Think like a hacker to better protect your network. This is oft-repeated advice from many cybersecurity pundits. But what exactly does it mean to think like a hacker?
It’s easy to say that it means to think the way an attacker does, but how do you know what cybercriminals really have in mind? Someone who has limited knowledge about cybersecurity will be practically clueless as to how the hacker mindset works. New business owners who do not even have any idea what digital transformation is will find it a tall order putting themselves in the shoes of hackers.
A good way to answer the question is to think along with the following ideas.
Plan for an attack
Thinking like a hacker does not necessarily mean having the skills and experiences of a hacker. It is about understanding their flow of thought when they plan an attack. With mere common sense, it should not be difficult to come up with questions such as the following:
- Which organizations could I attack with the best success rates?
- What are the vulnerabilities that are likely to have remained unpatched?
- What attack strategies should I employ?
- What are the weaknesses of an organization and how can I take advantage of them to succeed with my attacks?
- When is the best time to attack?
- Can an attack be combined with other attacks for more favorable outcomes?
Security experts who conduct breach and attack simulations (BAS) can easily answer all of these queries and more. BAS mimics instances of possible attacks that may hit the cyber defenses of an organization. Introduced by Gartner, breach and attack simulation enable organizations to simulate the full attack cycle in a consistent and continuous manner. It covers not only external attacks but also insider threats, data exfiltration, and lateral movements.
Gartner Research recommends the use of BAS tools in organizations’ security testing programs. “Breach and attack simulation tools help make security postures more consistent and automated,” Gartner notes. With BAS, organizations can achieve expanded security visibility, a better understanding of the weaknesses in their systems, and the heads up to anticipate possible attacks and plug the identified vulnerabilities.
Not having your own cyber threat intelligence gathering and analysis system is not an excuse to be incapable of accessing useful information about threats and the best security posture practices. Many neophyte hackers who operate solitarily manage to launch successful attacks by leveraging readily available tools and resources.
Kevin Mitnick, who is now a noted computer security consultant, started as a teenage hacker. He managed to infiltrate the North American Defense Command (NORAD) in a security incident that became the basis for the 1983 film War Games.
“Garbage can provide important details for hackers: names, telephone numbers, a company’s internal jargon,” Mitnick once said. Becoming a successful hacker requires resourcefulness and ingenuity. There will always be something useful to find if you exert some effort.
Things are even better for cybersecurity at present because of the strengthening cooperation among institutional and individual security experts around the world. Initiatives like the MITRE ATT&CK framework provide authoritative updates on the latest cyber threats identified globally. Additionally, it provides convenient profiling of various threats to facilitate detection, remediation, and prevention.
There are many resources to help organizations handle cyber threats better. However, they will not be handed to you on a silver platter. You need to find and digest them carefully to determine their best use cases.
Learn to be excessively cautious
Hackers are inherently cautious–several times more than what standard prudence entails. They know their attacks can backfire on them, so they need to be extra careful in hiding their tracks. They are doing something illegal, so they have to be careful as they are facing off with multiple “adversaries” in the process. At the same time, because of the multiple layers of security organizations tend to put in place, hackers have to design ways to make the different stages of their attacks undetectable for them to breach security controls.
The TV or movie depiction of hackers as chaotic in their physical things but intellectually organized is not far from reality. In “A Portrait of J. Random Hacker,” typical hackers are described as people who “tend to be careful and orderly in their intellectual lives and chaotic elsewhere.”
Extreme caution may lead to some degree of paranoia, but it has its advantages. After all, security defenses are much easier to break than to maintain. A tiny crack can lead to a total crumble.
Embrace out of the box thinking
Hackers are not fond of rules. They do what they think will get the results they want. They go against conventions and traditions to find the solution to the problems they encounter. This kind of mindset is useful in establishing cyber defenses.
Adhering to established security standards is often not enough. Compliance is essentially about avoiding liabilities that may arise from the lack or insufficiency of security measures. In many ways, it can help secure organizations, but it does not always mean dependable security.
Compliance can create a false sense of security, says data protection specialist Monique Magalhaes. “Compliance does not always consider all changes down the line. It may not look at changes in systems or data assets or things that you did not account for at the time of your compliance audit but have now become evident,” Magalhaes explains
While it can be argued that being too cautious can be costly, losing to a cyber attack is way costlier. According to Valuates Reports, the cybersecurity market will be worth $267.4 billion by 2025. However, a separate study projects that cybercrime will cost companies $10.5 trillion annually by 2025. That’s a massive difference between the cost of installing defenses and paying for the consequences of attacks.
Evolve with the threats
In the current cybersecurity landscape, the idea that nothing is impossible couldn’t ring any truer. With threats constantly evolving and attacks becoming more sophisticated, no security posture remains effective forever. One creative and aggressive attack is bound to emerge and defeat existing defenses eventually.
It is a must to keep up with the evolution of threats and attacks. If you are not sure how to do it, work with the experts to undertake attack simulations. Also, take advantage of global cyber threat intelligence to prepare for the most recent possible attacks. Just like hackers who always make sure they don’t leave tracks that can compromise them, always expect the worst.
Cyber attacks are worse than contagious diseases or pandemics. They have creative minds that facilitate their evolution to nullify cyber defenses. At the very least, you need to understand the mind of abominable perpetrators behind these attacks.