How do ethical hackers work?


The cybersecurity world is full of a wide variety of people with a full spectrum of motivations, from the best to the worst. Of course, each case is highly individual. Nevertheless, have you ever wondered how ethical hackers work? 

The answers to the above questions, in statistical terms, may be the results of a survey conducted among over 300 ethical hackers by cybersecurity companies: Bishop Fox and SANS Institute. The study found that many respondents are capable of carrying out an end-to-end attack in less than a day.

We would like to develop this topic in the near future based on this fascinating research. The most important insights are presented below.

Most of the respondents were from the United States but represented organizations worldwide. Most of them have been hacking ethically for at least ten years. Their experience includes membership in an organization’s security teams, consulting, bug bounty hunting, and freelance contract hacking. Respondents also came from a variety of areas of ethical hacking.

Source: report Think Like a Hacker: Inside the Minds and Methods of Modern Adversaries

The purpose of the survey was to gain insight into how attackers think, how fast they are, and what tools they use. Another result of the study was to obtain information useful for defenders who want to improve their security and improve defensive and offensive strategies.

What statistical data did the survey provide:

  • About 40% of hackers surveyed said they almost always could be able to break into the environment.
  • When asked how long it takes for them to discover an exploitable vulnerability that gives them access to the target organization’s environment, around 40% of respondents indicated that it takes them five hours or less, and almost 5% believe they can do it in less than an hour.
  • After finding a vulnerability, more than 58% said it could reach its target environment in five hours or less.
  • As for the attack surface, the most commonly identified threats include vulnerable configurations, vulnerable network services, and vulnerable software.

Source: report Think Like a Hacker: Inside the Minds and Methods of Modern Adversaries

  • After gaining initial access to the organization, more than half of respondents said it takes five hours or less to gain access to the target data or system through privilege escalation or sideloading. Nearly 64% can collect and extract data in five hours, and 16% say they can do it in less than an hour.
  • Almost 60% of respondents said they use open-source tools in “projects” and only 11% rely on commercial tools.
  • Many interviewees believed that most of the organizations they met did not have the ability to detect and respond to incidents, or to have the tools in place to identify and contain an attack.

The full report “Think Like a Hacker: Inside the Minds and Methods of Modern Adversaries” is available here.

Spread the word