Raul Calcamo

UWRT 1104
Justin Cary
12/06/2016
Cyber Security
Cyber security is the ability to control access to a system, network, and information.
Threats to cyber security might take different shapes, therefore it is important for any country,
company, organization, and individual to be aware of how their information might be endangered
and learn to protect it. In order to make this paper easier to understand, I will start by comparing
cyber security to the security of a house, since this is a very popular example used in the field. A
house has many possible access points such as windows, a chimney and, of course, a front door.
Any of those access points could be used by a thief to enter the house and steal at any time. It is
the owners responsibility to establish the necessary security measures to keep his or her property
safe. The world of cyber security works in a similar manner.
In that comparison, the thief is a reference to those professionals that have a deep
understanding of computing and carry penetration tests, finding the vulnerabilities, or open doors,
of a system. These professionals are commonly known as hackers. Dr, Engebretson classifies
hackers within two categories: black hat and white hat hackers. On one hand, White hat
hackers are professionals hired to perform penetration testing and provide evidence of
vulnerability and potential threats. Their objective is not to use the knowledge gained through the
test to extort or benefit in some way from the vulnerabilities found, but to help keep the system
and information protected and secure. On the other hand, black hat hackers are those who
perform similar, if not the same, operations as white hat hackers without the explicit consent of

the owner of the system, with the objective of extorting or benefiting in some other way of the
compromised system and the information within.
First of all, it is important to understand how penetration tests are performed and what steps
these professionals take in order to test the vulnerability of a system or network, find possible ways
to endanger the information, and, ultimately, even take complete control of the system. According
to Dr, Patrick Engebretson, most penetration tests are conducted within 5 well-differentiated steps.
Note that too much detail wont be given as to how each step is performed, since it takes years of
practice, learning, and experience to fully understand the processes undergoing in most of the steps.
The first step in any penetration test is known as reconnaissance. During reconnaissance,
information on the target is gathered, and all the preparations needed to perform the penetration
test are made. The more you prepare for a task, the more likely you are to succeed (The basics
of hacking and penetration testing: ethical hacking and penetration testing made easy 21). There
are several techniques used during this step; on one hand, theres those that dont require an
advanced understanding of computing such as google hacking, which consists in gathering
information of the target by performing hard to track google searches, or social engineering,
which consists on manipulating unsuspecting employees into revealing information. On the other
hand, there are those that do require some more technical skills, like HTTracking, a deep
exploration of the targets website in order to find exploitable links or information leaks.
Regardless of the techniques used it is vital that, by the end of this step, there is a good
understanding of the target and a collection of Internet Protocol (IP) addresses of interest. Going
back to the house comparison, this is where the thief gathers all the information on the house, such
as maps, schedules, neighbors, number of floors, entrances, etc. and carefully plans his future
actions.

The second step, according to Dr. Engebretson, is called Scanning. In this step, the IP
addresses gathered during reconnaissance are mapped to open ports and services. This consists of
two different parts; port scanning and vulnerability scanning. Port scanning is the search or scan
for open ports in the targets system. Most networks, including most internet connections, perform
a similar task in order to allow communication between systems. Vulnerability scanning is the
further interrogation of the active ports that hackers perform to find vulnerabilities of the system
and network. Dr, Engebretson estates that hackers will usually split scanning into 4 separate steps:
determining whether the system is alive or not, identifying all open ports and running services,
since every one of them is a possible door into the system; further interrogating the findings in
order to create a map of the network, and scanning for exploitable vulnerabilities using custom or
premade tools such as Nessus. Referring to the house comparison, during this step the thief is
looking for any open or unlocked door he could use to enter the house.
The step that follows after scanning and finding the targets vulnerabilities is known as
Exploitation. This is the process that most people associate with hacking, since it is where attacks
on systems and networks, such as password cracking, are conducted. In a few words, quoting Dr.
Engebretson; Exploitation is the process of gaining control over a system (79). This is
accomplished through the use of exploits, which are realizations of a vulnerability of a system.
More experienced hackers will make use of custom made exploits, while those new to penetration
testing will rely on generic exploitation tools such as metasploits. It is important to take into
account that exploitation is the broadest step in penetration testing due to the large arrangement of
tools, options, and activities that may take place in it, just like thieves have a many different ways
of operating once theyve figured out how to get into a house depending on what risks theyre
willing to take and what theyre trying to find in there.

