Category: Basics

Hello, aspiring ethical hackers. In our previous blogpost, you learnt about ethical hacking. In this article, you will learn what is cybersecurity. Cybersecurity and ethical hacking can be confusing to people. That’s because they are closely related but yet they are different. But don’t worry by the end of this article, you will understand clearly the difference between them.

What is cybersecurity?

Cybersecurity is the name give to the complete process of protecting computer systems, network and data from cyber attacks and malware.

Importance of cybersecurity

Now, that you have understood what cybersecurity is, let me explain to you it’s importance. As the world moves more towards digitization, humans increasingly depend on technology and internet. With the difficulty of performing a hacking attack becoming simple day-by-day and threat actors and cybercriminals increasingly evolving their tactics, the role of cybersecurity has become all too important not only for organizations but also individuals.

Principles of Cybersecurity

There are three core principles for cybersecurity. Popularly known as CIA triangle, they are Confidentiality, Integrity and Availability. Let’s learn about each of them in detail.

1.Confidentiality:

Confidentiality ensures that all the sensitive information is safe from unauthorized access.

2. Integrity:

Integrity ensures that the sensitive information is safe from destruction without proper authorization.

3. Availability:

Availability ensures that the information is available to authorized users whenever they need them.

Types of Cybersecurity

Although cybersecurity is a single word, it is a combination of different branches. Let’s learn about each of them in detail.

1.Network security:

Network security refers to protection of the network infrastructure both software and hardware, communication infrastructure, communication protocols etc. This includes all the devices in a network, communication between them and even between them and external assets.

2.Endpoint security:

Endpoint security deals with security of the endpoint devices in the network. These include Desktops, Laptops and other devices that act as access point to an organization’s network.

3. Web security:

This refers to protection of websites, web applications and the infrastructure coming with it.

4. Mobile security:

Mobile security is concerned with security of the mobile devices like mobiles and tablets which are increasingly being used in organizations.

5. Application security

Application security deals with protection of all the applications used in organization.

6. Cloud security:

Cloud security refers to protecting of data, applications and services hosted in private and public cloud environment.

7. IoT Security:

IOT security refers to protection of Internet Of Things (IOT) devices and networks from cyber attack and data breaches.

Cybersecurity vs Ethical hacking

By now you should have clearly understood what cyber security is. Let’s see what is the difference between cybersecurity and ethical hacking. Ethical hacking, also known as penetration testing is a method used to identify security vulnerabilities in a network, software, applications etc by simulating hacking attacks. This is done to assess the security of an organization. Ethical hacking is part of cybersecurity.

Hello, aspiring ethical hackers. In our previous blogpost, you learnt what is a vulnerability and about vulnerability scanning. In this article, you will learn in detail about vulnerability management.

What is vulnerability management (VM)?

Vulnerability management is a continuous process of identifying, prioritizing, assessing, remediation, reporting and verification of vulnerabilities in an organization.

Stages of vulnerability management

There are fives stages in vulnerability management. They are ,

1. Identification:

To be able to effectively manage vulnerabilities in an organization and to prevent them from becoming a threat, first and foremost, the vulnerability needs to be identified. For this, vulnerability scanning needs to be performed on all the software, hardware, operating systems and services running in an organization.

2. Prioritizing:

After all the vulnerabilities are identified, they need to be prioritized based on the risk they pose to the security of organization and the impact its exploitation has on it. This stage includes vulnerability assessment and use of vulnerability scoring.

3. Acting on the vulnerabilities:

After all the detected vulnerabilities are classified and assessed based on the risk they pose, the next stage is to remediate or fix the vulnerabilities or at least mitigate the vulnerability. This can be done by patching the vulnerabilities, reducing its exposure etc.

4. Reporting:

The next stage is reporting the vulnerabilities. The reporting is not just limited to the heads of the organizations but also to all stakeholders like public CVE databases, partners or customers. The goal of vulnerability reporting is to bring awareness about the vulnerabilities to others before they become victim of a cyber attack.

5. Reassessing:

The last stage of VM is to once again start the entire process from the beginning. Note that vulnerability management is a cyclical or continuous process that is used to improve the security of the organization.

Vulnerability management vs vulnerability scanning vs Vulnerability assessment.

Although these terms are used interchangeably they are entirely different. Vulnerability scanning is the process of identifying the security vulnerabilities in a software or a network of the organization.  Vulnerability assessment is a systematical review of vulnerabilities or weaknesses in an organization. Vulnerability scanning and vulnerability assessment are part of vulnerability management.

Vulnerability management vs penetration testing

Many people often confuse VM with pen testing, if not in reading of the terms may be in their use. While VM is useful in finding out and managing the vulnerabilities in an organization, Pen testing is performed to find out and exploit the vulnerabilities and weakness in the applications, system, device and network. Both play equally important and different roles in protecting the organization from cyber attacks.

Next, learn what is threat intelligence.

Hello, aspiring ethical hackers. In this blogpost, you will learn about cryptography or in the cybersecurity sense about encryption. The word cryptography came from a Greek word kryptos which means “hidden secret” and it plays a very important role in cybersecurity.

What is cryptography?

Cryptography is the study of secure communication techniques. It is closely associated with encryption which is an act of taking an ordinary text and scrambling it to transform it in to cipher text. The aim of this encryption is to make sure that the message is only understood by someone which it is intended to.

Types of Cryptographic techniques

There are three types of cryptographic techniques. They are,

1. Single key cryptographic system (Symmetric encryption)
2. Public key cryptographic system (Asymmetric encryption)
3. Hash Functions.

What is a cryptographic key?

