Chapter 1

The Need for Cybersecurity

Arman Hasen (CCIE)

INTRODUCTION TO CYBER SECURITY TRAINING COURSE (NETWORKWALKS ACADEMY) (arman@networkwalks.com)
CYBER SECURITY & HACKING
WHAT IS CYBERSECURITY?
“Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks
to keep our Data & systems safe”

WHAT IS HACKING?
“Activities that aim to compromise computers, systems or networks by exploiting their security
vulnerabilities & gain un-authorized access”
For Example, hacking a server or hacking someone’s facebook account.

WHAT IS ETHICAL HACKING?

“Ethical hacking is the process of legally hacking into computers, systems or networks to test an
organization's defense and security”. It is also known as ‘penetration testing’ or ‘pentesting’.

www.networkwalks.com
TYPES OF DATA

PERSONAL DATA
EXAMPLES OF PERSONAL DATA
“Personal data is the information that relates to an identifiable
individual” Email Address

Facebook Account

Why do hackers need personal data? Whatsapp Number

Bank Account number

This information is useful for hackers. For example:
• Medical benefits Education Records

• File a fake tax return Files & pictures on your

computer

• Get credit cards on your name

Networkwalks username
• Obtain loans
& more
• & much more

www.networkwalks.com
TYPES OF DATA

ORGANIZATIONAL DATA
EXAMPLES OF ORGANIZATIONAL DATA
“Organizational Data” is information that relates to an identifiable
organization or group”
▪ Company’s Bank Account information

▪ Trade secrets
Why do hackers want organizational data?
▪ HR Data like employees’ salary detail
This information is useful for hackers. For example:
▪ Clients List

• Hackers can create a fake chequebook if company’s Bank Account is ▪ Study materials of Networkwalks
exposed
▪ Students email list of Networkwalks

• Competitors can reach to your clients & make competitive offers ▪ Competitors List

▪ Network Diagrams

▪ Company’s Routers & Servers Login passwords list

www.networkwalks.com
PRACTICAL LAB

Use MALTEGO to collect data according to the lab tasks.

www.networkwalks.com
5 PHASES OF HACKING

FOOTPRINTING
(RECONNAISSANCE)

Gather information & data about target system.

SCANNING
Scan the target system to find vulnerabilities that can be exploited.

GAINING ACCESS
Use the vulnerabilities found in previous phases to gain access

MAINTAINING ACCESS

HACKING PROCESS Install backdoors & other measures to maintain access

CLEARING LOGS
Finally clear all tracks & signs of malicious activity that has happened

6. REPORTING (in case of pentesting)

www.networkwalks.com
CIA TRIAD

The CIA Triad is a security model that has been developed to help people think about various parts of IT security.

CONFIDENTIALITY
Only authorized users should have access to the assets.
It is achieved by encryption, ACL,…
Example: Only enrolled students of networkwalks should have access to premium files
C
INTEGRITY
The data should not have been tampered.
C
CONFIDENTIALITY
It is achieved by avoiding human error, malware, HW errors, …
Example: All students of networkwalks must receive the files in original format

I A
AVAILABILITY
Data should be accessible whenever needed. Systems need to be functional as designed and
configured.
It is achieved by stable infrastructure, data backups, …
Example: Networkwalks website should always be UP & available 24/7 for students INTEGRITY AVAILABILITY
networkwalks.com

www.networkwalks.com
Thank You