Laporan Praktikum Keamanan Siber

LAPORAN PRAKTIKUM KEAMANAN SIBER
TUGAS 1
Mata Kuliah :
TIK3072C Praktikum Keamanan Siber
Sherwin Reinaldo U Aldo Sompie ST, MT
Xaverius B.N. Najoan ST, MT
Dibuat oleh :
I Gede Arie Yogantara Subrata 19021106005

Ruth L. Watimena 19021106014
Tesalonika Kondoy 19021106016
Program Studi Teknik Informatika

Jurusan Teknik Elektro
Fakultas Teknik
Universitas Sam Ratulangi
Manado
2022
Lab – Installing the CyberOps Workstation Virtual Machine
Objectives
Part 1: Prepare a Personal Computer for Virtualization
Part 2: Import a Virtual Machine into VirtualBox Inventory
Background / Scenario
Computing power and resources have increased tremendously over the last 10 years. A benefit of having
multicore processors and large amounts of RAM is the ability to use virtualization. With virtualization, one or
more virtual computers operate inside one physical computer. Virtual computers that run within physical
computers are called virtual machines. Virtual machines are often called guests, and physical computers are
often called hosts. Anyone with a modern computer and operating system can run virtual machines.
A virtual machine image file has been created for you to install on your computer. In this lab, you will
download and import this image file using a desktop virtualization application, such as VirtualBox.
Required Resources
 Computer with a minimum of 2 GB of RAM and 8 GB of free disk space
 High speed Internet access to download Oracle VirtualBox and the virtual machine image file
Part 1: Prepare a Host Computer for Virtualization

In Part 1, you will download and install desktop virtualization software, and also download an image file that
can be used to complete labs throughout the course. For this lab, the virtual machine is running Linux.
Step 1: Download and install VirtualBox.

VMware Player and Oracle VirtualBox are two virtualization programs that you can download and install to
support the image file. In this lab, you will use VirtualBox.
a. Navigate to http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html.
 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 20 www.netacad.com
Lab - Installing the CyberOps Workstation Virtual Machine
b. Choose and download the appropriate installation file for your operating system.
c. When you have downloaded the VirtualBox installation file, run the installer and accept the default
installation settings.
Step 2: Download the Virtual Machine image file.

The image file was created in accordance with the Open Virtualization Format (OVF). OVF is an open
standard for packaging and distributing virtual appliances. An OVF package has several files placed into one
directory. This directory is then distributed as an OVA package. This package contains all of the OVF files
necessary for the deployment of the virtual machine. The virtual machine used in this lab was exported in
accordance with the OVF standard.
Part 2: Import the Virtual Machine into the VirtualBox Inventory

In Part 2, you will import the virtual machine image into VirtualBox and start the virtual machine.
Step 1: Import the virtual machine file into VirtualBox.

a. Open VirtualBox. Click File > Import Appliance... to import the virtual machine image.
b. A new window will appear. Specify the location of the .OVA file and click Next.
c. A new window will appear presenting the settings suggested in the OVA archive. Check the "Reinitialize
the MAC address of all network cards" box at bottom of the window. Leave all other settings as default.
Click Import.
d. When the import process is complete, you will see the new Virtual Machine added to the VirtualBox
inventory in the left panel. The virtual machine is now ready to use.
Step 2: Start the virtual machine and log in.

a. Select the CyberOps Workstation virtual machine.
b. Click the green arrow Start button at the top portion of the VirtualBox application window. If you get the
following dialog box, click Change Network Settings and set your Bridged Adapter. Click the dropdown
list next the Name and choose your network adapter (will vary for each computer).
c. Click OK. A new window will appear, and the virtual machine boot process will start.
d. When the boot process is complete, the virtual machine will ask for a username and password. Use the
following credentials to log into the virtual machine:
Username: analyst
Password: cyberops
You will be presented with a desktop environment: there is a launcher bar at the bottom, icons on the
desktop, and an application menu at the top.
Step 3: Familiarize yourself with the Virtual Machine.

