2. ESSENTIAL TERMINOLOGY
1. Hack Value: It is the notion among hackers that something doing is interesting or
worthwhile.
2. Exploit: A piece of software that takes advantages of a bug, glitch or vulnerability that
leads to unauthorized access, privilege escalation or denial of service on computer
systems and networks.
3. Vulnerability: Existence of software flaw, logic design or implementation error that
could lead an operation system or an application to attack or misuse.
4. Target of Evaluation: An IT system, product or network that is the subject of security
analysis or attacks.
3. ESSENTIAL TERMINOLOGY
5. Zero Day attacks: A computer threats that tries to exploit computer system
vulnerabilities that are undisclosed to others or undisclosed to the software developers
6. Daisy Chaining: Hackers who get away with database theft usually complete their task,
then backtrack to cover their tracks by destroying logs etc.
9. Attacks: An action or an event that might compromise security.
10. Threat: An environment or a situation that might lead to potential breach of security.
4. ELEMENTS OF
INFORMATION SECURITY
Security is a state of well being of information and infrastructure in which the possibility
of theft, tampering and disruption of information and services is kept low or tolerable. It
relies upon the five major elements of information security.
1. Confidentiality: Confidentiality is the assurance that the information is accessible only to
those authorized to have access. Confidentiality breaches may occur due to improper data
handling or hacking attempt.
2. Integrity: Integrity is the trustworthiness of data and resources in terms of preventing
improper and unauthorized changes the assurance that the information can be relied upon
to be sufficiently accurate for its purpose.
5. ELEMENTS OF
INFORMATION SECURITY
3. Availability: Is the assurance that the system responsible for delivering, storing or
processing information is available to authorized users when required.
4. Authenticity: Authenticity refers to characteristics of a communication, document or any
data that ensures the quality of being genuine and not corrupted from the original. Major
roles of authentication includes that the user is claiming he or she to be, this is done by
biometrics or smart cards, digital certificates etc.
5. Repudiation: Refers to ensure that the party to a contract or a communication cannot
later deny the authenticity of their signature on a document or sending the message that
their originated. It is a way to guarantee that the sender of the message cannot later deny
having sent the message and the recipient cannot deny having received the message.
6. THE SECURITY, FUNCTIONALITY
AND USABILITY TRIANGLE
Level of Security in any system can be defined by the strength of the three components:
Security(Restrictions)
Moving the ball towards security means
less of other two.
Functionality(Features) Usability(GUI)
7. TOP INFORMATION SECURITY
ATTACKS VECTOR
Attack vector is a path or mean by which an attacker can gain access to information system
to perform malicious activities.
The following are the possible top attacks vector from which an attacker can attack
information system:
Virtualization and
cloud computing
Organized cyber
crime
Unpatched
software
Targeted Malwares
Botnets
8. TOP INFORMATION SECURITY
ATTACKS VECTOR
Compliance to
Government laws
and regulations
Network
Applications
Lack of cyber
security
professionals
Mobile device
security
Complexity of
Computer
Infrastructure
Hacktivism
Internal Threats
9. Attack • Attacks=Motives(Goal)+Method+ Vulnerability.
Goals
• Disrupting business continuity, information theft, data
manipulations, or taking revenge.
Motives• Something Valuable-Data or Money
Objectives• Exploit vulnerabilities
MOTIVES, GOALS AND OBJECTIVES OF
INFORMATION SECURITY ATTACKS
10. Natural Threats
• Natural Disaster
• Flood
• Famines
• Earthquakes
• Hurricanes
Physical Threats
• Loss of damage of
system resources
• Physical Intrusion
• Sabotage, espionage and
errors
Human Threats
• Hackers
• Insiders
• Social Engineering
• Lack of Knowledge and
Awareness
INFORMATION SECURITY
THREATS
Information Security Threats are broadly classified into three categories:
11. Network Threats
• Information Gathering
• Sniffing and Spoofing
• Session Hijacking
• ARP Poisoning
• DOS and SQL Injection
Attacks
• MITM Attacks
Host Threats
• Malware Attacks
• Password Attacks
• Unauthorized access
• DOS Attacks
• Privilege Escalation
• Password Attacks
Application Threats
• Buffer Overflow
• Auditing and Logging
Issues
• Information Disclosure
• Cryptography Attacks
INFORMATION SECURITY
THREATS
12. INFORMATION WARFARE
Information Warfare or Info-War refers to the use of Information and Communicative
technologies(ICT) to take competitive advantages over an opponent.
1. Defensive Information warfare: refers to all the strategies and actions to defend against
attacks on ICT Assets.
