter 4
RkJQdWJsaXNoZXIy MTM4ODY=