In the past several years, the list of companies whose internal systems have been hacked has grown
rapidly. It now includes such high-profile businesses as Target, JPMorgan Chase, Home Depot, Sony Pictures, Ashley Madison, and Yahoo. No industry appears to be safe from attacks. Unfortunately, the authors say, investment in security measures is only part of the answer; traditional methodologies can only do so much. To be effective, managers in charge of cybersecurity need to adjust their mindsets and become as open and adaptive as possible.
In this article, the authors present a framework drawn from the knowledge and opinions of experts, including interviews with more than 20 experienced hackers. As the authors explain, hackers have two different mindsets depending on the stage of the attack: explorative and exploitative. An exploration mindset used in the early stages of an attack combines deliberate and intuitive thinking and relies on intensive experimentation. Once access to a system is gained, hackers adopt an exploitation mindset. An attack typically involves four steps:
Step 1: Identifying Vulnerabilities If hackers think your company is worth attacking, they will examine it thoroughly for weaknesses, surveying the network information, organizational information, and security policies. Companies can protect themselves by adopting an iterative and adaptive process and making a point of conducting a high-level “footprint” of their systems on a regular basis. They should also make sure that employees are well informed on policies regarding sharing of information.
Step 2: Scanning and Testing After a hacker has broken into your network, weaknesses in the applications running on those systems could become avenues for further unauthorized access. To protect your company, examine your network and identify potential weaknesses.
Step 3: Gaining Access Hackers often play on both sophisticated technical knowledge and social skills to breach company security. Companies need to consider how a hacker could gain access to their systems.
Step 4: Maintaining Access Hackers try to retain their “ownership” of the system and access for future attacks. Organizations need to remain vigilant for suspicious activity in system logs and to ensure that monitoring systems are always up to date.
“Cybersecurity is a game of cat and mouse in which the cat always makes the first move,” the authors write. The more you can think like a hacker, the better able you will be to protect your company.