Crack the Code:

How to Become a
Pro Ethical Hacker and
Save the Digital World
In the era of artificial intelligence, hackers are leveraging AI-
driven techniques to breach even the most robust cyber
protection programs. These AI-driven cyberattacks are
reshaping the cybersecurity landscape, and it's crucial to adopt
a comprehensive cyber protection program that onboards
holistic defense. The connectors include common security
concerns, ransomware, phishing or even privacy, and AI invokes
some differences since it's being learned and revolutionized.

AI-driven cyberattacks involve using advanced machine

learning algorithms to identify vulnerabilities, predict patterns
and exploit weaknesses. The efficiency and rapid data analysis
advance hackers' capability to gain a tactical advantage, leading
to rapid intrusions or destruction. Traditional cybersecurity
methods are no longer enough to combat sophisticated attacks
since AI cyberattacks adapt and evolve in real time.
 Artificial Intelligence (AI) can be used by hackers in several ways:
1. Automated Hacking: AI can be
programmed to automatically exploit
vulnerabilities in a system. This can
significantly increase the speed and
efficiency of attacks.
2. Phishing Attacks: AI can be used to create
more convincing phishing emails or
messages. By analyzing previously
successful attacks, AI can generate
messages that are more likely to trick users
into revealing sensitive information.
3. Password Cracking: AI can be used to
predict and crack passwords more
efficiently than traditional methods. By
learning patterns and common structures in
passwords, AI can make educated guesses
and crack passwords faster.
4. Evasion: AI can help hackers avoid
detection by learning to mimic normal user
behavior or by identifying patterns in
security systems and finding ways to avoid
them.
5. Data Theft: AI can be used to analyze
large amounts of data and identify valuable
information, making data theft more
efficient.
While AI can be used maliciously, it's
important to note that it's also a valuable
tool for cybersecurity. AI can help detect
and prevent attacks, analyze patterns in
malicious behavior, and respond to threats
more quickly. Therefore, the use of AI in
cybersecurity is a double-edged sword.
https://www.udemy.com/topic/ethical-hacking/
Why is Ethical Hacking a Great Career Path?
Ethical hacking has grown into a vital and respected profession in the digital age, offering a unique blend of challenges,
rewards, and opportunities for those interested in cybersecurity. Here are ten reasons why ethical hacking can be a great
career path:

1. High Demand for Cybersecurity Experts: With the increasing number of cyber threats, organizations are actively seeking
skilled professionals to identify and mitigate vulnerabilities, leading to a high demand for ethical hackers.

2. Attractive Salary Packages: Due to the specialized skill set and high demand, ethical hackers often command competitive
salaries, with opportunities for rapid advancement and salary increases based on experience and certifications.

3. Positive Impact: Ethical hackers contribute significantly to the digital safety of individuals, companies, and governments,
protecting sensitive data from malicious attacks and preventing potential financial and reputational damage.

4. Continuous Learning and Growth: The cybersecurity field is always evolving, with new technologies and threats emerging
regularly. This constant change requires ethical hackers to continually learn and adapt, ensuring ongoing professional growth.

5. Diverse Industries: Virtually every industry requires cybersecurity expertise, from finance and healthcare to government
and tech. Ethical hackers can find opportunities in various sectors, allowing for diverse career paths and experiences.
Why is Ethical Hacking a Great Career Path?
6. Global Opportunities: Cybersecurity is a global concern, offering ethical hackers the chance to work in different countries
and cultures, either by relocating or through remote work opportunities.

7. Recognition and Respect: As guardians of digital security, ethical hackers gain respect and recognition for their specialized
knowledge and contributions to safeguarding online spaces.

8. Creative and Analytical Work: Ethical hacking involves a blend of creativity and analytical thinking, as professionals must
think like attackers to identify vulnerabilities and devise countermeasures.

9. Certifications and Specializations: The field offers numerous certifications (e.g., CEH, OSCP) that validate skills and
knowledge, allowing for specialization in areas like penetration testing, network security, or forensics.

