Surely everyone knows the scene of hacker attacks from NCIS already. Working in a dimly lit digital forensics lab, Abby Sciuto (Pauley Perrette) and Timothy McGee (Sean Murray) must fight a cybercriminal who steals information about their investigation.
Do you think real-life hackers all “fight” with each other in the above way? In this article, I will decipher it for you.
The Battle of Hackers in the Real World
Those scenes are misrepresentations of attacks in the cinematic world. Where hacking into remote computer systems happens in an instant, accompanied by a bunch of meaningless green text and randomly pop-up windows.
The actual attacks are much less dramatic. Hackers and security testers (Pentesters) take the time to understand the target system. They try to figure out the network topology, as well as the software and equipment being used. Then they’ll figure out how they can exploit those.
Forget the NCIS video above. Cybersecurity teams focus on defense by ensuring all systems are secure and functioning correctly. If a Hacker is somehow able to penetrate the external defenses, IPS (Intrusion Prevention System) and IDS (Intrusion Detection System) will automatically intervene to limit the damage.
These systems are automated because very few attacks are targeted at a specific target. Rather, hackers are by nature opportunists. Anyone can configure the server to detect vulnerabilities in the internet, and organize attacks according to pre-existing scripts. There are many such servers that exist around the world, so it is completely impossible to handle each issue manually.
Most human involvement comes in the moments after the outer defenses are broken. At this point, they will try to find the point where the hacker attacked the system and close it so that the hacker can’t use it again. Incident response teams will also try to gauge the damage, how it was fixed, and whether there are any security issues that need to be addressed.
Capture the Flag (CTF)
However, hackers sometimes perform attacks in real time, often because of a difficult situation where the tool is no longer able to perform the attack on its own.
I’m talking about Capture the Flag (CTF) competitions. These contest things usually take place at infosec conferences, like various BSides events. There, the Hackers compete with each other to complete the challenge within a certain amount of time. The more challenges they win, the more points they get.
There are two types of CTF contests. The first type is the Red Team, (Hackers or a group of them) that attempt to successfully penetrate specified systems that do not have active defenses. The protection form of the system will be introduced by the organizers before the competition.
The second type of competition is between the attacking Red Team and the defending Blue Team (Red team, what is Blue Team?). The Red Team scores points by successfully penetrating the target system, while the Blue Team is rated on how effective it is at deflecting these attacks.
There are also challenges that vary between events, but they are often designed to test skills security professionals use every day such as programming, exploiting known vulnerabilities in systems, and decompiling. .
Although CTF events are quite competitive. But Hackers, by nature, are eager to learn and also tend to readily share their knowledge with others. So it’s not uncommon for the opposing team or the audience to share information that could help the opponent.
Remote CTF competitions
Due to COVID-19, all in-person security conferences for 2020 have been canceled or postponed. However, people can still participate in the CTF event while observing social distancing regulations.
Sites like CTFTime will aggregate upcoming CTF events. As you would expect at a live event, many of these events will be very competitive. CTFTime even displays the rankings of the most successful teams.
If you want to wait until things stabilize again, you can also take part in the solo hack challenges. The Root-Me website offers a variety of challenges that test the limits of hackers.
Another option, if you don’t mind creating an attack environment on your personal computer, is the Damn Vulnerable Web Application (DVWA). This web application is intentionally filled with security flaws, allowing hackers to safely and legally test their skills.
And that’s all you need to know about the war between hackers. Also, if you want to improve your hacking skills then you can read this article.