[fusion_builder_container hundred_percent=”no” hundred_percent_height=”no” hundred_percent_height_scroll=”no” hundred_percent_height_center_content=”yes” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”no” class=”” id=”” background_color=”” background_image=”” background_position=”left top” background_repeat=”no-repeat” fade=”no” background_parallax=”none” enable_mobile=”no” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” video_preview_image=”” border_size=”0px” border_color=”” border_style=”solid” margin_top=”” margin_bottom=”” padding_top=”4%” padding_right=”” padding_bottom=”” padding_left=””][fusion_builder_row][fusion_builder_column type=”1_6″ layout=”1_6″ spacing=”0px” center_content=”no” link=”” target=”_self” min_height=”” hide_on_mobile=”medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”left top” undefined=”” background_repeat=”no-repeat” hover_type=”none” border_size=”0″ border_color=”” border_style=”solid” border_position=”all” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”” margin_bottom=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=”” last=”no”][/fusion_builder_column][fusion_builder_column type=”2_3″ layout=”2_3″ spacing=”0px” center_content=”no” link=”” target=”_self” min_height=”” hide_on_mobile=”no” class=”” id=”” background_color=”” background_image=”” background_position=”left top” undefined=”” background_repeat=”no-repeat” hover_type=”none” border_size=”0″ border_color=”” border_style=”solid” border_position=”all” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”” margin_bottom=”” animation_type=”” animation_direction=”left” animation_speed=”0.1″ animation_offset=”” last=”no”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” class=”” id=””]

An Introduction

In today’s ever-changing world there is a great advantage in learning about Cyber Security. Every day that passes our data volumes keep increasing and sometimes its protection many times is disregarded.  Yet, we must make sure to be knowledgable in the area of data protection, specially when handling sensitive data.

This is a very dense subject to talk about but as an introduction to Cyber Security we wanted to bring about some of the basic concepts behind an attack:

[/fusion_text][fusion_checklist icon=”” iconcolor=”” circle=”” circlecolor=”” size=”” divider=”” divider_color=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=””][fusion_li_item icon=””]

Attack Vectors – this as the route or path that enables an unwanted visitor (hacker) to deliver malicious code or ‘payload’

[/fusion_li_item][fusion_li_item icon=””]

Payload –  data carried any transmission unit, most commonly know as ‘packet’

[/fusion_li_item][fusion_li_item icon=””]

Packet – unit of data routed within a packet-switched computer network

[/fusion_li_item][fusion_li_item icon=””]

Computer Network – also known as a data network, is a series of nodes interconnected with the purpose of exchanging different types of data

[/fusion_li_item][fusion_li_item icon=””]

Nodes – in a network a node is a connection that can send, receive and/or store data along a distributed network

[/fusion_li_item][fusion_li_item icon=””]

Data – information transformed into an efficient state to facilitate exchange between parties

[/fusion_li_item][/fusion_checklist][fusion_separator style_type=”none” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” sep_color=”” top_margin=”10px” bottom_margin=”” border_size=”” icon=”” icon_circle=”” icon_circle_color=”” width=”” alignment=”center” /][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” class=”” id=””]

As mentioned previously, this is a dense subject matter, but it gets more interesting from there. It’s also important to get familiar with some other important Cyber Security terms. Two of the most common words in this cyber sec world are: Malware and System Exploitation. Let’s briefly define those and then briefly describe the common phases of an intrusion.

• Malware – programming code developed with the intention and purpose to cause disruption or harm
  • Common Types of Malware (Malware Post Series – Coming Soon!)
    • Worms
    • Virus
    • Data Miner
    • Browser Hijacker
    • Adware
    • Spyware
    • Ransomware

• System Exploitation – attack or exploit in a computer system that takes advantage of a particular vulnerability many times giving data or even access to protected systems
  • Most Common Types of Exploitation (Exploitation Post Series – Coming Soon!)
    • SQL Injections
    • Cross-Site Scripting
    • Denial of Service
    • Buffer Overflow

In order for us to understand how intruders gain access into different systems, it’s important to keep an informal framework of the different steps and phases that a hacker undergoes before and during the intrusion. We have been able to summarize and intrusion in a 7-Phase Framework:

[/fusion_text][fusion_separator style_type=”none” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” sep_color=”” top_margin=”10px” bottom_margin=”” border_size=”” icon=”” icon_circle=”” icon_circle_color=”” width=”” alignment=”center” /][fusion_checklist icon=”” iconcolor=”” circle=”” circlecolor=”” size=”” divider=”” divider_color=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=””][fusion_li_item icon=””]

Reconnaissance – research, identification and selection of targets

[/fusion_li_item][fusion_li_item icon=””]

Weaponization – pairing remote access malware with exploit into a deliverable payload (e.g. – .pdf ; .doc ; .xlsx)

[/fusion_li_item][fusion_li_item icon=””]

Delivery – transmission of weapon to target (e.g. via email, websites)

[/fusion_li_item][fusion_li_item icon=””]

Exploitation – once delivered, the weapon’s code is triggered, exploiting the vulnerable systems

[/fusion_li_item][fusion_li_item icon=””]

Installation – the weapon installs a backdoor on a target’s system allowing persisten access

[/fusion_li_item][fusion_li_item icon=””]

Command & Control – outside servers communicates with the weapons providing access inside of the target’s network

[/fusion_li_item][fusion_li_item icon=””]

Actions on Objective – the attacker works to achieve the objective of the intrusion, which can include exfiltration or destruction of data, or intrusion of another target

[/fusion_li_item][/fusion_checklist][/fusion_builder_column][fusion_builder_column type=”1_6″ layout=”1_6″ spacing=”0px” center_content=”no” link=”” target=”_self” min_height=”” hide_on_mobile=”medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”left top” undefined=”” background_repeat=”no-repeat” hover_type=”none” border_size=”0″ border_color=”” border_style=”solid” border_position=”all” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”” margin_bottom=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=”” last=”no”][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]