10. Community and Collaboration: Ethical hackers belong to a global community of cybersecurity professionals, sharing
knowledge, tools, and techniques. This collaborative environment enriches the profession and enhances individual learning.

Choosing a career in ethical hacking not only opens doors to exciting challenges and substantial rewards but also contributes
to a safer digital world, making it a fulfilling path for those passionate about technology and security.
Phishing for Compliments:
Cybercrimes Tools, Tales,
and Legal Trails
The primary law governing cybercrime in the Philippines
is the Cybercrime Prevention Act of 2012, formally known
as Republic Act No. 10175. It was signed into law on
September 12, 2012, and took effect on October 3, 2012.

Key Provisions
Legal Recognition of Electronic Data: The Act gives
electronic data legal recognition, which can be
used as evidence in court.
Jurisdiction: The law has provisions that extend to
acts committed outside the Philippines if they
involve Filipino citizens or harm the country's
interests.
Law Enforcement and Regulatory Provisions: It
mandates the creation of a Cybercrime
Investigation and Coordination Center (CICC) and
outlines the powers and duties of law
enforcement authorities concerning cybercrime.
Crimes Covered by the Act
The Cybercrime Prevention Act categorizes offenses under three main groups:
1. Offenses against the confidentiality, integrity and availability of computer data and systems:
▪ System Interference: Interfering with the functioning of a computer or computer network by inputting, transmitting, damaging, deleting, deteriorating, altering, or suppressing
computer data or programs, without right or authority.
▪ Misuse of Devices: The use, production, sale, procurement, importation, distribution, or otherwise making available of devices or programs, designed
or adapted for the purpose of committing any of the offenses listed in the act.
▪ Illegal Access: Unauthorized access to a computer system or application.
▪ Illegal Interception: Unauthorized interception of any non-public transmission of computer data.
▪ Data Interference: Unauthorized alteration, damaging, deletion or deterioration of data.
2. Computer-related Offenses:
▪ Computer-related Forgery: Inputting, altering, or deleting computer data resulting in inauthentic data with the intent that it be considered or acted upon for legal purposes as if
it were authentic.
▪ Computer-related Fraud: Unauthorized alteration, or deletion of computer data or interference in the functioning of a computer system, causing loss to another person.
▪ Computer-related Identity Theft: Unauthorized acquisition, use, misuse, transfer, possession, alteration, or deletion of identifying information belonging to another, whether
natural or juridical.
3. Content-related Offenses:
▪ Cybersex: The control or operation, directly or indirectly, of any lascivious exhibition of sexual organs or sexual activity,
with the aid of a computer system, for favor or consideration.
▪ Child Pornography: The unlawful or prohibited acts defined and punishable by Republic Act No. 9775
or the Anti-Child Pornography Act of 2009, done through a computer system.
▪ Unsolicited Commercial Communications: The transmission of commercial electronic communication with the use of
computer systems which seek to advertise, sell, or offer for sale products and services are prohibited
▪ Libel: The unlawful or prohibited acts of libel as defined in Article 355 of the Revised Penal Code, as amended,
committed through a computer system or any other similar means which may be devised in the future.
 ILLEGAL ACCESS

Brute Force Attacks

1. Use automated software to generate password guesses.
2. Target websites or network services remotely.
3. Employ tools like John the Ripper or Hashcat.
4. Attacks executed from any location with internet access.

Bangko Sentral ng Pilipinas (2016): The website of the Philippine Central Bank was subjected to a brute force
attack in March 2016 during a wave of cyber-attacks on government websites. This was part of larger online
activism but highlighted the vulnerability of even high-security websites.

Philippine Commission on Elections (COMELEC) (2016): In a separate incident, hackers used a SQL injection
(which is akin to brute-force techniques in terms of unauthorized access), to penetrate the COMELEC's voter
database, exposing millions of voters' personal data. The incident, known as "Comeleak," is one of the largest
breaches in history.
 ILLEGAL ACCESS

Phishing
1. Craft fraudulent emails or websites mimicking legitimate ones.
2. Design and send/host via compromised networks.
3. Utilize phishing kits with templates and hosting services.
4. Victims access from personal or work devices, anywhere with internet

Metrobank Phishing Scam (2019): Customers of one of the largest banks

in the Philippines, Metrobank, were targeted in a phishing scam where
they received emails leading them to fake login pages designed to steal
their credentials.

