The Cybersecurity Landscape

Cybersecurity risks and threats are ever-present in our world today. The infrastructure of
networks and the Internet are increasingly vulnerable to a wide variety of both physical
and cyber attacks. Sophisticated cyber criminals, as well as nations, exploit these
vulnerabilities to steal information and money.

Our networks are particularly difficult to secure for a number of reasons:

 Networks are increasingly integrated and complex.

 Networks are connected to physical devices.

 Cyber criminals can access networks from anywhere in the world.

In today’s workforce, there is a shortage of people trained in the field of cybersecurity.

Here are just a few of the specialties you might consider for your career:

 Cybersecurity Specialist

 Cybersecurity Forensic Expert

 Information Security Expert

 Ethical Hacker

All of these roles can be part of your work in the exciting, ever-changing, high-demand
field of cybersecurity. Students who complete the Cybersecurity Essentials course are
prepared to continue their education in more advanced security courses.

A Global Community

When you participate in the Networking Academy, you are joining a global community
linked by common goals and technologies. Schools, colleges, universities, and other
entities in over 160 countries participate in the program. Click here to view a video
about how Cisco Networking Academy is changing the world.

Look for the Cisco Networking Academy official site on Facebook© and LinkedIn©. The
Facebook site is where you can meet and engage with other Networking Academy
students from around the world. The Cisco Networking Academy LinkedIn site connects
you with job postings, and you can see how others are effectively communicating their
skills.

More Than Just Information

The netacad.com learning environment is an important part of the overall course

experience for students and instructors in the Networking Academy. These online course
materials include course text and related interactive media, paper-based labs, and many
different types of quizzes. All of these materials provide important feedback to help you
assess your progress throughout the course.

The material in this course is presented using a broad range of technologies including
text, graphics, voice, video, and rich interactions. These technologies help facilitate how
people work, live, play, and learn.

Networking and the Internet affect people differently in different parts of the world.
Although we have worked with instructors from around the world to create these
materials, it is important that you work with your instructor and fellow students to make
the material in this course applicable to your local situation.

How We Teach

E-doing is a design philosophy that applies the principle that people learn best by doing.
The curriculum includes embedded, highly interactive e-doing activities to help stimulate
learning, increase knowledge retention, and make the whole learning experience much
richer. This e-doing makes understanding the content much easier.

How We Teach

E-doing is a design philosophy that applies the principle that people learn best by doing.
The curriculum includes embedded, highly interactive e-doing activities to help stimulate
learning, increase knowledge retention, and make the whole learning experience much
richer. This e-doing makes understanding the content much easier.

Course Overview
By the end of this course, you will be able to:

 Describe the characteristics of criminals and heroes in the cybersecurity realm.

 Describe the principles of confidentiality, integrity, and availability as they relate

to data states and cybersecurity countermeasures.

 Describe the tactics, techniques and procedures used by cyber criminals.

 Describe how technologies, products, and procedures are used to protect

confidentiality.

 Describe how technologies, products, and procedures are used to ensure

integrity.

 Describe how technologies, products, and procedures provide high availability.

 Explain how cybersecurity professionals use technologies, processes, and

procedures to defend all components of the network.

 Explain the purpose of laws related to cybersecurity.

Chapter 1: Cybersecurity - A World of Experts and

Criminals

Many of the world’s original hackers were computer hobbyists, programmers and
students during the 60’s. Originally, the term hacker described individuals with
advanced programming skills. Hackers used these programming skills to test the limits
and capabilities of early systems. These early hackers were also involved in the
development of early computer games. Many of these games included wizards and
wizardry.

As the hacking culture evolved, it incorporated the lexicon of these games into the
culture itself. Even the outside world began to project the image of powerful wizards
upon this misunderstood hacking culture. Books such as Where Wizards Stay up Late:
The Origins of The Internet published in 1996 added to the mystique of the hacking
culture. The image and lexicon stuck. Many hacking groups today embrace this imagery.
One of the most infamous hacker groups goes by the name Legion of Doom. It is
important to understand the cyber culture in order to understand the criminals of the
cyber world and their motivations.

Sun Tzu was a Chinese philosopher and warrior in the sixth century BC. Sun Tzu wrote
the book titled, The Art of War, which is a classic work about the strategies available to
defeat the enemy. His book has given guidance to tacticians throughout the ages. One of
Sun Tzu’s guiding principles was to know your opponent. While he was specifically
referring to war, much of his advice translates to other aspects of life, including the
challenges of cybersecurity. This chapter begins by explaining the structure of the
cybersecurity world and the reason it continues to grow.

