Most common cyber hacking tools revealed

Monday, 15 October, 2018

The most common categories of hacking tools have been revealed by a new cybersecurity report.

The report, written by international cybersecurity authorities, highlights the use of five publicly available hacking tools and techniques observed in recent cyber incidents around the world.

It is a collaborative research effort by the cybersecurity authorities of five nations: Australia, Canada, New Zealand, the UK and USA.

“Reports like this demonstrate our ability to pull together cybersecurity experts from across the globe, to give people a better understanding of what’s out there and how they can better defend their networks,” said Alastair MacGibbon, Head of the Australian Cyber Security Centre.

“Tools and techniques for exploiting networks and the data they hold are by no means limited for use by nation states or criminals on the dark web.

“Hacking tools that provide a variety of functions are widely and freely available for use by everyone from skilled penetration testers, state actors and organised criminals, through to amateur hackers,” he said.

The tools detailed in this report are utilised after a system has been compromised to enable an actor to further their objectives within a network.

Experience from the authors shows that while cyber actors continue to develop their capabilities, they are not abandoning common or established Tools, Techniques and Procedures (TTPs).

Even more sophisticated groups will use publicly available tools and take advantage of basic security flaws to achieve their objectives.

“These tools continue to be used to compromise information across a wide range of critical sectors, including health, finance, government and defence,” MacGibbon said.

“The tools mentioned in this report have been widely observed as having continued negative impact, which can be mitigated if good security practices are followed.”

The report provides tangible and practical advice to enable cybersecurity practitioners to improve their cybersecurity posture.

Read the report here.

Image credit: ©iStockphoto.com/Yunus Arakon

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.