Image result for Malware

An Introduction

In today’s ever-changing world there is a great advantage in learning about Cyber Security. Every day that passes our data volumes keep increasing and sometimes its protection many times is disregarded.  Yet, we must make sure to be knowledgable in the area of data protection, specially when handling sensitive data.

This is a very dense subject to talk about but as an introduction to Cyber Security we wanted to bring about some of the basic concepts behind an attack:

  • Attack Vectors – this as the route or path that enables an unwanted visitor (hacker) to deliver malicious code or ‘payload’

  • Payload –  data carried any transmission unit, most commonly know as ‘packet’

  • Packet – unit of data routed within a packet-switched computer network

  • Computer Network – also known as a data network, is a series of nodes interconnected with the purpose of exchanging different types of data

  • Nodes – in a network a node is a connection that can send, receive and/or store data along a distributed network

  • Data – information transformed into an efficient state to facilitate exchange between parties

As mentioned previously, this is a dense subject matter, but it gets more interesting from there. It’s also important to get familiar with some other important Cyber Security terms. Two of the most common words in this cyber sec world are: Malware and System Exploitation. Let’s briefly define those and then briefly describe the common phases of an intrusion.

Image result for Malware

  • Malware – programming code developed with the intention and purpose to cause disruption or harm
    • Common Types of Malware (Malware Post Series – Coming Soon!)
      • Worms
      • Virus
      • Data Miner
      • Browser Hijacker
      • Adware
      • Spyware
      • Ransomware
  • System Exploitation – attack or exploit in a computer system that takes advantage of a particular vulnerability many times giving data or even access to protected systems
    • Most Common Types of Exploitation (Exploitation Post Series – Coming Soon!)
      • SQL Injections
      • Cross-Site Scripting
      • Denial of Service
      • Buffer Overflow

In order for us to understand how intruders gain access into different systems, it’s important to keep an informal framework of the different steps and phases that a hacker undergoes before and during the intrusion. We have been able to summarize and intrusion in a 7-Phase Framework:

  • Reconnaissance – research, identification and selection of targets

  • Weaponization – pairing remote access malware with exploit into a deliverable payload (e.g. – .pdf ; .doc ; .xlsx)

  • Delivery – transmission of weapon to target (e.g. via email, websites)

  • Exploitation – once delivered, the weapon’s code is triggered, exploiting the vulnerable systems

  • Installation – the weapon installs a backdoor on a target’s system allowing persisten access

  • Command & Control – outside servers communicates with the weapons providing access inside of the target’s network

  • Actions on Objective – the attacker works to achieve the objective of the intrusion, which can include exfiltration or destruction of data, or intrusion of another target