STI Network Awareness: Threat Landscape PDF

Summary

This document provides cybersecurity awareness tips, including best practices for handling phishing emails, disposing of sensitive information, and ethical online behavior. It also includes information about different types of hackers. The document is tailored towards a professional audience.

Full Transcript

IT1914

Threat Landscape
Network Awareness
Cybersecurity awareness promotes foundational understandings on cyber threats and risk, cyber hygiene, and
appropriate response options. It informs citizens on best practices and proactive measures when confronted
with cyber risks.
Nations should promote cyber awareness of cyber-related threats among the public, companies, and
government employees. To streamline and facilitate national cybersecurity awareness campaigns, a
worldwide repository can help increase in the number and quality of national cybersecurity awareness
campaigns. The repository should be continuously maintained and updated to reflect new technological
developments and insights.

Cybersecurity Awareness Tips
Phishing E-mails
o Never respond to requests for personal information via e-mail. Businesses will never ask for
personal information in an e-mail.
o Do not enter personal information in a pop-up screen.
o Do not click on any links listed in an e-mail message. Copy and paste the URL in the browser.
o Use anti-virus and anti-spyware software and update them regularly.
Dispose of Information Properly.
o Destroy/Shred hard copy confidential documents that contain personal information such as
social security numbers, credit card numbers, bank account numbers, and health records.
o Ensure you are using the right tools when destroying and disposing of personal information
or media storage from your computer and mobile devices.
Ethics – Be a good cyber citizen.
o Do not engage in inappropriate conduct such as cyberbullying, cyberstalking, or rude and
offensive behavior.
o Do not do something in cyberspace that you would consider wrong or illegal in everyday life.
o Adhere to copyright restrictions when downloading material from the Internet.
o Do not use someone else’s password or other identifying information.
Lock the computer when you leave.
o It takes only a few seconds to secure the computer and help protect it from unauthorized
access. Lock the computer every time there is a need to leave the desk.
o Set up a screensaver that will lock the computer after a pre-set amount of time and will require
a password to log back in.
o If the computer is used by more than one (1) person, create individual accounts with unique
login and passwords for each user.
Protect data on mobile devices.
o Password protect the portable device.
o Make sure all critical information is backed up.
o Disable Bluetooth when not required.
o Make sure the firewall and anti-virus are up to date.
o Store the portable devices securely.
o Record identifying information, such as the serial number, and label the equipment if possible.
o Report loss or theft to the appropriate authorities as soon as possible.

05 Handout 1 *Property of STI
 [email protected] Page 1 of 5
 IT1914

Ten Simple Measures That Will Help Individuals and Companies Protect Online Security
Frequently change your default passwords for each of your accounts. Change password at least once
a year to keep your personal information safe.
Use multifactor authentication to confirm your identity when you log into your accounts.
Use a firewall to block unauthorized access to computers and devices.
Be sure to keep the operating system, browser, and other software up to date with security patches
to minimize threats from viruses and malware.
Limit what you do over public Wi-Fi and use software that creates a secure connection over the
Internet, such as a Virtual Private Network, to connect safely from anywhere.
Practice safe surfing and shopping. Check site addresses that start with “https” instead of just “http”.
Enable privacy settings and increase the default security settings of the software you use.
Be selective when sharing personal information as this could be used by hackers to guess passwords
and logins.
Do not download pirated software as it is not only illegal, but almost always includes some malware.
Back up your data to an external hard drive or the cloud as this is the easiest way to recover from a
ransomware attack.

Classification of Hackers
Hackers can be classified into different categories based on their intent of hacking a system. These different
terms come from old Spaghetti Westerns where the bad guy wears a black cowboy hat, and the good guy
wears a white.
White Hat Hackers – These are also known as “ethical hackers.” They never intend to harm a system;
rather, they try to find out weaknesses in a computer or a network system as a part of penetration
testing and vulnerability assessments. Ethical hacking is not illegal and is one of the demanding jobs
available in the IT industry. Numerous companies hire ethical hackers for penetration testing and
vulnerability assessments.
Black Hat Hackers – also known as “crackers,” these hackers hack to gain unauthorized access to a
system and harm its operations or steam sensitive information. Black hat hacking is always illegal
because of its bad intent, which includes stealing corporate data, violating privacy, damaging the
system, blocking network communication, etc.
Gray Hat Hackers – These are a blend of both black and white hackers. They act without malicious
intent; but for their fun, they exploit a security weakness in a computer system or network without
the owner’s permission or knowledge. They intend to bring the weakness to the attention of the
owners and get appreciation or a little bounty from the owners. Note. Gray or Grey hackers are the
same.
Miscellaneous Hackers
Apart from the above well-known classes of hackers, there are other categories of hackers based on
what they hack and how they do it. These are the following:
o Red Hat Hacker is a blend of both black hat and white hat hackers. They are usually on the
level of hacking government agencies, top-secret information hubs, and generally anything
that falls under the category of sensitive information.
o Blue Hat Hacker is someone outside computer security consulting firms who are used to bug-
test a system before its launch. They look for loopholes that can be exploited and try to close
these gaps. Microsoft uses the term “BlueHat” to represent a series of security briefing events.
o Elite Hacker is a social status among hackers, which is used to describe the most skilled hacker.

