Hi everyone👋👋 today I would like to share some information about Ethical Hacking.Ethical hacking is a security practice where a hired hacker, either an individual or an appointment within a company, attempts to break into a system, simulating a malicious cyber-attackers action.The ethical hacker, colloquially known as a white hat hacker, is typically a computer security expert specializing in pen testing, penetration testing, and other testing methodologies.
Ethical hacking plays an essential role in checking for weaknesses and entry points in a network, infrastructure, and web application security. A white hat hacker uses the same methods as a malicious hacker would use. The ethical hacker’s goal is to test the safety of an organization’s information systems to improve their security. Given the value of ethical hacking, especially considering the damage caused by a successful malicious hacking, there is increasing interest in deploying ethical hackers to combat today’s cyber threats.
What are the key concepts of ethical hacking?
- Stay legal. Obtain proper approval before accessing and performing a security assessment.
- Define the scope. Determine the scope of the assessment so that the ethical hacker’s work remains legal and within the organization’s approved boundaries.
- Report vulnerabilities. Notify the organization of all vulnerabilities discovered during the assessment. Provide remediation advice for resolving these vulnerabilities.
- Respect data sensitivity. Depending on the data sensitivity, ethical hackers may have to agree to a non-disclosure agreement, in addition to other terms and conditions required by the assessed organization.
What skills and certifications should an ethical hacker obtain?
An ethical hacker should have a wide range of computer skills. They often specialize, becoming subject matter experts (SME) on a particular area within the ethical hacking domain.
All ethical hackers should have:
- Expertise in scripting languages.
- Proficiency in operating systems.
- A thorough knowledge of networking.
- A solid foundation in the principles of information security.
Now I will share some knowledge from A Session Which I have attended a the topic of ‘Introduction to Cyber Security’ organized by the Software Engineering Teaching Unit of the University of Kelaniya. Mr. Harsha Kalutarage presented session. Basically, Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories.
The Importance of Cybersecurity
Cybersecurity’s importance is on the rise. Fundamentally, our society is more technologically reliant than ever before and there is no sign that this trend will slow. Data leaks that could result in identity theft are now publicly posted on social media accounts. Sensitive information like social security numbers, credit card information and bank account details are now stored in cloud storage services like Dropbox or Google Drive.
The fact of the matter is whether you are an individual, small business or large multinational, you rely on computer systems every day. Pair this with the rise in cloud services, poor cloud service security, smartphones and the Internet of Things (IoT) and we have a myriad of cybersecurity threats that didn’t exist a few decades ago. We need to understand the difference between cybersecurity and information security, even though the skillsets are becoming more similar.
Defining CIA in security
The CIA triad represents the functions of your information systems. Your information system encompasses both your computer systems and your data. Ben Dynkin, Co-Founder & CEO of Atlas Cybersecurity, explains that these are the functions that can be attacked -which means these are the functions you must defend.
The CIA security triad is comprised of three functions:
- Confidentiality. A system’s ability to ensure that only the correct, authorized user/system/resource can view, access, change, or otherwise use data.
- Integrity. A system’s ability to ensure that the system and information is accurate and correct.
- Availability. A system’s ability to ensure that systems, information, and services are available the vast majority of time.
Let’s look at each in more details.
Implications of the CIA Triad
The CIA triad has the goals of confidentiality, integrity and availability, which are basic factors in information security. Information security protects valuable information from unauthorized access, modification and distribution. The CIA triad guides information security efforts to ensure success. There are instances when one of the goals of the CIA triad is more important than the others. It is up to the IT team, the information security personnel, or the individual user to decide on which goal should be prioritized based on actual needs. Thus, the CIA triad requires that organizations and individual users must always take caution in maintaining confidentiality, integrity and availability of information.
What is access control?
Access control is a fundamental component of data security that dictates who’s allowed to access and use company information and resources. Through authentication and authorization, access control policies make sure users are who they say they are and that they have appropriate access to company data. Access control can also be applied to limit physical access to campuses, buildings, rooms, and data centers.
Why is access control important?
Access control keeps confidential information, including customer data, personally identifiable information, and intellectual property, from falling into the wrong hands. Without a robust access control policy, organizations risk data leakage from both internal and external sources.
It’s particularly important for organizations with hybrid, multi-cloud cloud environments, where resources, apps, and data reside both on premises and in the cloud. Access control can provide these environments with more robust access security beyond single sign-on (SSO).
Machine Learning in Cybersecurity
The role of Machine Learning in protecting people’s data in a digital world is growing all the time, and for good reason. Machine Learning is capable of constantly analyzing immense amounts of data in order to detect any kind of malware or virus that could indicate a security breach, then adjusting to protect against them.
Here are just some of the benefits Machine Learning offers cybersecurity for businesses and consumers:
- Thorough, hands-off system scanning for data breaches, malware, and more
- Endpoint protection through quick remediation
- Fast analysis of large amounts of data
- Adjustments without the need for expert input
These benefits of Machine Learning for business operations enhance the security of data with fast and effective monitoring and prevention of cybersecurity breaches. Without Machine Learning, cybersecurity programs take time to catch and resolve. Security experts can’t monitor systems on the scale that Machine Learning AI can.
The most common network security threats
A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure. Knowing how to identify computer security threats is the first step in protecting computer systems. Mainly most of the computer-based systems have following kinds of threats and security concerns.there are some computer security threats here
- Computer Virus
- Rogue security software
- Trojan horse
- Adware and spyware
- Computer worm
- DOS and DDOS attack
- SQL Injection attack
- MIM attacks
It can seem a difficult task to keep track of all the network security threats that are out there, and the new ones that just keep emerging. Whether the media is creating a culture of fear out of being online and placing trust in leaving our information out for all to see, or whether the threats that wait in the dark corners of the Internet are truly serious and can happen to anyone, the best thing we can all do is to be prepared. There is no way to be completely sure that a system is impenetrable by cybersecurity threat. We need to ensure that our systems are as secure as possible.