BDO Unibank Phishing Scam (2020): In another case, BDO Unibank

customers were targeted by phishing emails purporting to be from the
bank, asking them to verify their accounts and thereby capturing their
login details.
ILLEGAL INTERCEPTION

Man-in-the-Middle (MitM) Attacks

1. Intercept communication on unsecured public WiFi networks.
2. Use network sniffers like Wireshark to capture data.
3. Conduct attacks in public places like cafes or airports.

Dutch registrar site DigiNotar (2011): In 2011, DigiNotar was breached,

which enabled a threat actor to gain access to 500 certificates for
websites like Google, Skype, and others. These certificates allowed the
attacker to pose as legitimate websites in a MITM attack, stealing users'
data after tricking them into entering passwords on malicious mirror sites.
DigiNotar ultimately filed for bankruptcy as a result of the breach.

Credit Score company Equifax (2017): Equifax removed its apps from
Google and Apple after a breach resulted in the leak of personal data. A
researcher found that the app did not consistently use HTTPS, allowing
attackers to intercept data as users accessed their accounts.
ILLEGAL INTERCEPTION

Email Snooping
1. Gain unauthorized access to email accounts or servers.
2. Exploit network vulnerabilities or use malware.
3. Use tools like network sniffers or credential logging malware.
4. Perform snooping remotely from any internet-connected location.

Philippine Government Email Snooping (2016): Alongside the COMELEC

data breach, there were also allegations of email snooping involving
sensitive communications within the Philippine government.

Hillary Clinton Campaign (2016): Email accounts of members of Hillary

Clinton’s campaign were hacked, and sensitive communications were
leaked, influencing the U.S. presidential election dynamics.
DATA INTERFERENCE

Ransomware Attacks
1. Deliver ransomware via phishing or network exploits.
2. Encrypt victim’s data and demand ransom.
3. Use ransomware kits for malware customization.
4. Target connected devices like PCs or servers.

Philippine Ransomware Attacks on Hospitals (2020): Several healthcare

institutions in the Philippines were hit with ransomware during the
COVID-19 pandemic, severely impacting their operations and patient care.

WannaCry (2017): This ransomware attack affected over 230,000

computers in over 150 countries, targeting systems running Microsoft
Windows by encrypting data and demanding ransom payments in Bitcoin.
DATA INTERFERENCE

Database Poisoning
1. Insert corrupt/malicious data into databases.
2. Exploit SQL injection vulnerabilities.
3. Use automated tools like SQLmap.
4. Attack web applications or databases online.

Google Search Results Poisoning (2011): Cybercriminals manipulated

search engine results to direct users to malicious websites. Google had to
update its search algorithms to counteract the SEO poisoning techniques
used by attackers.

WordPress Plugin SEO Poisoning (2018): The WordPress plugin called

"Display Widgets" was found to be injecting malicious content into
websites using the plugin. The plugin added spam links and SEO keywords
to affected sites, manipulating search engine rankings and poisoning the
site data to drive traffic to specific fraudulent sites.
SYSTEM INTERFERENCE

DDoS Attacks
1. Use multiple compromised systems to flood target with traffic.
2. Employ botnets and tools like LOIC.
3. Overwhelm target's IP address, denying service.
4. Coordinate attacks globally.

Philippine Government Websites (2016): Numerous Philippine

government websites have been repeatedly targeted by DDoS attacks,
often coinciding with political or social activism movements.

Top Philippine News Sites (2018): Major news websites in the Philippines
were brought down by DDoS attacks, believed to be politically motivated
due to the critical nature of the articles being published.
SYSTEM INTERFERENCE

Botnets
1. Infect devices with malware to form a botnet.
2. Control infected devices remotely for attacks or spam.
3. Begin with phishing emails or malware-laden websites.
4. Use command-and-control software from remote locations.

