When Saudi journalist Jamal Khashoggi died, Riyadh denied any knowledge of the death until the Turks produced recordings of the incident.
Without those recordings, he would have simply vanished and that would have been the end of the story.
You will be pleased to know that this article is not a moral judgement of the Saudis.
Morality is best left in the capable hands of The Pope.
What You Need to Know
What interests me and what you might want to pay attention to is how the Turks were able to obtain evidence.
The Turks planted a recording device in the Saudi consulate and the Saudis were unaware of it.
Planting listening device is the most rudimentary form of spying.
How could the Saudis have allowed themselves to be caught out by that?
They were able to hack into Kashoggi’s phone and monitor his chat messages, how did they miss something as simple as a listening device planted in their consulate?
The reality is, Saudi Arabia is not unique.
Hackers Are Already in Your Network
Forensic evidence after the biggest cyber attacks, whether it’s Marriot or Sony, revealed that hackers had planted malicious software in their network for months, sometime years.
This is the reason it is critical every organisation conduct periodic penetration testing.
Except in cases where a hacker is bent on causing mischief, the majority of hackers hack a network in search of value.
Extracting the values they desire requires hackers to follow certain process.
They gain access into the network, escalate their privilege, plant malicious software, create backdoor etcetera.
All of those steps take time.
Therefore, by having a penetration tester conducting periodic penetration testing of your system, chances are, they will discover the malicious software before the hacker has the chance to strike.
Penetration testing is not a luxury. Every organisation that has any value is a target for hacking.
Therefore, taking proactive measures like periodic penetration testing of your network will prevent you from falling victim like the Saudis.