The virtual machine you just installed can be used to complete many of the labs in this course. Familiarize
yourself with the icons in the list below:
The launcher bar icons are (from left to right):
 Show the desktop
 Terminal application
 File manager application
 Web browser application (Firefox)
 File search tool
 Current user's home directory
All course related applications are located under Applications Menu > CyberOPs.
a. List the applications in the CyberOPs menu.
IDLE, SciTe, Wireshark.
b. Open the Terminal Emulator application. Type ip address at the prompt to determine the IP address of
your virtual machine.
What are the IP addresses assigned to your virtual machine?
c. Locate and launch the web browser application. Can you navigate to your favorite search engine?
Step 4: Shut down the VMs.

When you are done with the VM, you can save the state of VM for future use or shut down the VM.
Closing the VM using GUI:
From the Virtual Box File menu, choose Close...
Click the Save the machine state radio button and click OK. The next time you start the virtual machine,
you will be able to resume working in the operating system in its current state.
The other two options are:
Send the shutdown signal: simulates pressing the power button on a physical computer
Power off the machine: simulates pulling the plug on a physical computer
Closing the VM using CLI:
To shut down the VM using the command line, you can use the menu options inside the VM or enter
sudo shutdown -h now command in a terminal window and provide the password cyberops when
prompted.
Rebooting the VM:
If you want to reboot the VM, you can use the menu options inside the VM or enter sudo reboot
command in a terminal and provide the password cyberops when prompted.
Note: You can use the web browser in this virtual machine to research security issues. By using the virtual
machine, you may prevent malware from being installed on your computer.
Reflection
What are the advantages and disadvantages of using a virtual machine?
Kelebihan :
 Efisien & fleksibel — dalam satu device, pemakai bisa memanfaatkan berbagai macam operating system
untuk kebutuhan yang berbeda-beda.
 Maintenance yang mudah — berbeda dengan komputer fisik, software virtual machine lebih mudah untuk
dikelola. Selain itu, VM juga mempunyai biaya perawatan yang lebih murah.
 Kinerja yang hebat — memberdayakan pemakai guna mencapai tujuan akhir mereka dengan kinerja serta
kualitas yang bisa melampaui sistem computing konvensional.
Kekurangan :
- VM ini bisa membuat virtualisasi sistem yang terbilang kompleks dan cukup banyak memakan lokasi
hardware di komputer utama.
- Selain itu juga memakan ruang penyimpanan data virtual yang lumayan besar dan mengambil sebagian
fungsi prosesor dan RAM.
Lab - Cybersecurity Case Studies

Objectives
Research and analyze cyber security incidents
Governments, businesses, and individual users are increasingly the targets of cyberattacks and experts
predict that these attacks are likely to increase in the future. Cybersecurity education is a top international
priority as high-profile cyber-security related incidents raise the fear that attacks could threaten the global
economy. The Center for Strategic and International Studies estimates that the cost of cybercrime to the
global economy is more than $400 billion annually and in the United State alone as many as 3000 companies
had their systems compromised in 2013. In this lab you will study four high profile cyberattacks and be
prepared to discuss the who, what, why and how of each attack.
Required Resources
 PC or mobile device with Internet access
Conduct search of high profile cyberattacks.

Using your favorite search engine conduct a search for each of the cyberattacks listed below. Your
search will likely turn up multiple results ranging from news articles to technical articles.
Home Depot Security Breach
Target Credit Card Breach
The Stuxnet Virus
Sony Pictures Entertainment Hack
Note: You can use the web browser in virtual machine installed in a previous lab to research the hack. By
using the virtual machine, you may prevent malware from being installed on your computer.
Read the articles found from your search in step 1a and be prepared to discuss and share your research
on the who, what, when, where, and why of each attack.
The Stuxnet Virus

Select one of the high-profile cyberattacks from step 1a and write an analysis of the attack that includes
answers to the questions below.
a. Who were the victims of the attacks?
Sebuah studi tentang penyebaran Stuxnet oleh teknologi perusahaan AS Symnatec menunjukkan bahwa
negara-negara yang terkena dampak utama pada 6 Agustus adalah Iran dengan 62.867 komputer yang
terinfeksi, Indonesia dengan 13.336, India dengan 6.552, Amerika Serikat dengan 2913, Australia dengan
2.436, Inggris dengan 1.038, Malaysia dengann 1.013 dan Pakistan dengan 993.
b. What technologies and tools were used in the attack?

Stuxnet memiliki kemampuan khusus untuk menggunakan rootkit teknologi. Dengan memanfaatkan fitur
tersebut worm ini mampu menyembunyikan diri agar tidak terlihat oleh sistem Windows. Misalnya pada
aplikasi monitoring task manager.
Stuxnet adalah worm multi-bagian yang berjalan di stik USB dan menyebar melalui komputer Microsoft
Windows. Virus mencari tanda-tanda perangkat lunak Siemens Step 7 pada setiap PC yang terinfeksi,
yang digunakan oleh komputer industri sebagai PLC untuk mengotomatisasi dan memantau peralatan
elektro-mekanis.
c. When did the attack happen within the network?

Stuxnet merupakan cacing komputer (worm) yang diketahui keberadaannya di bulan Juli 2010 oleh
perusahaan keamanan asal Belarus.
d. What systems were targeted?

Cacing ini awalnya menyebar secara membabi buta, tetapi memuat muatan perangkat perusak yang
sangat khusus yang dirancang hanya mengincar sistem Kontrol Pengawas Dan Akuisisi Data Siemens
(SCADA, Siemens Supervisory Control And Data Acquisition) yang diatur untuk mengendalikan dan
memantau proses industri tertentu. Stuxnet menginfeksi PLC dengan mengubah aplikasi perangkat
lunak Step-7 yang digunakan untuk memprogram ulang perangkat tersebut.
e. What was the motivation of the attackers in this case? What did they hope to achieve?
Pihak Barat mengkhawatirkan bahwa tujuan utama Iran adalah membangun senjata nuklir. Sementara Iran
selalu mengatakan tujuan program itu benar-benar untuk menghasilkan energi untuk kepentingan
damai.Stuxnet dirancang untuk menyerang kelemahan sistem pada peralatan buatan Siemens yang
digunakan untuk mengatur pasokan air, anjungan pengeboran minyak dan pembangkit tenaga listrik.
f. What was the outcome of the attack? (stolen data, ransom, system damage, etc.)
Varian yang berbeda dari Stuxnet miliki target lima organisasi Iran, kemungkinan target luas diduga adalah
infrastruktur pengayaan uranium di Iran. Symantec mencatat pada Agustus 2010 bahwa 60% dari
komputer yang terinfeksi di seluruh dunia berada di Iran. Siemens menyatakan pada 29 November cacing
tidak menyebabkan kerusakan pada pelanggan, kecuali program nuklir Iran, yang menggunakan peralatan
terembargo Siemens yang diperoleh secara rahasia, telah mengalami kerusakan karena Stuxnet.
Lab – Learning the Details of Attacks

Objectives
Research and analyze IoT application vulnerabilities
The Internet of Things (IoT) consists of digitally connected devices that are connecting every aspect of our
lives, including our homes, offices, cars, and even our bodies to the Internet. With the accelerating adoption of
IPv6 and the near universal deployment of Wi-Fi networks, the IoT is growing at an exponential pace. Industry
experts estimate that by 2020, the number of active IoT devices will approach 50 billion. IoT devices are
particularly vulnerable to security threats because security has not always been considered in IoT product
design. Also, IoT devices are often sold with old and unpatched embedded operating systems and software.
Required Resources
Conduct a Search of IoT Application Vulnerabilities

Using your favorite search engine, conduct a search for Internet of Things (IoT) vulnerabilities. During your
search, find an example of an IoT vulnerability for each of the IoT verticals: industry, energy systems,
healthcare, and government. Be prepared to discuss who might exploit the vulnerability and why, what
caused the vulnerability, and what could be done to limit the vulnerability? Some suggested resources to get
started on your search are listed below:
Cisco IoT Resources
IoT Security Foundation
Business Insider IoT security threats
Note: You can use the web browser in the virtual machine installed in a previous lab to research security
issues. By using the virtual machine, you may prevent malware from being installed on your computer.
From your research, choose an IoT vulnerability and answer the following questions:
What is the vulnerability?
Vulnerability yaitu suatu kelemahan program/infrastruktur yang memungkinkan terjadinya exploitasi
sistem. kerentanan (vulnerability) ini terjadi akibat kesalahan dalam merancang,membuat atau
mengimplementasikan sebuah sistem.
Who might exploit it? Explain.
Vulnerability akan digunakan oleh hacker sebagai jalan untuk masuk kedalam sistem secara ilegal.
Hacker biasanya akan membuat Exploit yang desesuaikan dengan vulnerability yang telah ditemukan
nya. Setiap aplikasi (service,desktop,web base) pasti memiliki celah atau vulnerability,hanya saja belum
ketauan.lambat laun akan ditemukan juga oleh hacker
Why does the vulnerability exist?

Buatan manusia tidak ada yang sempurna,vulnerability/bug terjadi ketika developer melakukan kesalahan
logika koding atau menerapkan validasi yang tidak sempurna sehingga aplikasi yang dibuatnya
mempunyai celah yang memungkinkan user atau metode dari luar sistem bisa dimasukan kedalam
program nya.
What could be done to limit the vulnerability?
Update Operating system,firmware dan aplikasi. Karena celah keamanan ini berasal dari software atau
service yang berjalan di dalam sistem, maka jangan lupa untuk mengikuti perkembangan aplikasi yang
digunakan. Selalu update secara berkala baik Operating sistem ataupun aplikasi,karena vulnerability bisa
berasal dari Operating software ataupun aplikasi yang terinstall di komputer. karena meggupdate aplikasi
adalah obat untuk mengatasi vulnerability
Lab – Visualizing the Black Hats

Objectives
Research and analyze cyber security incidents
In 2016, it was estimated that businesses lost $400 million dollars annually to cyber criminals. Governments,
businesses, and individual users are increasingly the targets of cyberattacks and cybersecurity incidents are
becoming more common.
In this lab, you will create three hypothetical cyber attackers, each with an organization, an attack, and a
method for an organization to prevent or mitigate the attack.
Note: You can use the web browser in virtual machine installed in a previous lab to research security issues.
By using the virtual machine, you may prevent malware from being installed on your computer.
Required Resources
Scenario 1:
a. Who is the attacker?
Penjahat cyber.
b. What organization/group is the attacker associated with?

Adapun untuk peretas ini termasuk dalam komplotan hacker Bancolombia .
c. What is the motive of the attacker?
Suplatacion, pencurian informasi, transfer dana.
d. What method of attack was used?
Pengiriman pesan teks dengan tautan palsu yang menangkap data yang paling penting.
e. What was the target and vulnerability used against the business?
Sebagai tujuan mereka harus menangkap informasi sebanyak mungkin dari pelanggan,
menggunakan tautan palsu yang meminta informasi yang paling penting dan diperlukan
untuk tujuan akhir mereka.
f. How could this attack be prevented or mitigated?
• Jangan gunakan wifi yang tidak dikenal untuk melakukan transaksi perbankan.
• Jangan berbagi kunci keamanan dengan siapa pun.
• Dicurigai tawar-menawar terlalu bagus dalam pembelian online yang, oleh karena
itu, tidak nyata.
Scenario 2:
Hacker
Di Kolombia hacker yang berbeda tidak terkait dengan organisasi seperti itu.

Gunakan informasi yang dicuri untuk memulai bagian di akun, menghapus pemberitahuan
bagian yang mencurigakan mulai luput dari perhatian.

Email dan pesan teks yang berisi tautan palsu.
Tujuannya adalah untuk mengungkapkan informasi pribadi atau memeras pemilik akun
dengan imbalan uang, di antara kerentanan adalah kurangnya kedengkian dan
pengetahuan mengenai masalah cybersecurity.
Lihatlah tautan yang akan Anda buka, karena mereka dapat dikloning dan dibawa,
bahkan, kunci keamanan halaman resmi, tetapi mereka kehilangan surat atau simbol
yang merupakan tanda penipuan mereka.
Scenario 3:
Ciberdelincuentes.
Di Kolombia hacker yang berbeda tidak terkait dengan organisasi seperti itu.
Pencurian 500 juta peso dari sebuah bank di Kolombia.
Pembuatan lebih dari 20 rekening tabungan melalui situs web Bancolombia secara ilegal
menggunakan identitas pihak ketiga.
Upaya untuk membeli dua jam tangan Rolex, masing-masing seharga 25 juta peso, di sebuah toko
perhiasan di Bucaramanga. Seorang pria yang ingin membeli 10 sepeda motor di sebuah dealer di Cúcuta
tanpa formalitas lebih lanjut. Dan draft dugaan sumbangan dari Fasad LSM Di Medellín. Ini adalah
beberapa modalitas yang dengannya Jaringan penjahat cyber mencoba menghasilkan uang dari bank
Bancolombia.
Setiap saat peringatan ini dan tidak meminjamkan identitas Anda atau akun Anda untuk
deposito atau penggunaan asal meragukan atau untuk orang yang tidak dikenal.
Lab - Becoming a Defender

Objectives
Research and analyze what it takes to become a network defender
In our technology-centric world, as the world gets more connected, it also gets less safe. Cybersecurity is one
of the fastest growing and in-demand professions. Individuals in this field perform a wide variety of jobs
including but not limited to consultation, investigation and program management services to mitigate risks
through both internal and external sources. Cybersecurity professionals are required to evaluate, design and
implement security plans, conduct in-depth fraud investigation and perform security research and risk
assessment and propose solutions to potential security breaches.
Individuals with good security skills have a great earning potential. To be considered for one of these high
paying jobs, it is imperative to have the proper qualifications. To this effect, it is important to consider the
industry certificates available for this career path. There are many certifications to choose from, and selecting
the right certificate(s) for you individually requires careful consideration.
Note: You can use the web browser in virtual machine installed in a previous lab to research security related
issues. By using the virtual machine, you may prevent malware from being installed on your computer.
Required Resources
Step 1: Conduct search of Certifications.

a) Using your favorite search engine conduct a search for the most popular certifications are (in terms of
what people hold, not necessarily what employers demand):
- CEH: Certified Ethical Hacker
- CISM: Certified Information Security Manager
- CISSP: Certified Information Systems Security Professional
- CompTIA Security+
- GSEC: SANS GIAC Security Essentials
b) Pick three certifications from the list above and provide more detail below about the certification
requirements / knowledge gained ie: vendor specific or neutral, number of exams to gain certification,
exam requirements, topics covered etc.
- CEH adalah kredensial tingkat menengah yang ditawarkan oleh Dewan Konsultan E-Commerce
Internasional. Untuk mendapatkan sertifikasi CEH, kandidat harus lulus satu ujian. Kursus pelatihan CEH
lima hari yang komprehensif direkomendasikan, dengan ujian disajikan pada kesimpulan kursus.
Kandidat dapat belajar mandiri untuk ujian tetapi harus menyerahkan dokumentasi setidaknya dua tahun
pengalaman kerja dalam keamanan informasi dengan verifikasi pemberi kerja.
- CompTIA Security +: Pemegang kredensial Keamanan + diakui sebagai possessing keterampilan teknis
yang unggul, pengetahuan dan keahlian yang luas dalam berbagai disiplin ilmu terkait keamanan.
Kredensial CompTIA Security+ juga disetujui oleh Departemen Pertahanan AS untuk memenuhi
persyaratan Directive 8140/8570.01-M. Selain itu, kredensial Keamanan + sesuai dengan standar untuk
ISO 17024.Kredensial Keamanan + memerlukan satu ujian, saat ini dihargai $ 339. Satu: SY0-501 (90
pertanyaan, 90 menit untuk menyelesaikan; 750 pada skala 100-900 diperlukan untuk lulus).
- CISSP: Certified Information Systems Security Professional (CISSP) adalah sertifikasi tingkat lanjutan
untuk pro TI yang serius tentang karir dalam keamanan information. Pemegang kredensial CISSP adalah
pengambil keputusan yang memiliki pengetahuan ahli dan keterampilan teknis yang diperlukan untuk
mengembangkan, membimbing dan kemudian mengelola standar keamanan, kebijakan dan prosedur
dalam organisasi mereka. CISSP terus banyak dicari oleh para profesional TI dan diakui dengan baik
oleh organisasi TI. Ini adalah perlengkapan reguler pada survei sertifikasi keamanan yang paling dicari
dan harus dimiliki. (ISC) 2 juga menawarkan tiga konsentrasi CISSP yang menargetkan bidang minat
tertentu dalam keamanan TI:
• Arsitektur (CISSP-ISSAP)
• Teknik (CISSP-ISSEP)
• Manajemen (CISSP-ISSMP)
Ujian konsentrasi CISSP masing-masing $ 599, dan pencari kredensial saat ini harus memiliki
CISSP yang valid. Biaya tahunan sebesar $ 85 diperlukan untuk mempertahankan kredensial
CISSP. Sertifikasi ulang diperlukan setiap tiga tahun.
Step 2: Investigate positions available within cybersecurity
Indeed.com is one of the largest job site worldwide. Using your browser of choice, access indeed.com and
search for cybersecurity jobs available within the last two weeks.
1. How many new job listings were posted within the last two weeks?
Ada 26 pekerjaan yang terdaftar.
2. What is the salary range for the top 10 listings?

Antara R400 000,00 - R750 000,00
3. What are the most common qualifications required by employers?
• Ccna CyberOps
• CSA+
• CISSP
• +- Pengalaman kerja 2 tahun
4. What industry certifications are required by these employers?

• Operasi Cyber CCNA
• CSA+
• CISSP
5. Do any of certifications match the ones listed in Step 1a?

Ya, yakni: CISM, CISSP,CEH, CompTIA Security+,
6. Investigate online resources that allow you to legally test your hacking skills. These tools allow a novice
with limited cyber security experience to sharpen their penetration testing skills, such as Google Gruyere
(Web Application Exploits and Defenses).
DVIA, Game of Hacks, HackThis!!, Hack This Site, Hellbound Hackers, , Muttilidae, OverTheWire,
LINK VIDEO PRESENTASI INSTAL CYBEROPS :

https://drive.google.com/file/d/1XjAWXeaN7pYppA446S83WQNGD1ALg0B-/view?usp=drivesdk

Laporan Praktikum Keamanan Siber - Tugas 1 - Kelas C - Kelompok 3

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Laporan Praktikum Keamanan Siber - Tugas 1 - Kelas C - Kelompok 3

Uploaded by

Copyright:

Available Formats

I Gede Arie Yogantara Subrata 19021106005

Program Studi Teknik Informatika

Part 1: Prepare a Host Computer for Virtualization

Step 1: Download and install VirtualBox.

Step 2: Download the Virtual Machine image file.

Part 2: Import the Virtual Machine into the VirtualBox Inventory

Step 1: Import the virtual machine file into VirtualBox.

Step 2: Start the virtual machine and log in.

Step 3: Familiarize yourself with the Virtual Machine.

Step 4: Shut down the VMs.

The other two options are:

Lab - Cybersecurity Case Studies

Conduct search of high profile cyberattacks.

The Stuxnet Virus

b. What technologies and tools were used in the attack?

c. When did the attack happen within the network?

d. What systems were targeted?

Lab – Learning the Details of Attacks

Conduct a Search of IoT Application Vulnerabilities

Who might exploit it? Explain.

Why does the vulnerability exist?

What could be done to limit the vulnerability?

Lab – Visualizing the Black Hats

b. What organization/group is the attacker associated with?

c. What is the motive of the attacker?

d. What method of attack was used?

f. How could this attack be prevented or mitigated?

Lab - Becoming a Defender

Step 1: Conduct search of Certifications.

2. What is the salary range for the top 10 listings?

4. What industry certifications are required by these employers?

5. Do any of certifications match the ones listed in Step 1a?

LINK VIDEO PRESENTASI INSTAL CYBEROPS :

You might also like