Mirai Botnet (2016): The Mirai botnet, composed primarily of IoT

devices, was used to launch several massive DDoS attacks,
including those on Dyn, as well as disrupting Liberia's internet
infrastructure.

Storm Botnet (2007): One of the most powerful botnets at the

time, used primarily for sending out large volumes of spam emails.
At its peak, it was believed to involve millions of compromised
machines.
MISUSE OF DEVICES

Keyloggers
1. Install keylogging software or hardware on victim's device.
2. Capture every keystroke to gather sensitive information.
3. Retrieve recorded data remotely or directly.
4. Distribute software keyloggers via downloads or emails.

Scarabey: Targeting International Law Firms (2017): Keylogger was part of

a malware campaign targeting international law firms, stealing
confidential data for extortion and competitive intelligence.

Academic Cheating via Keyloggers (2018): A university in the Philippines

uncovered an incident where students used hardware keyloggers to cheat
by stealing professors’ passwords and accessing test answers.
MISUSE OF DEVICES

Mobile Device Hacking

1. Install spyware on smartphones via malicious apps or exploits.
2. Monitor activities and steal data.
3. Track location, intercept messages, activate cameras/microphones.
4. Use tools like FlexiSPY or mSpy, often under guise of legitimacy.

Celebrity Phone Hacking (2015): Phones of several Filipino celebrities

were hacked, and personal photos were leaked online, sparking a scandal
and raising questions about mobile security.

Pegasus Spyware (Revealed in 2021): A global investigation revealed that

Pegasus spyware was used to infiltrate the phones of journalists,
politicians, and activists around the world, allowing for comprehensive
surveillance.
COMPUTER-RELATED OFFENSE
Computer-related Forgery
1. Creation of Fake Documents: Perpetrators use software to create or
modify electronic documents to make them appear legitimate or
authorized when they are not.
2. Use of Digital Signatures: Forged electronic signatures or digital
certificates are applied to documents to fake authenticity.
3. Distribution: The forged documents are distributed via email or other
digital means to execute fraud or misinformation.
4. Tools Used: Software like Adobe Photoshop for document forgery, and
digital signature creation tools.

Operation Phish Phry (2009): One of the largest cyber fraud phishing
operations, where U.S. and Egyptian defendants used phishing emails to
collect personal bank account information and then created fake
documents to withdraw funds
COMPUTER-RELATED OFFENSE
Computer-related Fraud
1. Manipulation of Input Data: Fraudulent data is input into computer
systems to alter financial records or other significant data.
2. Exploitation of System Vulnerabilities: Security weaknesses are
exploited to unauthorizedly modify system functions or data.
3. Execution of Unauthorized Transactions: Transactions are carried out
without the knowledge or consent of the rightful owner.
4. Tools Used: Malware designed to intercept or manipulate data, and
exploitation tools for vulnerabilities in software.

Fraudulent Online Booking (2017): In the Philippines, a series of

unauthorized bookings were reported by a popular online travel agency,
manipulated through system vulnerabilities.

Bernie Madoff Ponzi Scheme (Revealed in 2008): Though primarily an

offline fraud, its later stages used sophisticated computer systems to
manage and manipulate digital accounts and transactions, constituting
one of the largest examples of financial fraud facilitated through digital
means.
COMPUTER-RELATED OFFENSE
Computer-related Identity Theft
1. Data Breach: Hackers access personal data stored in computer systems
through breaches.
2. Phishing and Social Engineering: Sensitive personal information is
obtained via deceptive electronic communications.
3. Use of Stolen Identities: The obtained personal information is used to
commit fraud, such as opening bank accounts or obtaining credit
cards.
4. Tools Used: Phishing toolkits, malware for stealing personal
information, and software for creating fraudulent identification.
COMELEC Data Breach (2016): This significant breach in the Philippines
led to the theft of millions of voters' personal data, potentially facilitating
identity theft on a massive scale.

