Security Risks and Security Testing
Hardware, software, and networks are created by humans and hence error prone. No human is perfect and any entity created by a human is always subject to arguments and flaws. Perfect security is merely a dream.
Servers, clients, smart phones, routers, switches, gateways, VPNs, VSATs, satellites and the like are nothing but pieces of hardware and software that allow individuals to share data and interconnect. With these technologies, we have created global systems which have broken traditional barriers and provided us a lot of conveniences.
(Role Playing by: RineshB, SushamaK, SulekhaB, PrakritJ, LavaK, AshishS, PrativaS, ShrijanaT, PratikK; Concept by: PramodR)
However, unfortunately, our society also comprises of frustrated professionals, resourceful enemies, and persistent stalkers who roam around the technological peripheries – patiently trying to break our systems. These guys have skills and knowledge similar to that of many of us but, in addition, they have an evil or mischievous intention. And, these guys are not functioning just as individuals or isolated groups but are going global and becoming increasingly powerful. Cyber warfare is something we can expect to hear more often in the days to come.
There are many ways of penetrating operating systems, software applications, services, and networks, but, here, I have listed down only some important risks we need to proactively watch out for:
- Injection: There are many types of injection but, in summary, it is a method of inserting special patterns of characters and expressions into an application to manipulate data or takeover hosts.
- Cross Site Scripting (XSS): XSS is a technique of using specially-crafted scripts or web pages to hijack user sessions, insert hostile content, or steal secret data from end users.
- Brute-Forcing: As the term implies, brute-forcing is to forcefully enter a system or decrypt encrypted data by using an exhaustive key search. Dictionary attack is a similar technique but which uses a pre-determined list of values.
- DNS Cache Poisoning: It is done to masquerade actual DNS records and falsely re-route users of a website to another site of the attacker's choosing.
- Session Hijacking: This means to hijack end users’ current session status to gain unauthorized access to information or services in a system.
- Session Poisoning: This term signifies the notion that wrong status is conveyed to the server so that an attacker can exploit sessions and even introduce malicious scripts to the server environment.
We can find many materials dispersed on the web about security testing but there are no concrete and fixed techniques to conduct it because ‘creativity’ is the key word in security testing. Even the best of the best techniques might fail to break the security perimeter of a system while some of the simplest techniques might be successful in breaching that same security perimeter. Nevertheless, one can find useful resources on security testing from initiatives like The Open Web Application Security Project. (https://www.owasp.org/)
We need to exercise caution while performing security tests and should not try to gain access to unauthorized data without explicit permission from the highest level of authority to conduct security testing on a test environment. Also, we should not view, use, and disseminate unauthorized data even if the data has been unintentionally exposed to you, due to some software defect. Such exposure must be reported immediately to concerned authorities so that corrective actions can be taken without delay.
It must also be stressed that security is something that needs to be considered right from the beginning of architectural design of software and not just in the form of security testing prior to a software release.
Finally, security testing is a rigorous job and it is never complete. It is a continuous process that necessitates embracing new ideas and new technologies. Ethical hacking is evolving and so is security testing.