This article is based on a lecture, Introduction to Cyber Security which has been delivered by Dr. Harsha Kalutarage, guest lecturer - University of Kelaniya. It was organized by Software Engineering Teaching Unit - University of Kelaniya, Sri Lanka.
Nowadays, with the rapid development in technology and usage of computer systems, it has been a massive challenge in protecting digital data, privacy information like banking details, medical reports, etc.
Cyber security and technologies are developed to prevent cyber attacks and create a safe environment for users.
There are guidelines or models developed to highlight core data security objectives and serve as a guide for organizations to keep their sensitive data protected from unauthorized access and data ex-filtration.
Ex: CIA Triad
CIA is an acronym for,
- Confidentiality ensures that information is accessible only by authorized individuals
- Integrity ensures that information is reliable
- Availability ensures that data is available and accessible to satisfy business needs
These are the most crucial components of security. Various security controls are applied to achieve these goals.
Access control is the process of identifying a subject and determining their level of access to an object. Subject is the one who try to access. It can be a user, a program or a process. Object is the entity that is going to be accessed. It can be a file, program.
There are three access control types.
- Physical - prevent unauthorized physically access.
- Logical - prevent unauthorized electronic access
- Administrative - access control policies, procedures and guidelines
Modern access control systems are designed combining all these three types.
Logical Access Control
These mechanisms are used to prevent unauthorized electronic access(virtual access) to objects. Identification, authentication, authorization, accountability mechanisms are used here. These process enforce an access control policy over subjects.
An intruder is someone who penetrates system's access controls to gain unauthorized access to a target system. They identify vulnerabilities of a system and attack.
These intruders can be motivated by various purposes like profit, protest, information gathering, challenges. These intruders or hackers can be categorized according to their purposes.
Black hat hackers
Those are the individuals who illegally hack into a system for monetary gain.
White hat hackers
Those are the individuals who explain the system's vulnerabilities by hacking into it with permission, to defend the organization.
Grey hat hackers
Those hackers discover vulnerabilities in the system and report it to the owner of the system, but they do this without seeking owner's approval.
Intruder detection can be done by monitoring activities based on misuse of signature or anomaly behaviors. This can be done manually or using machine learning techniques.
Ethical hacking, also known as white hat or penetration testing or pen testing, is legally breaking into computers and devices to test an organization's defenses. Ethical hacking is used to improve the security of the systems and networks by fixing the vulnerability found while testing.
Ethical hackers improve the security posture of an organization. Ethical hackers use the same tools, tricks and techniques that malicious hackers used, but with the permission of the authorized person. The purpose of ethical hacking is to improve the security and to defend the systems from attacks by malicious users.
These techniques can be divided as following categories,
Network hacking means gathering information about a network with the intent to harm the network system and hamper its operations using the various tools like telnet, NS lookup, Ping, Tracert etc.
Website hacking means taking unauthorized access over a web server, database and make a change in information.
Computer hacking means unauthorized access to the computer and steals the information from PC like computer id and password by applying hacking methods.
Password hacking is the process of recovering secret password from data that has been already stored in the computer system.
Email hacking means unauthorized access on an email account and using it without the owners's permission.