Updated April 12, 2025
Attackers attempting to compromise an organization’s initial goal is to get initial access. Since every network is unique, the path hackers take will also be unique. Attackers and defenders must stay updated with the latest information and techniques to remain competitive in the constantly changing cyber-landscape. Although the specifics may vary with each network, the basic concepts remain the same, and there are usually two main ways of getting initial access: Technical Exploitation and Social Engineering.
Technical Exploitation
Technical Exploitation is when an attacker exploits either a severe misconfiguration in the network or poorly designed code. This type of exploitation is less common than Social Engineering but is far more dangerous since it often requires no user interaction. This covers a fairly wide umbrella of potential attacks, ranging from default credentials on an exposed device to complex attack chains to get through to the back end.
An example of an attack that arises from code flaws would be the recent vulnerability in Fortigate VPN panels, CVE-2023-27997. This vulnerability allowed for remote code execution on the affected devices. The vulnerability is said to be exploitable pre-authentication, making it an easy attack for a dedicated hacker. An official patch that remediates the vulnerability has been released, but it is still up to defenders to keep all software up to date to mitigate vulnerabilities such as this.
Weak or default credentials are also extremely prevalent. While not quite the same as exploiting code flaws, misconfigurations can often have the same impact. Staying on the theme of VPN exploits, a good example might be the credentials admin:admin working and allowing access to the internal network. Even if the device is fully patched with the latest security, this will give an attacker the same level of access as the more advanced exploit mentioned above. Blue Goat can help you identify dangerous attack paths that malicious hackers could exploit for initial access with our External and Web App Penetration Tests.
Social Engineering
Social Engineering is the most common way for attackers to get initial access. This involves manipulating employees of an organization to get them to disclose sensitive information that can aid an attacker. Bad guys will reach out to employees through email, phone, fake resumes, etc. with crafted messages, often posing as someone that they are not. The recent attack against MGM Resorts happened because of Social Engineering. The hacking group targeting them called the help desk posing as an employee with information that was found on the open internet. All they had to do was ask for the employee’s password to be reset and they were in.
No matter how secure the physical components of a network are, your organization can still be vulnerable to attack. Equally as important as keeping the network hardened is keeping employees well-trained and equipped to spot attacks. This should be done through Social Engineering simulations and regular training sessions on the dangers of phishing attacks.
Choosing a Target
Hackers rarely want to fight an uphill battle against extremely secure companies to try and gain access to their data. Almost always, the best target is the easiest one. The Fortigate example from earlier applies well here. When there is a major vulnerability such as that, and a hacking group knows how to perform the attack, they might seek out any exposed Fortigate panels that are below the patched version. This can be done with tools such as shodan.io that index any internet-connected device.
Social Engineering works similarly. If a bad guy is met with resistance when performing their campaign, they will likely move on to the next target. Having properly trained staff that quickly spot these attempts will go to great lengths in preventing phishing attacks from working. People can often be considered the weakest link in an organization, so keeping them well-trained is vital for security.
Stopping Attacks Before They Happen
Security is a complex topic, and much must be done to stay secure in the modern world. Unfortunately, there is no one-stop shop to meet all security needs and harden your organization from attack. At Blue Goat, we can work with you to find the best solutions to keep your company secure from cyber attacks. Contact us to find out more.
Hacking Initial Access FAQs
Initial access refers to the first foothold an attacker gains in a target network or system. It's the entry point from which they launch further exploitation, data theft, or lateral movement.
Without initial access, attackers can’t breach internal resources. Gaining access is the first step in the kill chain and often determines the success, scope, and stealth of the attack.
- Phishing emails
- Exploiting public-facing applications
- Credential stuffing/brute force
- Malicious USB devices
- Supply chain compromises
- Drive-by downloads or watering hole attacks
Attackers use phishing to trick users into clicking malicious links, opening infected attachments, or providing credentials. Successful phishing often results in malware installation or account compromise.
Unpatched or misconfigured systems expose vulnerabilities that attackers exploit remotely. Examples include zero-days, public CVEs, and outdated firmware—especially dangerous in IoT or embedded medical devices.
Yes. This is called a supply chain attack. Compromising a trusted vendor’s access or software allows attackers to pivot into the primary target's environment—often undetected.
Attackers use stolen, reused, or weak passwords to log in via VPNs, RDP, or cloud services. Breaches from one company often lead to credential leaks that affect others through credential reuse.
Malicious USB drives or SD cards can install malware when plugged into a device. These are common in targeted attacks against air-gapped or restricted environments like hospitals or industrial controls.
Absolutely. Attackers exploit insecure APIs, vulnerable mobile applications, or improper authentication logic to access cloud resources or backend infrastructure, often unnoticed.
We offer:
- Phishing simulations and awareness training
- Vulnerability assessments and pen testing
- Secure development support for APIs and mobile apps
- Zero Trust architecture planning
- Regulatory-aligned risk management for FDA, HIPAA, and NIST standards
