How does hacking happen? East Anglian hacking expert on the 'cyber kill chain'
PUBLISHED: 13:00 03 July 2019 | UPDATED: 16:11 16 July 2019
When it was launched, the Ladies of Norwich Hacking Society was called "divisive" for specifically championing women in cyber.
But three months into the programme its members have conquered three of seven steps in the 'cyber kill chain' - the steps that trace the stages of a cyber hack.
Chapter lead Tash Hales talks us through each stage of the chain, and why it's so important for women to understand it.
Step one: Reconnaissance
Reconnaissance is the practise of gathering information about the person or organisation one is trying to hack - largely through platforms like social media.
Ms Hales was keen to kick off the program with a strong start, she said: "Each event has a guest speaker from the cyber industry, and then we follow a lab where I lead from the front and teach the technical skills against that stage of the chain. People come to just learn about cyber, learn technical skills to join the industry, or keep up to date and be part of the community."
The lecturer at City College Norwich continued: "I plan the sessions around the cyber kill chain because these are the seven steps that any hacker has to take to hack into your technology."
Step Two: Weaponisation
Ms Hales said: "For this stage we created - in the software of course - a weaponised PDF which would be sent in a phishing email to someone we were trying to hack.
"Initially when we set up it was quite divisive because of the gender thing, but we just call the men who come and join us our allies. It's a safe place for women to learn and ask questions with no judgement and like-minded women who want to learn together."
Step Three: Delivery
This month the group will be discussing penetration testing, and will be using a mock system to upload the PDF they created the month before.
"We'll be uploading the PDF we created in week two via the vulnerability we found in the first session," Ms Hales explained.
You may also want to watch:
Step Four: Exploitation
"This is where you begin to use whatever you've planted into the system," Ms Hales said.
This could be simply observing the goings on of the digital end of the business, or beginning to damage software.
It's words like this that tend to put women off cyber, said Ms Hales.
"Even the language is quite dramatic," she said. "It can sound quite intimidating so wanted to make the industry seem more accessible. In this environment we do get women putting their hands up and saying 'I simply don't understand' and I don't think they would in other environments."
Step Five: Installation
Instead of operating entirely through one loophole, this is where a hacker installs malware into the system to be able to observe it for a longer period of time.
"Again with words like malware it does sound quite technical," said Ms Hales. However, the tech-heavy language isn't the only thing putting women off joining the cyber industry.
"I think it's not all about language and it's more about role models and the fact there aren't a lot of women in the industry to approach.
"I look at increasing skills and the female percentage in cyber as a lecturer, and quite a lot of it goes back to this. It's not necessarily considered in young women's circles as a career that's suitable for women or they don't know anyone that makes it look exciting."
Step Six: Command and Control
This is where the hacker uses that malware to take over the system - either beginning to change it or even shutting it down.
"One of the things I've read is that young women want to work in 'tech for good'. If there is something to inspire them to help people they're more likely to look into a career," Ms Hales said.
"So when I'm talking to students or at these events it's always something I'm coming back to and talking to them about ethical hacking or the positive influence cyber awareness can have."
Step Seven: Actions and objectives
"This is carrying out and completeing your aim entirely," Ms Hales said. "That could be looking through your data. Here you might even restart the kill chain because the aim of the first stage was to get into the system in the first place."
The Ladies of Norwich Hacking Society meet on the third Thursday of every month. For further details visit their website.