Ananya Bhardwaj's Blog

Ethical Hacking and Cyber Security Fundamentals

Ananya Bhardwaj's photo
Ananya Bhardwaj
·

9 min read

Table of contents

Introduction to Ethical Hacking and Cyber Security

All of us get fascinated by images of people working on systems in dark rooms with their hoodies on their heads.
It looks so classy and cool after all!
But, do we actually know what those people do, and do such people really exist? So in this very first blog

I would tell you what they do and who they are?

Ethical Hacking

What is hacking?

It is the process of finding vulnerabilities and security breaches in a system to gain access to the data and/or corrupt files in a network, website, software, or any electronic device or to violate the privacy of others.

Then what is ethical hacking?

Ethical Hacking is similar to hacking only the intention of gaining access is not malicious. It is legal and to safeguard systems from cyber-attacks and threats.

What is cyber security?

It is the protection of data, confidential information such as passwords, pin codes etc., and personal information stored in inter-connected systems or software and hardware from cyber threats and digital attacks.

Phases of Hacking

Reconnaissance

It is also known as footprinting or information-gathering phase. In this phase, information is gathered on three major groups/ categories

  1. Host

  2. Network

  3. Number of people involved in the network

Before carrying out the attack this is the preparatory phase to gather information about the target in order to carry out a successful attack

Fig 1.1 Comparison of types of reconnaissance

Scanning

This phase involves using the information gathered in the first phase to find vulnerabilities in the network that the hacker wants to hack. It consists of three types of scanning

Fig 1.2 Comparison of types of scanning

Gaining access

In this phase, the attacker finally manages to break into the system/network using certain tools, techniques, and processes by exploiting some vulnerabilities. The attacker tries to get the administrator access to the network so that he can make changes to the system easily and effectively.

Maintaining access

  • During this phase, the attacker intends to maintain access to the target system/network.

  • He tries to maintain this access until he finishes the task he aimed to accomplish in that target.

  • The attacker wants to maintain access in the background without letting the user/administrator know about it.

  • This can be done using trojans, rootkits, or other malicious files/software.

Clearing track

The attacker also does not want to be caught thus in this last phase he clears all potential evidence that may lead to his arrest. This involves clearing server logs, modifying registry values, uninstalling all applications, and deleting all folders, software, and malicious files.

Types of Hackers

This is for all those who are planning to start their hacking journey. Hope that you do not end up being an unethical hacker after reading this😟

  • White hat hackers

  1. They are also known as Ethical Hackers

  2. These are basically the good people 👼 of the hacking industry

  3. They do everything within the lawful boundaries

  4. They do not have malicious intentions

  5. They do this to improve the security of the systems by checking and scanning for vulnerabilities and then using necessary tools to provide better protection

  • Black hat hackers

  1. They perform illegal activities for their own personal interests

  2. They gain unauthorized access to confidential data through cyber threats and attacks

  3. They have malicious intentions👾

  4. They steal information, violate privacy, corrupt important files, implant viruses, and disrupt the working of the system

  5. These are the hackers commonly shown in movies with a hoody

  • Grey hat hackers

  1. They perform the tasks of both white as well as grey-hat hackers

  2. They also do not have malicious intent

  3. They also break illegally into a system to check for security breach potential and vulnerabilities and the security of the system but eventually inform the administrator or the authorities about it.

  4. All this may lead you to think that they just break into the system illegally to check for vulnerabilities and ultimately they are good people. But, let me tell you that gray hat hacking is also illegal as they are not authorized for whatever they do.

  • Script Kiddie

  1. They are amateur hackers 👶 who carry out their hacking activities by using readymade tools and scripts.

  2. They perform illegal work but are unaware of the negative results or outcomes of their activities.

  3. They do not have any intention to learn hacking techniques.

  • Green Hat Hacker

  1. They are newbies

  2. They are also like script kiddies but they have the intention to learn. They do not copy premade codes.

  3. They also ask a lot of questions out of curiosity to learn along the way.

  4. They wish to become a full-fledged hacker.

  • Red Hat Hacker

  1. They are similar to white hat hackers as they also work to stop black hat hackers and anyone who shouldn’t have access to information.

  2. But their methods to do so are scary and unethical

  3. They take it upon themselves to basically take revenge from the black hat hacker by shutting their system down.

  • Suicide Hacker

These groups of hackers may have all kinds of hackers like black hat, white hat, grey hat, etc. who have their own political agendas and own motives.

