Cybersecurity is the protection of internet-connected systems such as hardware, software, and data from cyber-threats and attacks. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems.
This is popularly known as cyber-attacks or hacks, a cyber-threat is an attempt to expose, alter, disable, destroy, steal, or gain unauthorized access to or make unauthorized use of an asset.
There are various ways cyber-attacks are carried out depending on the nature of what is being attacked. Some of which include:
This form of attack involves an attacker cloning the login page of a website and sharing it with victims in an attempt to steal their login credentials.
This form of attack involves the creation and distribution of malware. Examples of malware are viruses, trojan horses, network worms, ransomware, etc.
This form of attack is targeted at databases. They attempt to steal or clone the database content of a website, or app if the queries constructed from user input are not properly sanitized.
This form of attack seeks to overload a web server by sending more requests than it can handle within a short period of time.
This form of attack involves a user trying every possible combination of passwords for a user account on a website.
This form of attack is common in networks and occurs when an attacker intercepts requests sent outside a network. An example of this is an attacker seeing form data being submitted on websites and even changing their values (the data can include passwords and credit card information).
This form of attack is a newly discovered, or developed vulnerability for a system, platform, or application that the creator of the software has not had time to patch or fix.
This form of attack involves an attacker attempting to get access to a system via the users themselves.
This form of attack allows an attacker to perform actions on websites that a user is authenticated on without their consent or knowledge.
This form of attack involves attacking a system with inside help. This could be an employee who decides to destroy a system and not an unknown outside attacker.
Cyber-attacks cause various damages to businesses, companies, and individuals some of which include but not limited to:
- Loss of corporate information.
- Loss of money and financial information.
- Disruption of business operations and possible bankruptcy.
- Reputational damage to a company or business.
- Legal consequences of a data breach.
There are various paths to take in Cybersecurity, all of which have different areas of specialization. Some of the fields include:
- Application Security
- Penetration Testing
- Reverse Engineering
- Digital Forensic Analysis
- Systems Administration
- Malware Analysis
There are different categories of hackers, the categories are based upon the end goal of the hacker. Some report, some exploit, others do it for fun. The categories include:
This set of hackers break into a system, then report vulnerabilities found in the system and work with the development team to fix the flaws found.
This set of hackers break into a system, then exploit it for their own personal gain or to destroy a company, or business. These are the set of people referred to as cybercriminals.
These set of hackers are the hobbyists and people who practice hacking for the fun of it. They break into systems and either report or exploit or even do nothing about it. They have no definite aim, just on the fence between good and bad.
This set of hackers target corporate and governmental platforms intending to take down their systems, expose information, or just making their voices heard.
Red teams are offensive security professionals who are experts in attacking systems and breaking into defenses while Blue teams are defensive security professionals responsible for maintaining internal network defenses against all cyber-attacks and threats.
Penetration testing also called pen testing or ethical hacking is the practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.
Penetration testing steps gotten from imperva.com
The first stage involves:
- Defining the scope and goals of a test, including the systems to be addressed and the testing methods to be used.
- Gathering intelligence (e.g network and domain names, mail server) to better understand how a target works and its potential vulnerabilities.
The next step is to understand how the target application will respond to various intrusion attempts. This is typically done using:
- Static analysis - Inspecting an application’s code to estimate the way it behaves while running. These tools can scan the entirety of the code in a single pass.
- Dynamic analysis - Inspecting an application’s code in a running state. This is a more practical way of scanning, as it provides a real-time view of an application’s performance.
This stage uses web application attacks, such as cross-site scripting, SQL injection, and backdoors, to uncover a target’s vulnerabilities. Testers then try and exploit these vulnerabilities, typically by escalating privileges, stealing data, intercepting traffic, etc., to understand the damage they can cause.
The goal of this stage is to see if the vulnerability can be used to achieve a persistent presence in the exploited system long enough for a bad actor to gain in-depth access. The idea is to imitate advanced persistent threats, which often remain in a system for months to steal an organization’s most sensitive data.
The results of the penetration test are then compiled into a report detailing:
- Specific vulnerabilities that were exploited.
- Sensitive data that was accessed.
- The amount of time the pentester was able to remain in the system undetected.
- Learn Linux (Parrot OS or Kali).
- Familiarising yourself with pen-testing tools on your distro.
- Joining cybersecurity communities.
- Following cybersecurity researchers on Twitter.
- Playing CTF.
- Getting Certifications.
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- Certified Information System Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- NIST Cybersecurity Framework (NCSF)
- Certified Cloud Security Professional (CCSP)
- Computer Hacking Forensic Investigator (CHFI)
- Cisco Certified Network Associate (CCNA) Security
- High paying salary up to $90k annually.
- You're learning and building a skill that only a small percentage of people have.
- High demand for cybersecurity experts.
- Cybersecurity is an evergreen industry where its personnel is needed in every single company operating in the digital space.
- Unlimited career growth options.
- Opportunities to work with high profile agencies.
- It's filled with a lot of fun and interesting moments.
In this article, we walked through what Cybersecurity is, saw forms of Cyber Threats and the effects they have on a business, company, or individual. We also explored fields in Cybersecurity, went over different categories of hackers, and learned about Red and Blue Teams. We took a deep dive into penetration testing and explored processes in it then saw a Cybersecurity roadmap, looked at a couple of Cybersecurity certifications, and why people should have Cybersecurity skills.
I also plan to start a series that goes in-depth into explaining forms of cyber-attacks, how they are carried out, and show how to protect your application from them. Subscribe so you don't miss out on this. If you have any questions, don't hesitate to hit me up on Twitter: @LordGhostX