Cyber Security 101

A Quick Introduction

Cyber Security
In today’s ever-changing world, there is a great advantage in learning about Cyber Security.

Cyber Security is a very dense subject to talk about, but as an introduction, I wanted to bring about some of the basic concepts behind an attack.

Every day that passes our data volumes keep increasing and sometimes its protection many times is disregarded. We must make sure to be knowledgable in the area of data protection, especially when handling sensitive data.

  • Attack Vectors – this as the route or path that enables an unwanted visitor (hacker) to deliver malicious code or ‘payload.’
  • Payload – data carried any transmission unit, most commonly known as ‘packet.’
  • Packet – a unit of data routed within a packet-switched computer network
  • Computer Network – also known as a data network, is a series of nodes interconnected to exchange different types of data
  • Nodes – in a network a node is a connection that can send, receive and/or store data along with a distributed network
  • Data – information transformed into an efficient state to facilitate exchange between parties

Malware & System Exploitation

As mentioned previously, this is a dense subject matter, but it gets more interesting from there. It’s also essential to get familiar with some other important Cyber Security terms. Two of the most common words in this cyber sec world are Malware and System Exploitation. Let’s briefly define those and then briefly describe the typical phases of an intrusion.

  • Malware – programming code developed with the intention and purpose to cause disruption or harm
  • Common Types of Malware (Malware Post Series – Coming Soon!)
    • Worms
    • Virus
    • Data Miner
    • Browser Hijacker
    • Adware
    • Spyware
    • Ransomware
  • System Exploitation – attack or exploit in a computer system that takes advantage of a particular vulnerability many times giving data or even access to protected systems
  • Most Common Types of Exploitation (Exploitation Post Series – Coming Soon!)
    • SQL Injections
    • Cross-Site Scripting
    • Denial of Service
    • Buffer Overflow

Simple Framework of an Intrusion

Cyber Security

For us to understand how intruders gain access into different systems, it’s important to keep a simple framework of the different steps and phases that a hacker undergoes before and during the intrusion. We have been able to summarize and intrusion in a 7-Phase Framework:

  • Reconnaissance – research, identification, and selection of targets
  • Weaponization – pairing remote access malware with exploit into a deliverable payload (e.g., .pdf ; .doc ; .xlsx)
  • Delivery – transmission of weapon to target (e.g., via email, websites)
  • Exploitation – once delivered, the weapon’s code is triggered, exploiting the vulnerable systems
  • Installation – the weapon installs a backdoor on a target’s system allowing persistent access
  • Command & Control – outside servers communicate with the weapons providing access inside of the target’s network
  • Actions on Objective – the attacker works to achieve the objective of the intrusion, which can include exfiltration or destruction of data, or intrusion of another target

Further Reading: Interested in other subjects regarding online activity? Read about the impacts of visibility in search engines!


Original Publication:

Rivera Pecunia, Gustavo. “Learn about Cyber Security – An Introduction by Pecunia Group.” Pecunia Group, Pecunia Group, 24 July 2018, https://pecuniagroup.com/cyber-security-introduction/.

(Visited 649 times, 1 visits today)