  • Codder/Cracker

This is not a type of hacker but an important type to mention about. He is a person who only has knowledge about coding in some programming languages and no specific knowledge about hacking. However, he is able to hack or gain access to information because he can make changes in the source code. A hacker can be a cracker but a cracker cannot be a hacker.

CIA Triad

CIA triad is an information security model which helps organizations to set certain rules, regulations, and policies to protect the organization from unauthorized access and data exfiltration. The principles which form the core of the CIA are:

C stands for Confidentiality

I for Integrity

A for Availability

Confidentiality:

It aims to protect sensitive information from being accessed by unauthorized individuals or systems when it is being transferred via a network or as such. One way to do this is to use encryption techniques so that even if the data gets corrupted it cannot be decrypted. Encryption standards include

AES: Advanced Encryption Standard

DES: Data Encryption Standard

Data is commonly categorized based on the amount and type of damage that can be caused to it if it fell into wrong hands. Appropriate measures are then implemented according to the categories.

Integrity:

It involves making sure that the data does not change in transit. It should not be modified while data is being sent over the network may be between two systems. The way to ensure this is the use of hash functions. Two commonly used hash functions are

MD5 (Message Direct 5)

SHA (Secure Hash Algorithm)

What a hash function does is when data is sent from one system to another it reads the data and attaches an arbitrary hash value H1 to the data. When the data is received at the other end the hash function again reads the data and attached another hash value H2 to it. If H1=H2, then the integrity of the data has been maintained.

Availability:

This ensures that data is readily available to authorized users as and when required. This should not take an ample amount of time and the system or network should be designed in such a way that in case of any attack or natural calamity as well the information is available through other systems if the primary system has been affected.

Malware

Malicious software or malware is an umbrella term used to describe any type of software, program, etc. that is installed on the system without the user’s consent and knowledge. It is designed to harm or corrupt the programs, files, information, etc. on the system of the host.

Computer viruses, worms, trojan horses, spyware, ransomware, scareware, adware, and other malicious programs come under the category of malware.

  • Viruses

These are the malicious programs that spread across systems and programs. They cause disruption to systems, operational problems like reduced speed, pop-up windows, crashing of devices, changes to default settings, etc., and damage the data as well as software. They attach themselves to an executable host file. Now, when the host file is opened the virus becomes active. The most important aspect of a virus is that it is able to replicate itself.

  • Worms

They do not need to attach themselves to the host files. They themselves are software that can replicate on their own and spread through the systems.

  • Trojans or Trojan Horse

These are also software that deceive the host into believing that they are legitimate but in reality, they run malicious activities on the systems. These also help the attacker establish a backdoor. They cannot replicate themselves.

  • Spyware

It is a program which collects information about the user, it’s computer, it’s internet browsing, the documents downloaded by the user, payment details etc. and sends this data to the hacker. This is used to steal passwords, money etc. Keyloggers are examples of spyware.

  • Ransomware

This is a version of malware that blocks/denies access to the victims to files/data on their own computer/system by either locking the screen, or encrypting files etc. They then ask for a ransom in order to give the access again or the decryption key(in case of crypto ransomware).

  • Scareware

This aims at tricking the user to believe that some files of the system have been corrupted. This is done by using fake pop-ups. These would repeatedly come on the screen until the user is forced to click on some option like ‘Remove all threats’ or to download their fake antivirus software. This antivirus would not be the legitimate one but would implant some other kind of malware into the victim’s computer.

  • Adware

It is also known as advertising-supported software. It is a type of software which pop-ups adverts usually within a web browser. They collect the user’s browsing history to pop up ads that are tailored based on our interests. These get on to a victim's computer through free softwares downloaded from the internet or may be inserted by a hacker. These are used for advertising purposes and adware creators make their money from third parties via Pay-per-click or Pay-per-view or Pay-per-install.

Obfuscated Malware

Let me first discuss the dictionary meaning of obfuscated then it would be easier to relate and get the meaning of obfuscated malware.

Obsfucation: The action of making something obscure, unclear, or unintelligible.

Obsfucated malware means when authors make it's detection difficult. It's underlying functionality is not affected but it's strings are rendered unreadable.

Commonly adopted methods for obfuscation are:

  • Packing: This involves compressing the executable file. On compression, the hash of the file changes compared to the original one and many strings become incomprehensible. So, for a person relying on these two factors for static analysis, the outcome may not be correct.

  • Encryption: The code is encrypted to make it's analysis further, difficult.

  • Encoding: It is quite similar to encryption, but it does not use keys. An example is Base64 encoding.

  • Dead Code Insertion: This makes the code difficult to analyze but does not affect the working of the file.

#cybersecurityhacking