The latest mobile business innovations have also allowed consumers to carry out transactions such as buying goods and apps over wireless networks, redeeming coupons and tickets, banking, and other services from their mobile phones.
5. www.infosectrain.com | sales@infosectrain.com
We will discuss the seventh domain of CEH, which is ‘Mobile platform, IoT, and OT
hacking.’
Mobile platform hacking
There was an era when people could not come out of their rooms if they were sending
some important emails because the computers were not movable. Then came laptops,
by which people had the privilege of moving to different locations while working. Yet, it
is not so comfortable because laptops can seem like extra baggage while we are
traveling. But now, Mobiles have replaced laptops and computers because we can
easily send emails, navigate GPS, and browse the Internet with just a 500 grams or less
weighing small device. Hence, people are widely using mobiles and storing all their
personal and professional information in them.
The latest mobile business innovations have also allowed consumers to carry out
transactions such as buying goods and apps over wireless networks, redeeming
coupons and tickets, banking, and other services from their mobile phones.
As we are storing a lot of information on our mobile devices, hackers are targeting
mobile devices. So organizations are also hiring ethical hackers to make sure there are
no vulnerabilities in their products.
6. www.infosectrain.com | sales@infosectrain.com
The top threats to mobile platforms
Insecure data storage:
People usually accept all the cookies without checking the cookie policy
of that particular website, which may lead to cyber-attacks.
Being careless while storing data without any security measures can
attract hackers and threats.
Errors in cryptography:
Hacking may happen if there are any errors in cryptographic algorithms.
If there is poor key management, then there is enormous scope for
hacking.
7. www.infosectrain.com | sales@infosectrain.com
IoT (Internet of Things) hacking
IoT devices are hardware devices in which software, sensors, processing
ability, and other technologies are installed. These devices can connect
and exchange data over the Internet and any other communication
network.
A few examples of IoT devices are:
Wearable health monitors like smartwatches
Smart home security systems
Smart factory equipment
Biometric scanners
Autonomous farming equipment
8. www.infosectrain.com | sales@infosectrain.com
Hacking IoT devices can be remarkably effective because if these devices are
hacked, the outcome may cripple our systems, infrastructure, and our lifestyle.
Hence, utmost security must be maintained to protect these devices.
Organizations are taking a lot of time and effort to test these IoT devices to
ensure there are no vulnerabilities.
Ethical hackers are using pretty new tools to hack IoT devices, and the tools are:
9. www.infosectrain.com | sales@infosectrain.com
Wireshark: Wireshark is an open-source, free packet analyzer that enables you to
capture and analyze network traffic in real-time. With the assistance of this tool,
we can spy on our targets very easily.
If you and your targets are on the same network, then spying on them is very
simple. You just have to open the Wireshark tool and do some configuration
settings, and that’s it. You can keep an eye on your target.
Fiddler: Fiddler allows you to step through network traffic between the Internet
and test computers to debug web applications. Through the tool, you can
examine incoming and outgoing data, so you can monitor and modify requests
and responses before the browser receives them.
Nmap: Hackers can use Nmap to gain access to uncontrolled ports on a system.
To hack into a targeted system, all a hacker needs to do is run Nmap on it, look
for vulnerabilities, and exploit them.
10. www.infosectrain.com | sales@infosectrain.com
Operational Technology Hacking
Operational Technology (OT) is hardware and software used to detect or alter physical
devices, processes, and events through direct monitoring and/or control. In Industrial
Control Systems (ICS), OT is widespread, for example, with the SCADA(Supervisory
Control and Data Acquisition) system. OT may be used to manage electricity plants or
public transit in the field of critical infrastructure. The demand for OT security is
growing dramatically as these technologies progress and converge on networked
technology.
However, cybercriminals have typically been interested in stealing data, but they have
recently begun focusing more on OT networks, realizing the potential for disruption due
to inadequate OT security. This has led to the emergence of sophisticated and
destructive attacks specific to the operational technology sector.
OT organizations are aware of this danger. Recently, the SANS Institute surveyed OT
security professionals who said the risk is at critical levels. According to the 2016 State
of Operational Technology Report, nearly 74% of OT organizations experienced malware
intrusions in the past 12 months, resulting in damaged productivity, revenue, brand
trust, intellectual property, and physical security.
11. www.infosectrain.com | sales@infosectrain.com
Want to know more about mobile platforms, IoT, and OT hacking? Join
InfosecTrain
CEH with InfosecTrain
InfosecTrain is one of the leading training providers with a pocket-friendly
budget. We invite you to join us for an unforgettable journey with industry
experts to gain a better understanding of the Certified Ethical Hacker
course can be taken as live instructor-led sessions or as self-paced courses,
allowing you to complete your training journey at your convenience.
12. About InfosecTrain
• Established in 2016, we are one of the finest
Security and Technology Training and
Consulting company
• Wide range of professional training programs,
certifications & consulting services in the IT
and Cyber Security domain
• High-quality technical services, certifications
or customized training programs curated with
professionals of over 15 years of combined
experience in the domain
www.infosectrain.com | sales@infosectrain.com
14. Why InfosecTrain Global Learning Partners
Flexible modes
of Training
Tailor Made
Training
Post training
completion
Certified and
Experienced Instructors
Access to the
recorded
sessions
www.infosectrain.com | sales@infosectrain.com
17. Contact us
Get your workforce reskilled
by our certified and
experienced instructors!
IND: 1800-843-7890 (Toll Free) / US: +1 657-221-1127 /
UK : +44 7451 208413
sales@infosectrain.com
www.infosectrain.com