This chapter discusses the role of cyber criminals and their motivations. Finally, the
chapter explains how to become a cybersecurity specialist. These cybersecurity
specialists help defeat the cyber criminals that threaten the cyber world.

Overview of the Cybersecurity Domains

There are many data groups that make up the different domains of the “cyber world”.
When groups are able to collect and utilize massive amounts of data, they begin to
amass power and influence. This data can be in the form of numbers, pictures, video,
audio, or any type of data that can be digitized. These groups could become so powerful
that they operate as though they are separate powers, creating separate cybersecurity
domains.

Companies such as Google, Facebook, and LinkedIn, could be considered to be data

domains in our cyber world. Extending the analogy further, the people who work at these
digital companies could be considered cybersecurity experts.

The word ‘domain’ has many meanings. Wherever there is control, authority, or
protection, you might consider that 'area' to be a domain. Think of how a wild animal will
protect its own declared domain. In this course, consider a domain to be an area to be
protected. It may be limited by a logical or physical boundary. This will depend on the
size of the system involved. In many respects, cybersecurity experts have to protect
their domains according the laws of their own country.

Examples of Cybersecurity Domains

The experts at Google created one of the first and most powerful domains within the
broader cyber world of the Internet. Billions of people use Google to search the web
every day. Google has arguably created the world’s largest data collection infrastructure.
Google developed Android, the operating system installed on over 80% of all mobile
devices connected to the Internet. Each device requires users to create Google accounts
that can save bookmarks and account information, store search results, and even locate
the device. Click here to see some of the many services Google currently offers.

Facebook is another powerful domain within the broader Internet. The experts at
Facebook recognized that people create personal accounts every day to communicate
with family and friends. In doing so, you are volunteering a great deal of personal data.
These Facebook experts built a massive data domain to enable people to connect in
ways that were unimaginable in the past. Facebook affects millions of lives on a daily
basis and empowers companies and organizations to communicate with people in a more
personal and focused manner.

LinkedIn is yet another data domain on the Internet. The experts at LinkedIn recognized
that their members would share information in the pursuit of building a professional
network. LinkedIn users upload this information to create online profiles and connect
with other members. LinkedIn connects employees with employers and companies to
other companies worldwide. There are broad similarities between LinkedIn and
Facebook.

A look inside these domains reveals how they are constructed. At a fundamental level,
these domains are strong because of the ability to collect user data contributed by the
users themselves. This data often includes users’ backgrounds, discussions, likes,
locations, travels, interests, friends and family members, professions, hobbies, and work
and personal schedules. Experts create great value for organizations interested in using
this data to better understand and communicate with their customers and employees.

The Growth of the Cyber Domains

The data collected within the Internet is considerably more than just the data that the
users contribute voluntarily. Cyber domains continue to grow as science and technology
evolve, enabling the experts and their employers (Google, Facebook, LinkedIn, etc.) to
collect many other forms of data. Cyber experts now have the technology to track
worldwide weather trends, monitor the oceans, as well as the movement and behavior of
people, animals and objects in real time.

New technologies, such as Geospatial Information Systems (GIS) and the Internet of
Things (IoT), have emerged. These new technologies can track the health of trees in a
neighborhood. They can provide up-to-date locations of vehicles, devices, individuals and
materials. This type of information can save energy, improve efficiencies, and reduce
safety risks. Each of these technologies will also result in exponentially expanding the
amount of data collected, analyzed and used to understand the world. The data collected
by GIS and IoE poses a tremendous challenge for cybersecurity professionals in the
future. The type of data generated by these devices has the potential to enable cyber
criminals to gain access to very intimate aspects of daily life.

Who Are the Cyber Criminals?

In the early years of the cybersecurity world, the typical cyber criminals were teenagers
or hobbyists operating from a home PC, with attacks mostly limited to pranks and
vandalism. Today, the world of the cyber criminals has become more dangerous.
Attackers are individuals or groups who attempt to exploit vulnerabilities for personal or
financial gain. Cyber criminals are interested in everything from credit cards to product
designs, and anything with value.

Amateurs

Amateurs, or script kiddies, have little or no skill, often using existing tools or
instructions found on the Internet to launch attacks. Some are just curious, while others
try to demonstrate their skills and cause harm. They may be using basic tools, but the
results can still be devastating.

