It informs citizens on best practices and proactive measures when confronted with cyber risks.
Nations should promote cyber awareness of cyber-related threats among the public, companies, and government employees.
A worldwide repository can help increase the number and quality of national cybersecurity awareness campaigns.
The repository should be continuously maintained and updated to reflect new technological developments and insights.
Cybersecurity Awareness Tips
Phishing Emails
Never respond to requests for personal information via email.
Businesses will never ask for personal information in an email.
Do not enter personal information in a pop-up screen.
Do not click on any links listed in an email message.
Copy and paste the URL into the browser.
Use anti-virus and anti-spyware software and update them regularly.
Dispose of Information Properly
Destroy/Shred hard copy confidential documents that contain personal information such as social security numbers, credit card numbers, bank account numbers, and health records.
Ensure you are using the right tools when destroying and disposing of personal information or media storage from your computer and mobile devices.
Ethics – Be a good cyber citizen
Do not engage in inappropriate conduct such as cyberbullying, cyberstalking, or rude and offensive behavior.
Do not do something in cyberspace that you would consider wrong or illegal in everyday life.
Adhere to copyright restrictions when downloading material from the Internet.
Do not use someone else’s password or other identifying information.
Lock the computer when you leave
It takes only a few seconds to secure the computer and help protect it from unauthorized access.
Lock the computer every time there is a need to leave the desk.
Set up a screensaver that will lock the computer after a pre-set amount of time and will require a password to log back in.
If the computer is used by more than one (1) person, create individual accounts with unique login and passwords for each user.
Protect data on mobile devices
Password protect the portable device.
Make sure all critical information is backed up.
Disable Bluetooth when not required.
Make sure the firewall and anti-virus are up to date.
Store the portable devices securely.
Record identifying information, such as the serial number, and label the equipment if possible.
Report loss or theft to the appropriate authorities as soon as possible.
Ten Simple Measures to Protect Online Security
Frequently change your default passwords for each of your accounts.
Change password at least once a year to keep your personal information safe.
Use multifactor authentication to confirm your identity when you log into your accounts.
Use a firewall to block unauthorized access to computers and devices.
Be sure to keep the operating system, browser, and other software up to date with security patches to minimize threats from viruses and malware.
Limit what you do over public Wi-Fi and use software that creates a secure connection over the Internet, such as a Virtual Private Network, to connect safely from anywhere.
Practice safe surfing and shopping. Check site addresses that start with “https” instead of just “http”.
Enable privacy settings and increase the default security settings of the software you use.
Be selective when sharing personal information as this could be used by hackers to guess passwords and logins.
Do not download pirated software as it is not only illegal, but almost always includes some malware.
Back up your data to an external hard drive or the cloud as this is the easiest way to recover from a ransomware attack.
Classification of Hackers
Hackers are classified based on their intent of hacking a system.
White Hat Hackers
Also known as “ethical hackers.”
They never intend to harm a system.
They try to find out weaknesses in a computer or network system as a part of penetration testing and vulnerability assessments.
Ethical hacking is not illegal and is one of the demanding jobs available in the IT industry.
Numerous companies hire ethical hackers for penetration testing and vulnerability assessments.
Black Hat Hackers
Also known as “crackers.”
Hack to gain unauthorized access to a system and harm its operations or steal sensitive information.
Black hat hacking is always illegal because of its bad intent:
Stealing corporate data.
Violating privacy.
Damaging the system.
Blocking network communication, etc.
Gray Hat Hackers
A blend of both black and white hackers.
They act without malicious intent, but for their fun, they exploit a security weakness in a computer system or network without the owner’s permission or knowledge.
They intend to bring the weakness to the attention of the owners and get appreciation or a little bounty from the owners.
Note: Gray or Grey hackers are the same.
Miscellaneous Hackers
Red Hat Hacker: A blend of both black hat and white hat hackers.
They are usually on the level of hacking government agencies, top-secret information hubs, and generally anything that falls under the category of sensitive information.
Blue Hat Hacker: Someone outside computer security consulting firms who are used to bug-test a system before its launch.
They look for loopholes that can be exploited and try to close these gaps.
Microsoft uses the term “BlueHat” to represent a series of security briefing events.
Elite Hacker: A social status among hackers, which is used to describe the most skilled hacker.
Script Kiddie: A non-expert who breaks into computer systems by using pre-packaged automated tools written by others usually with little understanding of the underlying concept.
Neophyte/“n00b”/“Newbie”/“Green Hat Hacker”: Someone new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.
Hacktivist: A hacker who utilizes technology to announce a social, ideological, religious, or political message.
In general, most hacktivism involves website defacement or denial-of-service attacks.
Hacking Skills
As an ethical hacker, there is a need to understand various hacking techniques:
Password guessing and cracking
Session hijacking
Session spoofing
Network traffic sniffing
Denial-of-service attacks
Exploiting buffer overflow vulnerabilities
Structured Query Language (SQL) injection
Basic Skills
Computer hacking is a science as well as an art.
One needs to put a lot of effort to acquire knowledge and become an expert hacker.
