Cybersecurity Ventures estimates that cybercrime costs will reach $6 trillion every year by 2021. In a research study drawing thousands of security incidents, researchers found that the primary malware delivery mode is through email, which accounts for 94%. Also, the common vulnerabilities and exploits (CVE) database contains at least 11,000 identified vulnerabilities, with the number rising rapidly. Of these, 34% remain unpatched.
However, a study showing that 60% of data breaches involve unpatched vulnerabilities indicates that most attacks occur despite patch availability. Moreover, Dell conducted a survey that revealed that a silicon- or hardware-level security breach resulted in the data compromise of 63% of the participating companies. With the IoT surface expanding rapidly, companies should brace for increased attacks, since 2019 saw IoT attacks triple.
What is Penetration testing?
Companies turn to penetration testing to protect themselves from attacks. Penetration testing is a simulated attack on a network or computer system to identify exploitable vulnerabilities. The process enables the mitigation of security flaws to protect systems, networks, and data from attacks. WhiteHat Security involved 118 companies in penetration testing research and drew the following conclusions:
| Companies that do penetration testing annually | Companies that don’t do penetration testing | |
|---|---|---|
| Monitoring | Reactive monitoring | Proactive monitoring |
| Average security vulnerabilities | 10 | 22 |
| Average time for detecting vulnerabilities | 292 days | 431 days |
| Average time for mitigating vulnerabilities | 168 days | 149 days |
There are numerous tools used to perform a penetration testing exercise. They include:
1. Kali Linux OS: Pentesters use Kali as the base pen-testing OS for offensive use. The OS contains most of the tools used for specialized pen testing and, therefore, the default testing OS.
2. Nmap: It is a network mapping tool for detecting open network ports and the activities on the ports. It is indispensable for the recon phase and used to scan networks for large and small organizations.
3. Metasploit: It is one of the most used pen testing tools for establishing exploitable vulnerabilities and the impacts of an attack.
4. Burp: It is a top-rated web vulnerability scanner used by pen-testers and found in numerous testing toolkits.
5. Others: The pen-testing kit features several other tools like Nessus, Fiddler, Wireshark, Aircrack-ng, John the Ripper, Hydra, and OWASP ZAP.
Types of Vulnerabilities Detected Through Penetration Testing
A wide range of companies operates networks and systems with multiple attack vectors that security teams discover through penetration testing. In some cases, ethical hackers succeed in obtaining full control of an organization’s IT infrastructure and critical resources such as SWIFT transfers, ATM control, and ICS equipment. Some of the security issues discovered in penetration testing include use of insecure information transfer protocols, dictionary passwords, vulnerable applications and software versions, storage of confidential data in clear text or exposed to the public, lack of proper user access control, remote code execution, lack of adequate user authentication, and SQL injection. Web application code vulnerabilities are a common problem that causes 75 percent of penetration vectors.
However, penetration testers face ethical challenges when performing tests. They include accessing sensitive personal information, which might violate regulations, such as GDPR and HIPAA. Morality issues also arise when pen testers use malware acquired from external sources to attack a client’s systems and networks.