Equifax Data Breach (2017): This breach exposed sensitive information of

approximately 147 million people, leading to widespread identity theft
and fraud. The data included Social Security numbers, birth dates,
addresses, and in some instances, driver's license numbers.
OTHER CYBERCRIMES
Cybersquatting
Involves registering, trafficking in, or using an Internet domain name with
bad faith intent to profit from the goodwill of a trademark belonging to
someone else. The cybersquatter then offers to sell the domain to the
person or company who owns a trademark contained within the name at
an inflated price.

Microsoft vs. MikeRoweSoft (2004):

Who/What: A high school student named Mike Rowe set up a website
"MikeRoweSoft.com", which phonetically resembled "Microsoft".
Microsoft perceived it as an infringement on their trademark.

When: The dispute was publicly resolved in 2004.

Impact: Microsoft initially sent a cease-and-desist letter, but after public

backlash over what seemed like a giant corporation bullying a teenager,
the case settled amicably. Mike Rowe handed over the domain in
exchange for Microsoft products and training certification vouchers.
OTHER CYBERCRIMES
Vishing (Voice Phishing)
The phone's equivalent of phishing. It is the act of using the telephone in
an attempt to scam the user into surrendering private information that
will be used for identity theft. The scammer usually pretends to be a
legitimate business, and fools the victim into thinking they will profit.

IRS Impersonation Scam (2010s):

Who/What: Scammers impersonating IRS officials called victims, claiming
they owed back taxes and threatening them with legal action or jail time
unless they paid immediately.

When: These scams became widely recognized throughout the 2010s.

Impact: Thousands of people across the U.S. were defrauded, with losses
totaling millions of dollars. This incident serves as one of the most
infamous examples of vishing, prompting widespread awareness and
warnings from the IRS.
OTHER CYBERCRIMES
Pharming
Pharming is a cyberattack aiming to redirect a website's traffic to another,
fraudulent website without the user's knowledge or consent. It can be
done by exploiting vulnerabilities to alter DNS settings or by infecting a
user’s computer with malware that changes local DNS entries. The intent
is often to steal personal information or credentials.
Bank of the West (2007):
Who/What: Customers of Bank of the West were redirected from the
bank's legitimate website to a fraudulent one that looked nearly identical.

When: 2007

Impact: This large-scale pharming attack aimed to capture customers'

login credentials. The attackers used a DNS cache poisoning approach,
impacting a significant number of users.
OTHER CYBERCRIMES
Clickjacking
Clickjacking is a deceptive technique where users are tricked into clicking
on something different than what appears to be visible on the page. By
overlaying transparent layers over seemingly innocuous web elements,
attackers can induce users to perform actions unknowingly, such as liking
a social media post, revealing confidential information, or granting
permissions to their data.
Facebook Likejacking (2010):
Users browsing the internet were tricked into clicking on seemingly
innocent articles or videos that secretly contained a hidden script making
them "Like" a Facebook page without their knowledge.

When: 2010

Impact: This spread the clickjacking script virally across Facebook,

affecting millions of users and promoting spammy products or malicious
websites.
OTHER CYBERCRIMES
Spear Phishing
Spear phishing is a targeted attack where the perpetrator sends emails to
specific individuals while pretending to be a trusted sender. The goal is to
steal sensitive information or infect systems with malware. Unlike
widespread phishing attacks, spear phishing involves carefully crafted
messages to lure a particular individual, often using personal information
to increase credibility..
The DNC Hack (2016):
Officials at the Democratic National Committee (DNC) received spear
phishing emails, leading to unauthorized access to the committee’s emails

