We are the good guys

Technology
Radar Cyber Security’s Ethical Hackers are hired by customers to analyze computer systems or networks to find security vulnerabilities and inadequate security measures that could be exploited. This is done to reduce or eliminate potential threats to businesses. Ethical hackers help identify potential threats before they are exploited by potential attackers. We talked to one of our experts, David Schwaiger, BSc., about Ethical Hacking, IoT, EU-GDPR and cyber security.

“We are the good guys”, an ethical hacker says

What does an Ethical Hacker do?

As white hats or ethical hackers, we are the good guys and help companies improve their security by thinking and working like real attackers. During working hours, I analyze company applications and systems for vulnerabilities, misconfigurations or logical errors. For this purpose, various tools are used, which vary depending on the target. As soon as you have a foot in the door, you try to get as far as possible (and agreed) into the respective system to find internal documents, databases, personal information etc. After completion, the client will receive a complete report on the assessment. In my spare time, I search for and find serious security gaps in various applications, which I immediately draw the attention of the respective operator and developer to by means of “Responsible Disclosure”.

Why and how did you learn how to hack?

Hacking has inspired me since my early youth. Based on the book “The Hacker’s Black Book” I tried to copy the hacks described in it and to infect the family computer with various programs. During and beside my education, first at the University of Salzburg and then at the FH St. Pölten, I expanded my knowledge with a lot of Ethical Hacking. Since then I have learned a lot about computers, programs and hardware in my private and professional life. The right mindset plays an important role. I have developed this over the years. I have always been interested in hacking because it is something that not many people can do and it is not “normal” work. Being a good hacker is very demanding and it takes a long time to get there. It’s the challenge to find bugs and adapt quickly to new environments. These and more requirements, as well as the excellent demand for professional hackers like me, make this job special.

What is the strangest thing you know that has ever been hacked?

The way into the system can be quite unusual thanks to IoT. Once, for example, a smart aquarium was used to download the database of a casino. The device was online to operate and monitor it over the Internet. The attackers downloaded several gigabytes of information from the internal database.

What are the most common means of ethical hacking? What is your favorite tool?

There are a number of standard tools. Many people use a dedicated vulnerability scanner, such as Nessus, Nexpose, etc., and a port scanner such as nmap. Proxies are used to better analyze web applications. The tool I most appreciate is the proxy named Burp Suite. The program offers all the functions you need to successfully complete a wide range of jobs. Often Burp is sufficient to find and exploit vulnerabilities. If not, results can be exported and often exploited with other tools.

What would you recommend to companies in order to avoid becoming a victim of a cyber attack?

It is very important to keep all your (internal and external) systems up to date. Strong passwords, two-factor authentication and vendor security recommendations are the basis for keeping your environments secure. Strict mail gateway rules such as removing all macros from Office files help to protect companies against phishing emails. What helps in the long run is to train employees thoroughly in cyber security issues.To see whether the measures taken are effective or whether there are still any loopholes in the security system, companies should have penetration tests and social engineering attacks carried out on their systems and employees. Pentests performed by specialists acting like real hackers are the best way to check the protective measures in place in a controlled environment.

How do you assess the security status of European companies or the general cyber security status in the EU?

European companies are now better placed in terms of data protection. The EU GDPR has ensured that companies have greatly improved the security of their customer data. In general, systems, websites and applications are much more secure than a few years ago. In the meantime, companies have realized that hacking attacks pose a real threat, can hit any company and are expensive. Of course, there are still many systems that can be exploited without much effort, but there are signs of a significant improvement.

Is American software or hardware secure? Do we need more European solutions to improve cyber security?

American companies are not exactly known for their data protection. If you use devices or software from America in Europe, it is often questionable which and how much data leaves the network more or less secretly and is stored on servers at the other end of the world. As long as there is no change in American data protection and the data collection frenzy of the secret services, it is definitely better to rely on purely European solutions.

What should people consider to be safe and secure online?

Keeping your own systems up to date should be a top priority. A browser with built-in security measures such as Brave, Opera or Chrome and Firefox with Adblocker add-on, such as uBlock Origin, will also provide protection. Programs should generally only be installed from secure sources, such as the websites of manufacturers and trusted third parties. Email phishing has been the most common hack for years. That’s why e-mails should always be read carefully, starting with the sender, through to the subject and the sentence structure. Do not execute unexpected email attachments such as Office files with macros, no matter what the document requires. Attached zip files secured with a password attached to the email usually contain infected files that the email gateway are not supposed to see.Always be skeptical of your online counterpart and question their intentions.