05 Handout 1 *Property of STI
 [email protected] Page 2 of 5
 IT1914

o Script Kiddie is a non-expert who breaks into computer systems by using pre-packaged
automated tools written by others usually with little understanding of the underlying concept,
hence the term “kiddie.”
o Neophyte, “n00b,” “Newbie,” or “Green Hat Hacker” is someone who is new to hacking or
phreaking and has almost no knowledge or experience of the workings of technology and
hacking.
o Hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or
political message. In general, most hacktivism involves website defacement or denial-of-
service attacks.

Hacking Skills
As an ethical hacker, there is a need to understand various hacking techniques, which are as follows:
Password guessing and cracking Denial-of-service attacks
Session hijacking Exploiting buffer overflow vulnerabilities
Session spoofing Structured Query Language (SQL) injection
Network traffic sniffing

Basic Skills
Computer hacking is a science as well as an art. One needs to put a lot of effort to acquire knowledge and
become an expert hacker. Once on track, one needs more effort to be up-to-date with the latest technologies,
new vulnerabilities, and exploitation techniques.
An ethical hacker must be a computer systems expert and needs to have very strong programming
and computer networking skills.
An ethical hacker needs to have a lot of patience, persistence, and perseverance to try again and again
and wait for the required result.
The ethical hacker should be smart enough to understand the situation and other users’ mindset to
apply social engineering exploits.
A good ethical hacker has great problem-solving skills too.

Methods of Cybersecurity Attack
Adware − It is a software designed to force pre-chosen ads to display on a system.
Attack − It is an action that is done on a system to get its access and extract sensitive data.
Back Door – Also known as “trap door,” this is a hidden entry to a computing device or software that
bypasses security measures, such as logins and password protections.
Bot − It is a program that automates an action so that it can be done repeatedly at a much higher rate
for a more sustained period than a human operator could. For example, sending HTTP, FTP, or Telnet
at a higher rate or calling script to create objects at a higher rate. A botnet, also known as a “zombie
army,” is a group of computers controlled without their owners’ knowledge. Botnets are used to send
spam or make denial-of-service attacks.
Brute Force Attack − It is an automated and the simplest kind of method to gain access to a system
or website. It tries a different combination of usernames and passwords over and over until it gets in.
Buffer Overflow − This is a flaw that occurs when more data is written to a block of memory or buffer
than the buffer is allocated to hold.
Clone Phishing − It is the modification of an existing, legitimate e-mail with a false link to trick the
recipient into providing personal information.
Cracker – S/He modifies the software to access the features which are considered undesirable by the
person cracking the software, especially copy protection features.

05 Handout 1 *Property of STI
 [email protected] Page 3 of 5
 IT1914

Denial-of-Service Attack (DoS) – It is a malicious attempt to make a server or a network resource
unavailable to users usually by temporarily interrupting or suspending the services of a host
connected to the Internet or DDoS (distributed denial-of-service attack).
Exploit Kit − It is a software system designed to run on Web servers to identify software vulnerabilities
in client machines communicating with it and exploiting discovered vulnerabilities to upload and
execute malicious code on the client.
Exploit − It is a piece of software, a chunk of data, or a sequence of commands that takes advantage
of a bug or vulnerability to compromise the security of a computer or network system.
Firewall − It is a filter designed to keep unwanted intruders outside a computer system or network
while allowing safe communication between systems and users on the inside of the firewall.
Keystroke Logging − This is the process of tracking the keys which are pressed on a computer (and
which touchscreen points are used). It is simply the map of a computer/human interface. It is used by
gray and black hat hackers to record login IDs and passwords. Keyloggers are usually secreted onto a
device using a Trojan delivered by a phishing e-mail.
Logic Bomb – It is a virus secreted into a system that triggers a malicious action when certain
conditions are met. The most common version of this is the time bomb.
Malware − It is an umbrella term used to refer to a variety of forms of hostile or intrusive software,
including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and
other malicious programs.
Master Program − This is the program a black hat hacker uses to transmit commands remotely to
infected zombie drones, normally to carry out DoS attacks or spam attacks.
Phishing − It is an e-mail fraud method in which the perpetrator sends out legitimate-looking e-mails
in an attempt to gather personal and financial information from recipients.
Phreakers − These are considered as the original computer hackers. They are those who break into
the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.
Rootkit − This is a stealthy type of software, typically malicious, designed to hide the existence of
certain processes or programs from normal methods of detection and enable continued privileged
access to a computer.
Shrink Wrap Code − This is an act of exploiting holes in unpatched or poorly configured software.
Social Engineering − This implies deceiving someone to acquire sensitive and personal information
like credit card details or usernames and passwords.
Spam − It is simply an unsolicited e-mail, also known as “junk e-mail,” sent to a large number of
recipients without their consent.
Spoofing − It is a technique used to gain unauthorized access to computers where the intruder sends
messages to a computer with an IP address indicating that the message is coming from a trusted host.
Spyware − This is a software that aims to gather information about a person or organization without
their knowledge and may send such information to another entity without the consumer’s consent,
or that asserts control over a computer without the consumer’s knowledge.
SQL Injection − This is an SQL code injection technique used for attacking data-driven applications, in
which malicious SQL statements are inserted into an entry field for execution (e.g., to dump the
database contents to the attacker).
Threat – It is a possible danger that can exploit an existing bug or vulnerability to compromise the
security of a computer or network system.
Trojan – (also Trojan horse) It is a malicious program disguised to look like a valid program, making it
difficult to distinguish from programs that are supposed to be there, which is designed to destroy
files, alter information, or steal passwords and other information.

