Ethical hacking
Ethical hacking involves an authorized attempt to gain unauthorized access to a computer system, application, or data. Carrying out an ethical hack involves duplicating strategies and actions of malicious attackers. This practice helps to identify security vulnerabilities that can then be resolved before a malicious attacker has the opportunity to exploit them.
Ethical Hacking sometimes called Penetration Testing is an act of intruding/penetrating into a system or networks to find out threats, vulnerabilities in those systems which a malicious attacker may find and exploit causing loss of data, financial loss, or other major damages.
A model to guide information security policies
An information security policy (ISP) is a set of rules that guide individuals who work with IT assets. Your company can create an information security policy to ensure your employees and other users follow security protocols and procedures. An updated and current security policy ensures that sensitive information can only be accessed by authorized users.
- Confidentiality is roughly equivalent to Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent measures can then be implemented according to those categories.
- Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).
- Availability means information should be consistently and readily accessible for authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.
Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data. There are three types of access control.
Physical access control can take a number of forms, but the basic idea is to create barriers to prevent unauthorized people from entering a physical space. In other words, physical access control ensures that only those who are allowed to enter an area can enter it.
Logical access control is defined as restricting virtual access to data; it consists of identification, authentication, and authorization protocols utilized worldwide to protect hardware from unauthorized access, including password programs, smart cards, or tokens to identify and screen users and access levels.
Access control administration is the collection of tasks and duties assigned to an administrator to manage user accounts, access, and accountability. A system’s security is based on the effective administration of access controls. Remember that access controls rely upon four principles: identification, authentication, authorization, and accountability.
We can define hacking into different categories, based on what is being hacked. These are as follows:
Network Hacking: Network hacking means gathering information about a network with the intent to harm the network system and hamper its operations using various tools like Telnet, NS lookup, Ping, Tracert, etc.
Website hacking: Website hacking means taking unauthorized access over a web server, database and make a change in the information.
Computer hacking: Computer hacking means unauthorized access to the computer and steals the information from PC like Computer ID and password by applying hacking methods.
Password hacking: Password hacking is the process of recovering secret passwords from data that has been already stored in the computer system.
Email hacking: Email hacking means unauthorized access to an Email account and using it without the owner’s permission.
Authentication
Authentication is the act of validating that users are who they claim to be. This is the first step in any security process.
Complete an authentication process with:
Passwords. Usernames and passwords are the most common authentication factors. If a user enters the correct data, the system assumes the identity is valid and grants access.
One-time pins. Grant access for only one session or transaction.
Authentication apps. Generate security codes via an outside party that grants access.
Biometrics. A user presents a fingerprint or eye scan to gain access to the system.
In some instances, systems require the successful verification of more than one factor before granting access. This multi-factor authentication (MFA) requirement is often deployed to increase security beyond what passwords alone can provide.
The cyberattack lifecycle, first articulated by Lockheed Martin as the “kill chain,” depicts the phases of a
cyber attack: Recon — the adversary develops a target; Weaponize — the attack is put in a form to be
executed on the victim’s computer/network; Deliver — the means by which the vulnerability is
weaponized; Exploit — the initial attack on target is executed; Control — mechanisms are employed to
manage the initial victims; Execute — leveraging numerous techniques, the adversary executes the plan;
and Maintain — long-term access is achieved.
Passwords
Password authentication is a process that involves a user inputting a unique ID and key that are then checked against stored credentials.
Best Practices:
· Two-factor authentication minimizes the impact of stolen credentials
· Do not use easily guessable information such as phone number, birthday, address
· Create strong unique passwords unrecognizable by the dictionary.
· Change the default password of devices you buy
· Never reuse passwords between different devices and accounts
· Update password regularly
Password hacking methods: Phishing, Malware, Brute force attack, Dictionary attack, Mask attack.
Machine Learning in cybersecurity
Machine learning has become a vital technology for cybersecurity. Machine learning preemptively stamps out cyber threats and bolsters security infrastructure through pattern detection, real-time cybercrime mapping, and thorough penetration testing.
