An Introduction
In today’s ever-changing world there is a great advantage in learning about Cyber Security. Every day that passes our data volumes keep increasing and sometimes its protection many times is disregarded. Yet, we must make sure to be knowledgable in the area of data protection, specially when handling sensitive data.
This is a very dense subject to talk about but as an introduction to Cyber Security we wanted to bring about some of the basic concepts behind an attack:
Attack Vectors – this as the route or path that enables an unwanted visitor (hacker) to deliver malicious code or ‘payload’
Payload – data carried any transmission unit, most commonly know as ‘packet’
Packet – unit of data routed within a packet-switched computer network
Computer Network – also known as a data network, is a series of nodes interconnected with the purpose of exchanging different types of data
Nodes – in a network a node is a connection that can send, receive and/or store data along a distributed network
Data – information transformed into an efficient state to facilitate exchange between parties
As mentioned previously, this is a dense subject matter, but it gets more interesting from there. It’s also important to get familiar with some other important Cyber Security terms. Two of the most common words in this cyber sec world are: Malware and System Exploitation. Let’s briefly define those and then briefly describe the common phases of an intrusion.
- Malware – programming code developed with the intention and purpose to cause disruption or harm
- Common Types of Malware (Malware Post Series – Coming Soon!)
- Worms
- Virus
- Data Miner
- Browser Hijacker
- Adware
- Spyware
- Ransomware
- Common Types of Malware (Malware Post Series – Coming Soon!)
- System Exploitation – attack or exploit in a computer system that takes advantage of a particular vulnerability many times giving data or even access to protected systems
- Most Common Types of Exploitation (Exploitation Post Series – Coming Soon!)
- SQL Injections
- Cross-Site Scripting
- Denial of Service
- Buffer Overflow
- Most Common Types of Exploitation (Exploitation Post Series – Coming Soon!)
In order for us to understand how intruders gain access into different systems, it’s important to keep an informal framework of the different steps and phases that a hacker undergoes before and during the intrusion. We have been able to summarize and intrusion in a 7-Phase Framework:
Reconnaissance – research, identification and selection of targets
Weaponization – pairing remote access malware with exploit into a deliverable payload (e.g. – .pdf ; .doc ; .xlsx)
Delivery – transmission of weapon to target (e.g. via email, websites)
Exploitation – once delivered, the weapon’s code is triggered, exploiting the vulnerable systems
Installation – the weapon installs a backdoor on a target’s system allowing persisten access
Command & Control – outside servers communicates with the weapons providing access inside of the target’s network
Actions on Objective – the attacker works to achieve the objective of the intrusion, which can include exfiltration or destruction of data, or intrusion of another target