05 Handout 1 *Property of STI
 [email protected] Page 4 of 5
 IT1914

Virus − It is a malicious program or a piece of code which is capable of copying itself and typically has
a detrimental effect, such as corrupting the system or destroying data.
Vulnerability − This is a weakness that allows a hacker to compromise the security of a computer or
network system.
Worms − It is a self-replicating virus that does not alter files but resides in active memory and
duplicates itself.
Cross-site Scripting (XSS) − This is a type of computer security vulnerability typically found in Web
applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.
Zombie Drone − It is defined as a hi-jacked computer that is being used anonymously as a soldier or
‘drone’ for malicious activity, for example, distributing unwanted spam e-mails.

Phases of Cybersecurity Attack
Six (6) phases of cybersecurity attack:
1. Reconnaissance – This is the phase where the attacker gathers information about a target using active
or passive means. The tools that are widely used in this process are Google Dorks and Maltego.
2. Scanning – In this process, the attacker begins to probe a target machine or network actively for
vulnerabilities that can be exploited. The tools used in this process are Nessus or Nexpose.
3. Gaining Access – In this process, the vulnerability is located. The attacker attempts to exploit it to
enter into the system. The primary tool that is used in the process is Metasploit.
4. Maintaining Access – This is the process where the hacker has already gained access to a system.
After gaining access, the hacker installs some backdoors to enter into the system when s/he needs
access to this owned system in the future. Metasploit is the preferred tool in this process.
5. Clearing Tracks – This process is an unethical activity. It has to do with the deletion of logs of all the
activities that take place during the hacking process.
6. Reporting – This is the last step in finishing the ethical hacking process. Here, the ethical hacker
compiles a report with his/her findings and the job that was done, such as the tools used, the success
rate, vulnerabilities found, and exploit processes.

References:
Top Hat Staff. (2018, May 27). 6 interactive classroom activities for college students [Web log post]. Retrieved from
https://tophat.com/blog/interactive-classroom-activities/ on May 10, 2019
Basta, R., (2013, October 15). White and black hat SEO in 2013 [Web log post]. Retrieved from https://fourdots.com/blog/white-black-hat-seo-2013-
1065 on May 10, 2019
Cyber Security Awareness. (n.d.). In Global Forum on Cyber Expertise. Retrieved from https://www.thegfce.com/good-practices/cyber-security-
awareness on May 7, 2019
Cyber Security Awareness Tips. (n.d.). In IT Services. Retrieved from https://it.nmu.edu/docs/cyber-security-awareness-tips on May 7, 2019
Kim, D. & Solomon M. (2018). Fundamentals of information systems security (3rd ed.). Massachusets: Jones & Bartlett Learning
Kostopoulus, G.K. (2018). Cyberspace and Cybersecurity (2nd ed.). Boca Raton, FL: Taylor and Francis Group
Ethical Hacking – Hacker Types. (n.d.). In TutorialsPoint. Retrieved from
https://www.tutorialspoint.com/ethical_hacking/ethical_hacking_hacker_types.htm on May 8, 2019
Panda Security Mediacenter. (2018, October 10) Ten useful tips for online security in Cybersecurity Awareness Month. Retrieved from
https://www.pandasecurity.com/mediacenter/security/tips-cybersecurity-awareness-month/ on May 7, 2019
What is the difference between black, white, and grey hat hackers? (n.d). In Norton™. Retrieved from https://us.norton.com/internetsecurity-
emerging-threats-what-is-the-difference-between-black-white-and-grey-hat-hackers.html on May 10, 2019

05 Handout 1 *Property of STI
 [email protected] Page 5 of 5