When: 2010

Impact: The leaked emails had a significant impact on the 2016 U.S.
presidential election, showing how spear phishing can influence major
political outcomes.
OTHER CYBERCRIMES
Advanced Persistent Threats (APT)
Advanced Persistent Threats (APT) are prolonged and targeted
cyberattacks wherein attackers infiltrate a network to steal data or
monitor activity over an extended period without being detected. These
attacks are complex, involving a high degree of covertness and are
typically aimed at high-value targets like governments, enterprises, and
critical infrastructure.
Operation Aurora (2010):
Google and at least 20 other companies were targeted by an APT
originating from China, known as "Operation Aurora.“

When: 2010

Impact: The attackers stole intellectual property and accessed Gmail

accounts of Chinese human rights activists, highlighting the dual use of
APTs for espionage and intellectual property theft.
OTHER CYBERCRIMES
Online Gambling Fraud
Online gambling fraud includes a range of illicit activities conducted
through internet betting services. Tactics may involve the use of stolen
credit cards to fund accounts, collusion between players to cheat at
games, or manipulation of software to alter game outcomes. Fraudsters
may also create multiple fake accounts to claim sign-up bonuses multiple
times.
BetOnline Live Dealer Cheating Incident (2017):
What: A blackjack dealer at BetOnline was caught on a live stream dealing
the second card from the deck (a maneuver known as a "second deal")
instead of the top one.

How: The incident was caught by a player who was recording the live
session, showing the dealer’s actions clearly.

Impact: The video went viral, leading to widespread outrage and an

investigation by BetOnline, which ultimately switched the third-party live
dealer provider.
OTHER CYBERCRIMES
Deepfake
Deepfake technology uses artificial intelligence to create or alter video
and audio recordings to make it appear that someone is saying or doing
something they did not actually say or do. This technology can be used for
malicious purposes, such as spreading misinformation, manipulating
public opinion, or blackmailing individuals by creating non-consensual
realistic media.
Deepfake of Barack Obama (2018):
What: A video featuring former U.S. President Barack Obama, showing
him saying things he never actually said.

How: This deepfake was created by BuzzFeed and director Jordan Peele
using AI and machine learning technologies to manipulate video content.

Impact: The video was intended as a public service announcement about

the dangers of deepfake technology and its potential use in
misinformation.
OTHER CYBERCRIMES
Trolls and Misinformation Perpetrators
Internet trolls and misinformation perpetrators engage in activities
intended to deceive, manipulate, or disrupt others online. Trolls often
post inflammatory, extraneous, or off-topic messages in online
communities with the intent to provoke emotional responses or disrupt
normal discussion. Misinformation perpetrators spread false information
to mislead or cause harm, often influencing public opinion or obscuring
truth in critical issues.
2016 U.S. Presidential Election:
What: A widespread campaign by Russian trolls to influence the U.S.
Presidential Election, primarily through social media platforms.

How: Russian operatives used fake accounts to post and amplify divisive
content, spreading misinformation and inflaming political tensions.

Impact: The campaign significantly affected public discourse, leading to

investigations and ongoing concerns about election security and
misinformation.
As we navigate the digital age, the landscape of cyber threats continues to evolve, with criminals employing
increasingly sophisticated techniques, including artificial intelligence, to exploit vulnerabilities. The rise of AI-
driven attacks underscores the importance of staying informed about these trends, empowering us to better
protect our information and systems against an ever-growing range of cybercrimes.

▪ Vigilance is Key: Always exercise caution when handling emails, clicking on links, or sharing personal
information online. Cybercriminals often exploit simple human errors.

▪ Stay Informed: Keeping up-to-date with the latest cyber threats and security measures can significantly
reduce vulnerability to cyber attacks. Awareness training and regular updates can prevent many common
cybercrimes.

▪ Use Strong Security Measures: Employ robust cybersecurity tools and practices, such as using strong, unique
passwords, enabling two-factor authentication, and regularly updating software to protect against
vulnerabilities.

▪ Legal Recourse Exists: Be aware of the legal protections and recourses available against cybercrimes.
Understanding your rights can help navigate the aftermath of an attack and minimize damage.

▪ Collaborate and Report: Encourage openness about cyber threats within your organization and report
incidents to relevant authorities. Sharing information about threats can help improve security protocols and
prevent future attacks.