At ITWeb Security Summit in Cape Town, ethical hacker Glenn Wilkinson illustrated a fictional hack to show how real-world cyber breaches play out.
Meet Jane Hacker. As her name suggests, Jane is a hacker, and she’s about to break into a new South AfricanThis fictional bank is called Bueno Bank.
When Jane reads about Bueno Bank’s new app, she sees an entry point. She starts by opening a Bueno Bank account and then downloads the app.support and gets a response from Rachel, a Beuno Bank employee. Jane does some digging to learn more about Rachel and finds out where she lives, where she studied, who she works for and who her colleagues are. Armed with this information, Jane “accidentally” sends a fake e-mail to Rachel from one of her superiors.
The e-mail appears to have been sent to Rachel in error, but it contains information about redundancies in her department, which Jane hopes will pique Rachel’s interest. Rachel opens a seemingly innocent Word document and, just like that, Jane is in. From here, she can start poking around Rachel’s computer before moving laterally across the organisation to look for sensitive and confidential information.
Jane, Rachel and this entire scenario are fictional, created by Glenn Wilkinson, an ethical hacker and CEO and co-founder of Agger Labs. Drawing on his experience working in the cyber security and ethical hacking space, he put together this fictional sequence of events to showcase just how easy it is for hackers to find the information they need.
“I have spent my life breaking into systems. I would love to tell you some war stories, but what I can do is create a fictional story to showcase what is happening in the real world.
“In this case, Jane sent an e-mail with information that she knew would catch Rachel’s attention. She hid a macro code in a seemingly harmless Word document and then used this code to access Rachel’s PC,” he explained. He noted that while the tech is getting more and more sophisticated, hackers will still target people because this remains the easiest way to get in.
“Why try to break down the front door when I can just trick someone into opening up the door? ” What Jane Hacker did may seem quite clever, but the level of sophistication Wilkinson sees in his day-to-day far exceeds this.
For example, ransomware-as-a-service attacks industrialise cyber crime by enabling someone to go on the dark web, join an affiliate programme, pay $100, and instantly obtain a copy of ransomware software.
“You don’t need to build anything yourself; you just deploy the ransomware, and when the victim pays, you get 30%, and the creators of the ransomware get the rest. ” These groups will run all the infrastructure in the background and, much like a legitimate software-as-a-service business, RaaS operations even offer support to their affiliates, including features like live dashboards, so that hackers can more effectively manage infections and track payments.
Additionally, initial access brokers are cyber criminals who infiltrate corporate networks and then sell this unauthorised entry on to other malicious actors, he said. Rather than carrying out attacks themselves, IABs are essentially the "middlemen" of the cyber crime economy. While there’s no silver bullet to mitigate cyber risks, Wilkinson explained that several products make his life as an ethical hacker a little more difficult.
Some examples of these solutions include canary tokens, exposure management platforms and HR management tools.
“When it comes to cyber security, the challenge may seem massive, but by making even small changes, you really can be the hero of your organisation and prevent the Janes of the world from accessing information they shouldn’t. ”
Glenn Wilkinson Ethical Hacker Agger Labs
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Why fault-tolerant infrastructure matters at ITWeb Security Summit 2026Penguin Solutions will attend the summit as a co-exhibitor with Cyberrey, presenting its fault-tolerant computing platforms, Stratus ztC Endurance and Stratus ztC Edge.
Read more »
NETSCOUT to take part in ITWeb Security Summit 2026 as platinum sponsorSA experienced the most complex distributed denial of service attack recorded in the region in the second half of 2025, according to NETSCOUT’s most recent Threat Intelligence Report.
Read more »
RSA premieres next-generation identity security solutions at ITWeb Security Summit 2026The enhancements can help organisations go passwordless, surpass compliance requirements and meet cyber security and data sovereignty requirements.
Read more »
CompTIA helps aspiring cyber security professionals grow their talents at ITWeb Security Summit 2026 HackathonDr James Stanger is advising and mentoring hackathon teams who will take part in the ITWeb Security Summit Hackathon on 2-3 June in Johannesburg.
Read more »