The basement-dwelling teenager poring over lines of scrolling code as he rips through the security of a government or corporate server is a popular trope in Hollywood movies. Although this widespread image of the hacker isn’t accurate, the threat of cyberattacks against government networks is very much a real-world concern.
In order to be more prepared for cybersecurity breaches, agencies should consider a comprehensive penetration test – ethical hacking with the goal of attacking or bypassing the established security mechanisms of an agency’s systems, and using the same tactics as a malicious intruder.
Penetration testing can be conducted by way of a cyberattack or by exploiting a physical vulnerability of an organization.
After gaining access to a system, the penetration testers will report back with detailed information about what vulnerabilities were exploited, how they were able to breach the system, what level of data was accessed and how to prevent future exploitation. The following is a compilation of the six most common vulnerabilities found during penetration tests: