Basic Cybersecurity

Concepts
It’s hard to find a facet of modern life that does not involve a computer
system, at least on some level. Online purchases and online-payment
of bills have now become standard practices especially that we have
stay-at-home protocols due to the pandemic. Some retailers are using
computerized automatic checkout. It is even likely that you have taken
a class online, and you may even be using this module for a class you
are currently taking online.

Because so much of our business is transacted online, a great deal of

personal information is stored in computers. Medical records, tax
records, school records, and more are all stored in computer
databases. This leads to some very important questions:

 How is information safeguarded?

 What are the vulnerabilities to these systems?
 What steps are taken to ensure that these systems and data are
safe?

A TASTE OF HACKING TERMINOLOGY

Back door: a hole in security deliberately left within a program or

software which enables nonauthorized access.

Banner grabbing: the practice of gathering information like operating

system, version, and patch level from target systems by obtaining log-
on banners. Banner grabbers use service ports like FTP port (port #21),
SMTP port (port #25), and HTTP port (port #80)— to exploit vulnerable
systems.

Bit bucket: final destination of discarded, lost, or destroyed data.

Black hat hacker: a term which refers to evil crackers.

Brute force: a term traditionally used to refer to the method of
cracking passwords by manually entering all possible key
combinations.

Buffer overflow: an anomaly where a program exceeds the boundary of

a buffer resulting in data leakage into adjacent memory. Buffer
overflows represent a significant security concern and are the basis of
many software vulnerabilities.

Clickjacking: a term used to describe a system vulnerability in which

compromised systems allow attackers to collect an infected user’s
clicks.

Cracker: a term originally coined by hackers which usually refers to

those individuals violating secure systems for illicit purposes rather
than fun. (Hackers claim to be motivated purely by intellectual
pursuits, while “crackers” exploit systems for economic reasons or
other forms of personal gain. Crackers are often referred to as
“cyberpunks.”)

DDoS attack: acronym for Distributed Denial of Service attack. DDoS

attacks involve the use of multiple compromised systems to inundate
a single system with useless traffic. When successful, DDoS attacks
effectively shut down the targeted site.

Logic bomb: a piece of code intentionally inserted into software that

performs a malicious function when programmed conditions are met.

Phreaking: art and science of cracking the phone network (i.e., making
illegal phone calls).

Red hat hacker: tongue-in-cheek reference to a flavor of the Linux

operating systems.

Sneaker: individual hired by a company to test its security systems by

attempting to violate them.

Spoofing: the impersonation of a host on a network by exploitation of a

host’s IP or MAC address.

Spaghetti or kangaroo code: complex or tangled code.

Time bomb: subspecies of logic bomb that is triggered by reaching

some predetermined time or is set to go off in the event that a
programmer is fired and not available to suppress action.
Trojan horse: malicious, security-breaking program designed to appear
benign. Like the historical Trojan horse, these program effectively hide
something quite dangerous.

Vulcan nerve pinch: keyboard combination that forces a soft-boot or

jump to ROM monitor. In many microcomputers, the combination is
Ctrl-Alt-Del, sometimes called the “three-finger salute.”

Wedged: often mistakenly synonymized with crashes, this is the

inability of a computer to make progress. Unlike a crash, a computer
which is wedged is not totally nonfunctional.

Wetware: a term used to refer to humans operating computers (as

opposed to hardware and software); aka people-ware

White hat hackers: a term used in the industry to designate “good”

hackers

CYBERSECURITY CONCEPTS
CYBERSECURITY is the protection of internet-connected systems
such as hardware, software and data from cyber-threats. The practice
is used by individuals and organizations to protect against
unauthorized access to data centers and other computer systems.
(techtarget.com, 2020)

Cybersecurity is the practice of protecting systems, networks, and

programs from digital attacks. These cyberattacks Links to an
external site. are usually aimed at accessing, changing, or destroying
sensitive information; extorting money from users; or interrupting
normal business processes. (cisco.com, Links to an external
site.2020)

This new type of security is applied to computing devices such as PCs

and smartphones, as well as computer networks, including the whole
Internet. It is a field of security focused in securing your computer
from unauthorized access and from internal and external threats like
virus, spyware, Trojan horses, phishing attacks, hackers and intruders.

The field of cybersecurity includes all the processes and mechanisms

by which digital equipment, information and services are protected
from unintended or unauthorized access, change or destruction, and is
of growing importance due to the increasing reliance of computer
systems in most societies. It includes physical security to prevent
theft of equipment and information security to protect the data on that
equipment. It is sometimes referred to as "computer security" or "IT
security". Those terms generally do not refer to physical security, but
a common belief among computer security experts is that a physical
security breach is one of the worst kinds of security breaches as it
generally allows full access to both data and equipment.

Cybersecurity is the process of applying security measures to ensure

confidentiality, integrity, and availability of data. Cybersecurity
assures protection of assets, which includes data, desktops, servers,
buildings, and most importantly, humans. The goal of cybersecurity is
to protect data both in transit and at rest.

There are many techniques that can be used to protect your computer
from all these threats. Security can be implemented from the
operating system to computer hardware level.

Take note that the most important aspect of computer and cyber
security is the protection of the confidentiality, integrity and
availability of the data/information stored in computing devices or
transmitted thru computer networks.

BASIC PRINCIPLES OF CYBERSECURITY

Two basic principles that should influence your entire thinking about
computer security.

The first concept is the CIA triangle , also known as CIA triad. The
"CIA" does not refer to clandestine operating involving the Central
Intelligence Agency; rather it is a reference to the three pillars of
information security: confidentiality, integrity, and availability. When
you are thinking about information, computer or cyber security, your
thought processes should always be guided by these three principles.

First and foremost, are you keeping the data confidential? Does your
approach help guarantee the integrity of data? And does your
approach still make the data readily available to authorized users?
Another important security concept to keep in mind is the doctrine or
principle of least privilege. This literally means that each user or service
running on your network should have the least number of privileges/access
required to do their job. No one should be granted access to anything unless
it is absolutely required for their job. In military and intelligence circles this
is referred to as “need to know.”

HACKER SLANG
Before proceeding on the rest of this lesson, it is important to enhance
further your vocabulary. The world of computer security takes its
vocabulary from both the professional security community and the
hacker community.

Most people use hacker to describe any person who breaks into a
computer system. In the hacking community, however, a HACKER is
an expert on a particular system or systems, a person who simply
wants to learn more about the system. Hackers feel that looking at a
system’s flaws is the best way to learn about that system. For
example, someone well versed in the Linux operating system who
works to understand that system by learning its weaknesses and flaws
would be a hacker. This process does often mean seeing if a flaw can
be exploited to gain access to a system. This “exploiting” part of the
process is where hackers differentiate themselves into three groups:

A WHITE HAT HACKER, upon finding some flaw in a system, will report
the flaw to the vendor of that system. For example, if they were to
discover some flaw in Red Hat Linux, they would then email the Red
Hat company (probably anonymously) and explain exactly what the
flaw is and how it was exploited. White hat hackers are often hired
specifically by companies to do penetration tests. The EC Council even
has a certification test for white hat hackers, the Certified Ethical
Hacker test.

A GRAY HAT HACKER is normally a law-abiding citizen, but in some

cases will venture into illegal activities.

A BLACK HAT HACKER is the person normally depicted in the media.

Once he gains access to a system, his goal is to cause some type of
harm. He might steal data, erase files, or deface websites. Black hat
hackers are sometimes referred to as crackers. However, there are IT
and cybersecurity professionals that insist on the differences between
hackers and crackers. Read these articles to help see their
differences:
 Hacker vs Cracker: main differences explainedLinks to an external
site.
 Links to an external site.Hackers vs Crackers: understand
exclusive differenceDownload Hackers vs Crackers: understand
exclusive difference

Regardless of how hackers view themselves, intruding on any system

is illegal. This means that technically speaking all hackers, regardless
of the color of the metaphorical hat they may wear, are in violation of
the law. However, many people feel that white hat hackers actually
perform a service by finding flaws and informing vendors before those
flaws are exploited by less ethically inclined individuals.

SCRIPT KIDDIES: A hacker is an expert in a given system, as with any

profession it includes its share of frauds. So what is the term for
someone who calls himself or herself a hacker but lacks the
expertise? The most common term for this sort of person is script
kiddy. The name comes from the fact that the Internet is full of
utilities and scripts that one can download to perform some hacking
tasks. Many of these tools have an easy-to-use graphical user
interface that allows someone with very little if any skill to operate the
tool. A classic example is the Low Earth Orbit Ion Cannon tool for
executing a DoS attack. Someone who downloads such a tool without
really understanding the target system is considered a script kiddy. A
significant number of the people you are likely to encounter who call
themselves hackers are, in reality, mere script kiddies.

ETHICAL HACKERS: When and why would someone give permission to

another party to hack his system? The most common answer is in
order to assess system vulnerabilities. This employee, commonly
called a SNEAKER, legally breaks into a system in order to assess
security deficiencies, such as portrayed in the 1992 film Sneakers,
starring Robert Redford, Dan Aykroyd, and Sidney Poitier. More and
more companies are soliciting the services of such individuals or firms
to assess their vulnerabilities.

Anyone hired to assess the vulnerabilities of a system should be both

technically proficient and ethical. Run a criminal background check,
and avoid those people with problem pasts. There are plenty of
legitimate security professionals available who know and understand
hacker skills but have never committed security crimes. If you take
the argument that hiring convicted hackers means hiring talented
people to its logical conclusion, you could surmise that obviously the
person in question is not as good a hacker as they would like to think,
because they were caught.

Most importantly, giving a person with a criminal background access

to your systems is on par with hiring a person with multiple DWI
(driving while intoxicated) convictions to be your driver. In both cases,
you are inviting problems and perhaps assuming significant civil
liabilities.

Also some review of their qualifications is clearly in order. Just as

there are people who claim to be highly skilled hackers yet are not,
there are those who will claim to be skilled sneakers yet lack the
skills truly needed. You would not want to inadvertently hire a script
kiddy who thinks she is a sneaker. Such a person might then
pronounce your system quite sound when, in fact, it was simply a lack
of skills that prevented the script kiddy from successfully breaching
your security.

PHREAKERS: One special type of hacking involves breaking into

telephone systems. This subspecialty of hacking is referred to as
PHREAKING. The New Hacker’s Dictionary actually defines phreaking
as “the action of using mischievous and mostly illegal ways in order to
not pay for some sort of telecommunications bill, order, transfer, or
other service” (Raymond, 2003). Phreaking requires a rather significant
knowledge of telecommunications, and many phreakers have some
professional experience working for a phone company or other
telecommunications business. Often this type of activity is dependent
upon specific technology required to compromise phone systems,
more than simply knowing certain techniques.

Most hacker terminology, as you may have noticed, is concerned with

the activity (phreaking) or the person performing the activity
(sneaker). In contrast, security professional terminology describes
defensive barrier devices, procedures, and policies. This is quite
logical because hacking is an offensive activity centered on attackers
and attack methodologies, whereas security is a defensive activity
concerning itself with defensive barriers and procedures.