2. Offensive Information warfare: refers to information warfare that involves attacks
against ICT assets over an opponent.
13. IPV6 SECURITY THREATS
Compared to IPv4, IPv6 has an improved security mechanism that assures a higher level
of security and confidentiality for the information transferred over a network.
However , IPv6 is still vulnerable. It still possesses information security threats that include.
1. Auto configuration threats
2. Unavailability Reputation based protection
3. Incompatibility logging systems
4. Rate Limiting Problem
5. Default IPv6 activation
6. Complexity of Network Management tasks
14. IPV6 SECURITY THREATS
7. Complexity in Vulnerability Assessment
8. Overloading of Perimeter Security controls
9. IPv4 to IPv6 Translation Issues
10. Security Information and Event Management (SIEM) problems
11. Denial of Services(DOS)
12. Trespassing
15. HACKING VS ETHICAL HACKING
Hacking: Hacking refers to exploitation and exploration of computer software or
hardware to gain unauthorized access to perform malicious activities.
Ethical Hacking: Ethical Hacking refers to exploration and exploitation of the computer
software and hardware to make it more secure and ease of use.
16. Rep
utati
on
Business Loss
Loss Of Revenues
Compromise Information
EFFECTS OF HACKING ON
BUSINESS
Theft of Customers Personal Information
Hacking used to steal and distribute data
Botnet can be used to launch DDos leading to business
Downtime
Attackers may steal corporate information and sell
To competitors and leak info to rivals
17. WHO IS A HACKER?
A hacker is a person who illegally break into system or network without any authorization
to steal or destroy sensitive data or to perform malicious attacks. Hackers may be motivated
by a multitude of reasons:
1. Intelligent individuals with excellent computer skills with the ability to explore into the
computer software and hardware.
2. For some hackers hacking is a hobby to see how many computer systems or network they
can compromise.
3. Their intention can either be to gain knowledge or to poke around to do illegal things.
4. Some hack with malicious intent such as stealing business data, credit card information,
social security numbers, email password, etc.
18. HACKER CLASSES
1. Black Hat: Individuals with excellent computer skills who resort to malicious activities
are also known as crackers.
2. White Hat: Individuals professing hackers skills and using them for defensive purposes
are know as security consultants.
3. Grey Hat: Individuals who work both offensively and defensively at various times.
4. Suicide Hackers: Individuals who aim to bring down critical information for a cause and
are not worried about facing 30 years in jail for their actions.
19. HACKER CLASSES
5. Script Kiddies: Individuals who depend on other hacking skills or tools. Unskilled
hackers.
6. Spy Hackers: Hackers who are employed by the organization to spy on their competitors
and gain trade secrets.
7. Cyber Terrorists: Group with religious or political motives to create fear by large scale
disruption of computer networks.
8. State Sponsored Hackers: Hackers employed by the government to penetrate and gain
top-secret information and to damage information systems of other governments.
20. HACKTIVISM
Hacktivism is an act of promoting political agenda by hacking, especially by defacing or
disabling websites.
It thrives in the environment where information is easily accessible.
Aims at sending a message through their hacking activities and gain visibility for a cause.
Common targets include government agencies, multinational corporations or any other
entity perceived as bad or wrong be these group of individuals.
22. Operating System
Attacks
• OS vulnerabilities
Application Level
Attacks
• No Complete Testing
Misconfiguration
attacks
• Default Setting or Misconfigured
Shrink Wrap Codes
Attacks
• Default Scripts (Vulnerabilites)
TYPES OF ATTACKS ON A SYSTEM
There are several ways an attacker can attacks information system. The attacker must be
able to exploit a weakness or vulnerability in a system.
24. VULNERABILITY
RESEARCH
Vulnerability Research is the process of discovering vulnerabilities and design flaw that will
open and operating system and its application to attack or misuse.
Vulnerabilities are classified based on severity level(low, medium or high) and exploit range
(local or remote)
An administration needs vulnerability research:
1. To gather information about security treads, threats and attacks
2. To find weakness and alert the network administrator before a network attack
3. To get information that help to prevent security problems
4. To know how to recover form a network attack.
25. PENETRATION TESTING
Penetration Testing is a method of completely evaluating the security of an information
system or network by simulating an attack from malicious source.
Types of Penetration testing:
1. Black box testing: no knowledge of the computer infrastructure and network.
2. White box testing: complete knowledge
3. Grey box testing: partial knowledge
26. “IF YOU KNOW YOURSELF BUT NOT YOUR
ENEMY, FOR VERY VICTORY GAINED YOU
WILL ALSO SUFFER A DEFEAT”
-Sun Tzu
(Art of War)