Domicilium - Putting Offshore Business Online

 

 

 

 

 

 

 

 

Press Release
 


Ethical Hacking – “think like a thief to catch a thief”

PRESS RELEASE – April 2006

The Isle of Man Branch of the British Computer Society recently hosted a successful presentation on Ethical Hacking.

The presentation given by Tony Cawte, a Security Consultant for local Internet Service Provider, Domicilium, transported attendees into the mind of an intruder encouraging them to think outside of the box - think like a hacker.

Tony, with over 13 years of IT experience, gave a fascinating insight into how an attacker researches their targets and he demonstrated some of the tools they use. This gave everyone a sharp wake-up call as it highlighted the incredible lengths that attackers will go to achieve their goals.

He stressed that the typical perception of an intruder is of a lonely, sinister person sitting in a darkened room taping away at their computer but the reality is somewhat different. He went on to advise that there is actually a variety of “types” of attacker - from the well-known “hacker” who is driven by the actual workings of operating systems, enjoys discovering holes in system and shares their discoveries without intentionally doing damage. Whilst, on the other hand there is the “cracker” who attacks with a view to violate systems integrities.

One increasingly area preyed upon is the human aspect, termed social engineering, whereby organisation’s employees are unknowingly targeted. Tony stressed that all staff need to be educated to be wary of giving away privileged information. Recognised accreditation ISO 17799 can go some way to ensuring that controls over information security in businesses, from physical security such as the front door, the cupboards in which information is kept through to electronic data, are in place.

Whilst it is easy to claim that “no one would bother hacking our company” the truth is you are still susceptible even if the actual gain would be of not apparent value. So the moral of the story is to look at your organisations security model and ensure that you have thought of all the angles - think like a thief to catch a thief.

Tony holds the Certified Ethical Hacker (CEH) certification from The International Council of Electronic Commerce.

Return to news index