Contrary to popular belief, penetration testing does not end at exploitation; there are still
two final steps that any competent hacker, will perform before disconnecting from the system they
just exploited. In The basics of hacking and Penetration testing, Dr. Engebretson groups these
steps in a single, more complex step he calls post exploitation. The first part of post exploitation
is known as maintaining access. Just as it sounds, this steps consists in performing the necessary
procedures to be able to access the system or the desired information from it in an easy manner at
any given time, since exploits will only work as long as the service is still operational. Going back
to the house example, this step would be similar to making your own backdoor key; a gate you can
easily make use of any time you want. Note that a white hat hacker will usually be asked
specifically not to perform this step, since future attacker could possibly find and make use of this
backdoor with a malicious intent. Once this step has been completed, the final task for a hacker to
perform is simply known as hiding. In this final part of the post exploitation step, the hacker will
attempt to erase all possible evidence of his or her actions in the system, in a similar way as to how
a thief might attempt to take any evidence with them before leaving the house. Dr. Engebretson
considers this to be one of the most complicated steps, and it is barely talked about in The basics
of hacking and penetration testing: ethical hacking and penetration testing made easy (92), since
it requires a much deeper general understanding.
Recall that at the beginning of the paper I mentioned that cyber security threats may take
many shapes. Companies and organizations are not the only ones who should care about protecting
information; everyone is responsible for protecting their own personal information. Just patching
vulnerabilities and performing penetration tests is not enough to ensure safety; information
management also plays a big role in cyber security. Usually, companies, governments, and other
organizations will create a cyber security policy in order to ensure that information is managed in

appropriate ways by the designated people. According to Bayuk and Wile, a cyber security policy
is the ability of a company, institution, government, or individual to control access to systems,
networks, and the information within them (10). A cyber security policy needs to be defined with
very specific goals in mind: it has to estate how to prevent, detect and respond to possible attacks;
establish routines for operators to follow in order to keep technology working at optimal
performance while also ensuring the authorization, authenticity and precision of information to
protect it from threats such as social engineering. All of these goals must be accomplished while
also reaching the maximum possible productivity. A company could secure every single word
document and spread sheet behind an encrypted password that only trustworthy employees have
access to, but because of that restriction access to information becomes very tedious and time
consuming for employees, resulting in a huge loss of productivity.
As mentioned previously, each company, institution, and government establishes its own
cyber security policy. Therefore, there might be huge differences in the application of rules and
regulations regarding information access and privacy. According to Bayuk and Wiley, companies
and institutions must also take into account the governments cyber security policy, and create
their own based on it. Certain actions regarding information privacy and security might be
considered offensive by the USAs cyber security policy, but not by Chinas; therefore companies
will have to adapt their policies to the country theyre in.
As individuals, we must also implement our own personal cyber security policy if we want
to keep our information safe. However, it doesnt have to be as strict as that of a company or a
government, simply taking measures such as having long passwords with multiple characters,
having multiple passwords, watching what kind of information we post online, or not having
different passwords are good steps to take when implementing our personal cyber security policy.

After all, it wouldnt be very wise to use the same key to open both the front door and the safe,
while also keeping a copy of that key under the plant pot.
In conclusion, cyber security is one of the most important aspects of todays world.
Understanding how penetration tests are carried from reconnaissance to hiding is important for
both those who just want to keep their information protected and those who want to make cyber
security their professional career, such as myself. However, there is much more that should be
taken into account regarding information security; knowing about penetration testing and is just
the first step to take for companies, governments, and individuals at the time of establishing and
implementing a cyber security policy to keep their information and systems safe. While it is true
that white hat hackers work very hard to make sure vulnerabilities are discovered and patched
before a black hat hacker can take advantage of them, ultimately everyone is responsible for
keeping information from falling into the wrong hands.
Citations
Engebretson, Pat.The Basics of Hacking and Penetration Testing. Syngress, an imprent of
Elsevier, 2013
Bayuk, Jennifer, and John Wiley & Sons. Cyber Seecurity Policy Guidebook. Hoboken, 2012