A cryptographic key is a string of characters used with an encryption algorithm to transform data into a scrambled form or cipher text.

What is an encryption algorithm?

An encryption algorithm is the method used to transform plain text to cipher text.

1. Symmetric encryption (Single key cryptographic system)

In symmetric encryption, a single key is used to both encrypt and decrypt data.

Hence it is known as single key cryptographic system. Symmetric encryption is very fast and hence used wherever speed is required for encryption. For example, it is used for encrypting credit card information and other confidential information, making malware and virus Fully Undetectable (FUD) etc. There are various encryption algorithms. The most popular encryption algorithms are   DES, 2DES, 3DES, AES, IDEA, RC4, RC5,  RC6, Blowfish etc.

2. Public key cryptographic system or asymmetric encryption (PKCS):

Also known as asymmetric encryption, Public key cryptographic system (PKCS) uses two keys: Public key and Private key. The data is encrypted with the Public key and can only be decrypted with private key or vice versa.

Since two different keys are used for encryption and decryption, even if any attacker knows about the key used for encryption there is no threat to any data. It is more secure than the single key cryptographic system but a bit slow. This is used in online communications like HTTPS, digital signatures etc. Example of Public key cryptography system algorithms are RSA, Diffie-Hellman etc.

3. Hash Functions or Message Digests:

A hash function is a versatile one-way cryptographic algorithm that converts plain text to a fixed length of encrypted text which is known as a message digest or simply a hash. A hash is known as a one-way function since once it encrypted it cannot be decrypted but (or decrypting it is very complex and difficult). Hash functions and message digests are used whenever the decrypting is not needed like hashing the passwords etc. Example of hash functions are MD5, SHA-1, SHA-512, RIPEMD etc.

Hello, aspiring ethical hackers. In this blogpost you will learn about IoT security or Internet of Things (IoT) security. But before you understand IOT security, you need to understand what Information of Things (IOT) is.

What is Information of Things (IoT)?

A few years back, getting an internet connection to our home was a bit rare and costly. I remember most of my friends had a computer at home but nobody had internet. Nowadays, even device (that once existed without the need of internet) can be connected to the internet.

These devices include lightbulbs, security cameras, fans, Refrigerator, Washing machine and almost all the devices of a smart home. They are connected to internet to add comfort to humans. All these devices are together known as Internet of Things (IOT).

Unlike your computer, laptop or mobile, these devices don’t need any human interaction to connect to internet.

What is IoT security?

As you should have figured out by now, IoT security is ensuring the security of these devices to protect your network.

What are various threats to IoT security?

Every device that is connected to internet is vulnerable to hacking. MIRAI botnet proved it. Internet of Things (IoT) devices are built with usability and human comfort in mind. The most common threats to IOT devices are.

1. Firmware vulnerabilities:

Every digital device has a firmware which is similar to a operating system on a computer. However, it cannot by easily updated as a operating system. So, once a vulnerability is detected in the firmware and exploited in an IOT device, it is difficult to upgrade or patch it.

2. Credential attacks:

Although IoT devices come with credentials, these are default credentials that hat are insecure and easy to guess. In most IoT devices, these credentials cannot even be reset or changed. So, any attacker can easily guess the credentials, take control of the devices.

3. Man-in-the-Middle attacks:

Man in the middle (MiTM) attacks are just not limited to computers and servers. It is also possible to perform packet sniffing and password sniffing between the IOT device and the server it is connecting to. If the transmission is taking place in clear text, hackers can sniff on it.

4. Physical access attacks:

Most IoT devices are placed in easily accessible locations. If hackers can get hold of this device, they can take control of the device.

Hello, aspiring ethical hackers. In this blogpost, you will learn about cloud security. Before you learn about cloud security, you need to have a basic idea about what is cloud computing or cloud. Let me give you an example. Have you ever used Gmail or any other email service? What do you do to check your email? You open a browser or email client and go to the URL of the email service, enter your credentials and finally read your mails or start composing an email. Have you ever thought where all the mails are stored? Definitely not on your own system. They are stored elsewhere. Well, this is exactly how cloud computing works.

What is cloud computing?

Cloud computing is providing of computer system resources like data storage, computing power, networking, servers and software etc over the internet on demand.

Types of Cloud computing

Services in cloud can be provided as per anyone’s need with customization. However, there are three models of cloud computing that are generally preferred.

1. Infrastructure as a Service (IaaS):

In this model of cloud service, customers rent the building blocks of computing like servers (physical or virtual), storage and networking. It is usually rented by those organizations which want to have complete control over their cloud. The needed software and applications are installed by the organization.

2. Platform as a Service (PaaS):

What if organization or users don’t have the technical know how about installing everything on their rented hardware on cloud. The PaaS model comes to their rescue. This model comes with the installation of required tools and software along with basic computing resources provided in IaaS. For example, imagine you want to rent a WAMP server on cloud. Along with the basic computing resources, it comes with a Windows 10 machine with WAMP server installed on it. You still have to create the websites to be hosted on the WAMP server.

3. Software as a service (SaaS):

The most popular cloud model, it provides just all the resources and software you need. For example, let’s just say you rented a WordPress website on cloud for you. All you have to do is login into the WordPress website on your browser and upload blogposts. Rest all the cloud provider takes care for you.

What is Cloud Security?

Cloud security is the concept of providing security to the cloud-based systems from all the usual threats and dangers of cyber security. Cloud security is the responsibility of both the cloud service provider and the end user.

What are some cloud security threats?

Systems in cloud are vulnerable to all threats usual networks do like zero-day-vulnerabilities, DoS, phishing and malware etc.