How to test your cyber security systems and the best tools to use

2.) Carry out a port scan before a cyber criminal does

The first step in many cyber attacks is a procedure known as a port scan. This involves probing your charity’s firewall- which is designed to keep cyber criminals out - to see if it has any holes in which a cyber criminal can take advantage of to get in to your network. These holes are known as ports.

 

Some ports are meant to be left open by your firewall, for example to allow email, web page or other digital data into your network. But ports that have been left open inadvertently are a needless risk.

 

An easy way to find out if any ports have been left open unnecessarily is to use a service like ShieldsUp. This carries out a port scan, which means that it probes your firewall and reports which ports, if any are open.

 

Recommended action:

Visit ShieldsUp using a web browser, review the security notices on the site and then click proceed.  Then click on "Common Ports" for a quick scan of commonly used ports, or "All Service Ports" for a more comprehensive scan.

 

It is important to remember that some ports are likely meant to be open, but once you have the results of a port scan you can check online or consult an IT expert to see if any are open unnecessarily. Your charity’s firewall can then be reconfigured to close any unneeded ports.

 

 

 

3.) Do network reconnaissance

If a cyber criminal manages to get in to your network, then the first thing they are likely to do is carry out network reconnaissance. This means trying to establish what computer systems are on your network, what operating systems they are running, and what their network addresses are. This allows them to try to work out which systems to target to find databases and other troves of valuable digital information.

 

A useful cyber security tool you can use to carry out reconnaissance of your own network is Zenmap. It is fairly easy to use, and it can list all the machines it finds with details about the software each one is running.

 

At a very basic level, Zenmap could help you find any computers on your network that you may not be aware of – for example a laptop owned by a staff member – which is running Windows 7. Since Windows 7 no longer receives security updates from Microsoft it represents a security risk which could be exploited by a cyber criminal who came across it on your network.

 

 

Recommended action:

Download Zenmap

Read the Zenmap User’s Guide and carry out a scan

 

4.) Scan for vulnerabilities

One of the most common reasons for a charity to fall victim to a cyber attack is because it is running software which is insecure since it contains a known vulnerability which cyber criminals can easily exploit. Software updates usually fix known vulnerabilities, so cyber criminals can only exploit a known vulnerability from the moment it becomes known until the moment that the software update is installed. That’s why it is essential to update all your software as promptly as possible.

 

An easy way to find out if your charity has overlooked any security fixes is to run a vulnerability scanner. This type of cyber security tool searches your network for any computers running many different types of software with known vulnerabilities and alerts you to any that it finds.

 

Good commercial security scanners include Tenable Nessus, Qualys Vulnerability Management, and Rapid7 InsightVM, and vulnerability scans should be carried out regularly and especially whenever new software is installed or significant changes are made to your IT infrastructure.

 

 

Recommended action:

Try out Tenable Nessus free for 7 days by registering for a trial licence

 

 

 

5.) Detect unauthorized Wi-Fi access points

All it takes is a staff member to plug a Wi-Fi access point into your network – perhaps so that they can connect their smartphone to the internet – and your charity’s cyber security systems are seriously undermined. That’s because a so-called "rogue access point" can make it easy for cyber criminals to get on to your network without having to find a way in through your firewall.

 

The best cyber security tool for detecting rogue access points, called a Wi-Fi stumbler, scans the airwaves and reports any access points it detects, including ones which are configured to be hidden.

 

 

Recommended action:

Download a Wi-Fi stumbler such as  NetSpot, Wi-Fi Scanner, or InSSIDer onto a laptop and walk around your offices to check if it detects any rogue access points. It is also sensible to ensure that all staff are aware of the security risks that installing their own Wi-Fi access point could pose.

 

 

 

6.) Carry out penetration tests

Perhaps the very best way to test your cyber security systems is to carry out a penetration test, which involves attempting to launch a "friendly" cyber security attack on your own network to see if you can breach the defences, or if your cyber security systems can detect and prevent it.

 

Professional penetration testers can carry out the most effective tests on your network, but these tend to be expensive. Another option for charities is to carry out regular automated penetration tests using penetration testing tools such as Rapid7 Metasploit or Immunity Canvas.

 

These cyber security tools can be used to scan a network for vulnerabilities, match them with known tricks or "exploits" that cyber criminals use, and break in to computer systems where possible -completely automatically. They then generate a report.

 

This report allows you to see which of your computer systems may have vulnerabilities. More importantly, it also shows you which ones can easily be exploited by cyber criminals, and which ones may be safe from those attacks despite vulnerabilities because your cyber-security systems protect them effectively. This then allows you to prioritise which vulnerabilities need to be fixed first.

 

It is worth remembering that an automated penetration test, while convenient and low cost, is not as effective as using a skilled human penetration tester.

 

 

Recommended action:

Try Metasploit free

 

 

 

7.) Run a bug bounty program

As an alternative to hiring penetration testers, you could also consider getting a company to manage a "bug bounty" program on your behalf. Specialist companies such as BugCrowd or Hackerone recruit security researchers, former hackers and even students, all who are security checked first, to attempt to break into your computers and evade your cyber security systems.

 

The way that a bug bounty program works is that you specify a fixed bounty or prize fund, and anyone discovering a security flaw reports it to the company managing the program. Once the security flaw has been verified by that company’s security experts, it awards a prize to the finder, and provide details to you so that you can get it fixed.

 

 

Recommended action:

Talk to a bug bounty company about the feasibility of running a bug bounty program for your computer setup.