CYBERSECURITY - A WORLD OF EXPERTS AND CRIMINALS Flashcards
This group of criminals breaks into computers or networks to gain access for various
reasons
Hackers
attackers break into networks or computer systems to discover weaknesses in order to
improve the security of these systems.
White hat
attackers are somewhere between white and black hat attackers. The gray hat attackers may
find a vulnerability and report it to the owners of the system if that action coincides with their agenda.
Gray hat
attackers are unethical criminals who violate computer and network security for personal gain,
or for malicious reasons, such as attacking networks.
Black Hat
- Teenagers or hobbyists mostly limited to pranks and vandalism, have little or
no skill, often using existing tools or instructions found on the Internet to launch attacks.
Script Kiddies
Grey hat hackers who attempt to discover exploits and report
them to vendors, sometimes for prizes or rewards.
Vulnerability Brokers
Grey hat hackers who rally and protest against different political and social
ideas. Hacktivists publicly protest against organizations or governments by posting articles,
videos, leaking sensitive information, and performing distributed denial of service (DDoS)
attacks.
Hacktivists
These are black hat hackers who are either self-employed or
working for large cybercrime organizations.
Cyber Criminals
Depending on a person’s perspective, these are either
white hat or black hat hackers who steal government secrets, gather intelligence, and
sabotage networks. Their targets are foreign governments, terrorist groups, and
corporations
State Sponsored Hackers
is a weakness that makes a target susceptible to an attack
Cyber vulnerability
recognize the threat that data poses if used against people
Cybersecurity specialists
is the possibility that a harmful event, such as an attack, will occur
cybersecurity threat
are particularly dangerous to certain industries and the type of
information they collect and protect
Cyber threats
possess the insight to recognize the influence of data and
harness that power to build great organizations, provide services and protect people
from cyberattacks
- Cybersecurity specialists
are an example of Information Security
Management Standards. The standards provide a framework for implementing
cybersecurity measures within an organization.
ISO 27000 standards
The following examples are just a few sources of data that can come from established
organizations:
Personal Information
Medical Records
Education Records
Employment and Financial Records
Criminals use _______-______ tools to capture data streams over a network. Packet
sniffers work by monitoring and recording all information coming across a network.
Packet Sniffing Tools
interferes with an established network
communication by constructing packets to appear as if they are part of a communication.
Packet Injection
An internal user, such as an employee or contract partner, can accidently or intentionally
Internal Security Threats
Big data is the result of data sets that are large and complex, making traditional
data processing applications inadequate
Impact of Big Data
Big data poses both challenges and opportunities based on three
dimensions:
The amount of data
The speed of data
The range of data types and sources
is a continuous computer hack that occurs under the radar against a specific object. Criminals usually
choose an APT for business or political motives.
Advanced Persistent Threat
can track system self-reporting data, like how much energy a computer is using, and use that information to select
targets or trigger false alerts
Algorithm Attacks
are more devious because they exploit designs used to improve energy savings,
decrease system failures, and improve efficiencies.
Algorithm Attacks
In the past, attacks would select the low hanging fruit or most vulnerable victims. Many of the most
sophisticated attacks will only launch if the attacker can match the signatures of the targeted victim.
Intelligent selection of victims
refers to multiple enterprises that let their users use the same identification credentials gaining access to
the networks of all enterprises in the group. The goal of federated identity management is to share identity information automatically
across castle boundaries.
Federated Identity Management
uses phone calls against a target telephone network tying up the system and
preventing legitimate calls from getting through.
Telephone denial of service or TDOS attack
The Seven Categories of Cybersecurity Work
Operate and Maintain
Protect and Defend
Investigate
Collect and Operate
Analyze
Oversight and Development
Securely Provision
includes providing the support, administration, and maintenance required to ensure IT system
performance and security
Operate and Maintain
includes the identification, analysis, and mitigation of threats to internal systems and networks
Protect and Defend
includes the investigation of cyber events and/or cyber crimes involving IT resources
Investigate
includes specialized denial and deception operations and the collection of cybersecurity information
Collect and Operate
includes highly specialized review and evaluation of incoming cybersecurity
information to determine if it is useful for intelligence
Analyze
provides for leadership, management, and direction to
conduct cybersecurity work effectively
Oversight and Development
includes conceptualizing, designing, and building secure IT systems
Securely Provision
How to Become a Cybersecurity Specialist
Study
Pursue Certifications
Pursue Internships
Join Professional Organizations
Industry Certifications
CompTIA Security+
CEH
GSEC
CISSP
CISM
CCNA SECURITY
Company Sponsored Certifications
An internal user, such as an employee or contract partner, can accidently or intentionally
Internal Security Threats
External threats from amateurs or skilled attackers can exploit vulnerabilities in networked devices, or can use social
engineering, such as trickery, to gain access.
External Security Threats