Hackers

This group of criminals breaks into computers or networks to gain access for various
reasons. The intent of the break-in determines the classification of these attackers as
white, gray, or black hats. White hat attackers break into networks or computer systems
to discover weaknesses in order to improve the security of these systems. The owners of
the system give permission to perform the break-in, and they receive the results of the
test. On the other hand, black hat attackers take advantage of any vulnerability for
illegal personal, financial or political gain. Gray hat attackers are somewhere between
white and black hat attackers. The gray hat attackers may find a vulnerability and report
it to the owners of the system if that action coincides with their agenda. Some gray hat
hackers publish the facts about the vulnerability on the Internet, so that other attackers
can exploit it.

The figure gives details about the terms white hat hacker, black hat hacker, and gray hat
hacker.

Organized Hackers

These criminals include organizations of cyber criminals, hacktivists, terrorists, and

state-sponsored hackers. Cyber criminals are usually groups of professional criminals
focused on control, power, and wealth. The criminals are highly sophisticated and
organized, and may even provide cybercrime as a service. Hacktivists make political
statements to create awareness to issues that are important to them. Hacktivists
publically publish embarrassing information about their victims. State-sponsored
attackers gather intelligence or commit sabotage on behalf of their government. These
attackers are usually highly trained and well-funded. Their attacks focus on specific
goals that are beneficial to their government. Some state-sponsored attackers are even
members of their nations’ armed forces.

Click here to learn more about hacker profiles.

Cyber Criminal Motives

Cyber criminal profiles and motives have changed over the years. Hacking started in the
‘60s with phone freaking (or phreaking) which refers to using various audio frequencies
to manipulate phone systems. In the mid-‘80s, criminals used computer dial-up modems
to connect computers to networks and used password-cracking programs to gain access
to data. Nowadays, criminals are going beyond just stealing information. Criminals can
now use malware and viruses as high tech weapons. However, the greatest motivation
for most cyber criminals is financial. Cybercrime has become more lucrative than the
illegal drug trade.

General hacker profiles and motives have changed quite a bit. The figure displays
modern hacking terms and a brief description of each
Why Become a Cybersecurity Specialist?

The demand for cybersecurity specialists has grown more than the demand for other IT
jobs. All of the technology that transforms the kingdom and improves people’s way of life
also makes it more vulnerable to attacks. Technology alone cannot prevent, detect,
respond and recover from cybersecurity incidents. Consider the following:

 The skill level required for an effective cybersecurity specialist and the shortage
of qualified cybersecurity professionals translates to higher earning potential.

 Information technology is constantly changing. This is also true for cybersecurity.

The highly dynamic nature of the cybersecurity field can be challenging and
fascinating.

 A cybersecurity specialist’s career is also highly portable. Jobs exist in almost

every geographic location.

 Cybersecurity specialists provide a necessary service to their organizations,

countries, and societies, very much like law enforcement or emergency responders.

Becoming a cybersecurity specialist is a rewarding career opportunity.

Thwarting Cyber Criminals

Thwarting the cyber criminals is a difficult task and there is no such thing as a “silver
bullet.” However, company, government and international organizations have begun to
take coordinated actions to limit or fend off cyber criminals. The coordinated actions
include:

 Creating comprehensive databases of known system vulnerabilities and attack

signatures (a unique arrangement of information used to identify an attacker’s
attempt to exploit a known vulnerability). Organizations share these databases
worldwide to help prepare for and fend off many common attacks.

 Establishing early warning sensors and alert networks. Due to cost and the
impossibility of monitoring every network, organizations monitor high-value targets
or create imposters that look like high-value targets. Because these high-value
targets are more likely to experience attacks, they warn others of potential attacks.

 Sharing cyber intelligence information. Business, government agencies and

countries now collaborate to share critical information about serious attacks to
critical targets in order to prevent similar attacks in other places. Many countries
have established cyber intelligence agencies to collaborate worldwide in combating
major cyberattacks.

 Establishing information security management standards among national and

international organizations. The ISO 27000 is a good example of these international
efforts.

 Enacting new laws to discourage cyberattacks and data breaches. These laws
have severe penalties to punish cyber criminals caught carrying out illegal actions.
The figure displays measures to thwart cyber criminals and a brief description of each.
Lab - Cybersecurity Job Hunt

In this lab, you will use popular job search websites to identify jobs in the cybersecurity
profession and learn about the qualifications required of cybersecurity professionals.

Lab - Cybersecurity Job Hunt