Once on track, one needs more effort to be up-to-date with the latest technologies, new vulnerabilities, and exploitation techniques.
An ethical hacker must be a computer systems expert and needs to have strong programming and computer networking skills.
An ethical hacker needs to have a lot of patience, persistence, and perseverance to try again and again and wait for the required result.
The ethical hacker should be smart enough to understand the situation and other users’ mindset to apply social engineering exploits.
A good ethical hacker has great problem-solving skills too.
Methods of Cybersecurity Attack
Adware: Software designed to force pre-chosen ads to display on a system.
Attack: An action that is done on a system to get its access and extract sensitive data.
Back Door: (Also known as “trap door”) A hidden entry to a computing device or software that bypasses security measures, such as logins and password protections.
Bot: A program that automates an action so that it can be done repeatedly at a much higher rate for a more sustained period than a human operator could.
Example: Sending HTTP, FTP, or Telnet at a higher rate or calling script to create objects at a higher rate.
A botnet (also known as a “zombie army”) is a group of computers controlled without their owners’ knowledge.
Botnets are used to send spam or make denial-of-service attacks.
Brute Force Attack: An automated and the simplest kind of method to gain access to a system or website.
It tries a different combination of usernames and passwords over and over until it gets in.
Buffer Overflow: A flaw that occurs when more data is written to a block of memory or buffer than the buffer is allocated to hold.
Clone Phishing: The modification of an existing, legitimate e-mail with a false link to trick the recipient into providing personal information.
Cracker: Someone who modifies the software to access the features which are considered undesirable by the person cracking the software, especially copy protection features.
Denial-of-Service Attack (DoS): A malicious attempt to make a server or a network resource unavailable to users usually by temporarily interrupting or suspending the services of a host connected to the Internet or DDoS (distributed denial-of-service attack).
Exploit Kit: A software system designed to run on Web servers to identify software vulnerabilities in client machines communicating with it and exploiting discovered vulnerabilities to upload and execute malicious code on the client.
Exploit: A piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to compromise the security of a computer or network system.
Firewall: A filter designed to keep unwanted intruders outside a computer system or network while allowing safe communication between systems and users on the inside of the firewall.
Keystroke Logging: The process of tracking the keys which are pressed on a computer (and which touchscreen points are used).
It is simply the map of a computer/human interface.
It is used by gray and black hat hackers to record login IDs and passwords.
Keyloggers are usually secreted onto a device using a Trojan delivered by a phishing e-mail.
Logic Bomb: A virus secreted into a system that triggers a malicious action when certain conditions are met.
The most common version of this is the time bomb.
Malware: An umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.
Master Program: The program a black hat hacker uses to transmit commands remotely to infected zombie drones, normally to carry out DoS attacks or spam attacks.
Phishing: An e-mail fraud method in which the perpetrator sends out legitimate-looking e-mails in an attempt to gather personal and financial information from recipients.
Phreakers: The original computer hackers. They are those who break into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.
Rootkit: A stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
Shrink Wrap Code: An act of exploiting holes in unpatched or poorly configured software.
Social Engineering: Deceiving someone to acquire sensitive and personal information like credit card details or usernames and passwords.
Spam: An unsolicited e-mail, also known as “junk e-mail,” sent to a large number of recipients without their consent.
Spoofing: A technique used to gain unauthorized access to computers where the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
Spyware: Software that aims to gather information about a person or organization without their knowledge and may send such information to another entity without the consumer’s consent or that asserts control over a computer without the consumer’s knowledge.
SQL Injection: An SQL code injection technique used for attacking data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g., to dump the database contents to the attacker).
Threat: A possible danger that can exploit an existing bug or vulnerability to compromise the security of a computer or network system.
Trojan: (also Trojan horse) A malicious program disguised to look like a valid program, making it difficult to distinguish from programs that are supposed to be there, which is designed to destroy files, alter information, or steal passwords and other information.
Virus: A malicious program or a piece of code which is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.
Vulnerability: A weakness that allows a hacker to compromise the security of a computer or network system.
Worms: A self-replicating virus that does not alter files but resides in active memory and duplicates itself.
Cross-site Scripting (XSS): A type of computer security vulnerability typically found in Web applications.
XSS enables attackers to inject client-side script into Web pages viewed by other users.
Zombie Drone: A hi-jacked computer that is being used anonymously as a soldier or ‘drone’ for malicious activity, for example, distributing unwanted spam e-mails.
Phases of Cybersecurity Attack
There are six (6) phases of cybersecurity attack:
Reconnaissance: The attacker gathers information about a target using active or passive means.
Tools used: Google Dorks and Maltego.
Scanning: The attacker begins to probe a target machine or network actively for vulnerabilities that can be exploited.
Tools used: Nessus or Nexpose.
Gaining Access: The vulnerability is located, and the attacker attempts to exploit it to enter into the system.
Primary tool used: Metasploit.
Maintaining Access: The hacker has already gained access to a system and installs backdoors to enter into the system when they need access in the future.
Preferred tool: Metasploit.
Clearing Tracks: Deletion of logs of all the activities that take place during the hacking process.
Reporting: The ethical hacker compiles a report with their findings: