business Cyber Month Update: What is an Ethical Hacker? October 18, 2022 The number of connected devices has skyrocketed since the start of the pandemic, and with employees working all across the country—the potential for destructive cyber breaches has never been greater. How can ethical hackers help? We explore here. It’s Cybersecurity Awareness Month, and that means we’re here to share tips to help you prevent, detect and respond to cyberattacks. Many organizations have benefited from “ethical hackers” who help expose vulnerabilities in a business’ system. How does an ethical hack work? Read on. What is an ethical hacker? “Hacker” is a broad term and it doesn’t always refer to “black hat” hackers – the people that infiltrate computer systems intending to steal or destroy data. There are also “white hat” or “ethical” hackers – security experts that deploy the same kinds of techniques on behalf of companies to identify security gaps and strengthen their defenses. Meet two Ethical Hackers In a popular webinar hosted by Envision Technology Advisors and KLR, we introduced our audience to two leading ethical hackers, Manny Lobao and Emilio Teixeira. Throughout the hour-long conversation, Manny and Emilio shared real-life instances of security gaps they discovered by mirroring the same steps that “black hat” hackers use: Reconnaissance- The first step any hacker takes is to create a profile of the target business. Who are they? What industry are they in?Weaponization & Delivery- Once a hacker has gained enough intel about their target, they formulate a game plan. The goal is to penetrate the first layer of defense without detection, using the path of least resistance. In some cases, that’s done with a phishing email. Exploitation & Installation- When a hacker gains entry, their next job is to install software to help them establish a foothold.Command & Control- Once a hacker has installed the necessary software, they work to gain control over the entire network, piece by piece. Execution- How easily can the ethical hackers move laterally and gain new access? Where are the most valuable assets, the “crown jewels”? If an ethical hacker can get read/write access to your most important data, then a malicious actor can do the same! Check out Envision Technology Advisors’ latest blog What do "White Hat" Ethical Hackers do? for more on each of these steps. Don’t forget to register for our new webinar on October 20th, 2022 to find out more about incident response from an ethical hacker's point of view.