Scribd Logo
Upload

Welcome to Scribd!

  • By Soumedhik Naskar

    Uploaded by

    Raja Naskar
    10 views15 pages
    This document discusses ethical hacking, which involves using the same tools and techniques as hackers but legally and ethically to test an organization's cybersecurity defenses. It defines different types of hackers including black hat hackers who use their skills illegally for personal gain, white hat hackers who use their skills defensively and ethically, and grey hat hackers who sometimes act offensively and other times defensively. Common cyberattacks organizations face are also summarized such as social engineering, ransomware, DDoS attacks, and risks involving AI/ML, cryptocurrency, and third-party software. The phases of a hacking attempt and types of scanning are outlined as well as information security controls to reduce risks.

    Original Description:

    Original Title

    ppt 1

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses ethical hacking, which involves using the same tools and techniques as hackers but legally and ethically to test an organization's cybersecurity defenses. It defines different types of hackers including black hat hackers who use their skills illegally for personal gain, white hat hackers who use their skills defensively and ethically, and grey hat hackers who sometimes act offensively and other times defensively. Common cyberattacks organizations face are also summarized such as social engineering, ransomware, DDoS attacks, and risks involving AI/ML, cryptocurrency, and third-party software. The phases of a hacking attempt and types of scanning are outlined as well as information security controls to reduce risks.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    10 views15 pages

    By Soumedhik Naskar

    Uploaded by

    Raja Naskar
    This document discusses ethical hacking, which involves using the same tools and techniques as hackers but legally and ethically to test an organization's cybersecurity defenses. It defines different types of hackers including black hat hackers who use their skills illegally for personal gain, white hat hackers who use their skills defensively and ethically, and grey hat hackers who sometimes act offensively and other times defensively. Common cyberattacks organizations face are also summarized such as social engineering, ransomware, DDoS attacks, and risks involving AI/ML, cryptocurrency, and third-party software. The phases of a hacking attempt and types of scanning are outlined as well as information security controls to reduce risks.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 15

    By

    Soumedhik
    Naskar
    Introduction

    Ethical hacking also known as penetration testing or


    white-hat hacking, involves the same tools, tricks, and techniques
    that hackers use, but with one major difference that Ethical hacking
    is legal.
    Ethical hacking, is legally breaking into computers and devices
    to test an organization's defenses
    Who are known as hackers?

    A hacker is an individual who uses computer, networking or


    other skills to overcome a technical problem. The term also
    may refer to anyone who uses their abilities to gain unauthorized
    access to systems or networks in order to commit crimes.
    Types of Hackers

    Black Hat Hacker

    White Hat Hacker

    Grey Hat Hacker


    Black-Hat Hacker

    That is black hat hackers use their knowledge and


    skill for their own personal gains probably by
    hurting others
    White-Hat Hacker

    White hat hackers are those individuals


    professing hacker skills and using them for
    defensive purposes.
    This means that the white hat hackers use their
    knowledge and skill for the good of others and
    for the common good.
    Grey-Hat Hackers

    These are individuals who work both offensively and


    defensively at various times.
    We cannot predict their behavior.
    Sometimes they use their skills for the common good while
    in some other times he uses them for their personal gains
    Common Cybersecurity Issues That Organizations Face

    Cybersecurity is a top concern for today’s business owners and technology


    executives, and with good reason. In the first half of 2020 alone, 36 billion
    records were exposed due to data breaches, according to a report generated
    by the firm RiskBased Security.

    Organizations and cybersecurity attacks

    Cybersecurity attacks can happen to any organization at any time.


    Social engineering

    Social engineering represents a catch-all term for various tactics that are used by
    hackers. These tactics are designed to trick individuals into giving out sensitive or
    confidential information.
    Ransomware

    Ransomware is another tactic used by hackers. The objective is to hold a company’s


    data hostage until the affected user pays a specific dollar amount, which can often be
    hefty.
    Distributed denial-of-service (DDoS)

    The hallmark of these attacks is coordination. A cyber attacker floods the system with a hi
    number of simultaneous functions, such as a request to a webpage.

    Artificial intelligence (AI) and machine learning (ML)


    In the hands of cyber criminals, artificial intelligence (AI) and machine learning can enable
    cyber attacks to become more sophisticated and efficient.
    Crypto and blockchain attacks
    The use of cryptocurrencies and blockchain technology in business continues
    to increase. According to a report by Allied Market Research, the global
    cryptocurrency industry (hardware, software, platforms, and services) is
    projected to reach nearly $5 billion by 2030.
    Third-party software
    Small businesses represent an appealing target to cyber attackers. One reason
    is that theirsmaller computer infrastructures can occasionally provide gateways
    to bigger targets.
    Phases of Hacking

    Reconnaissance: This is the first step of Hacking.

    Scanning: Three types of scanning are involved:

    Gaining Access: This phase is where an attacker breaks into the


    system/network using various tools or methods.

    Maintaining Access:

    Clearing Track:
    Types of Scanning

    Port Scanning

    Network Scanning
    Gaining Access

    Password Attacks

    Social Engineering

    Viruses
    Maintaining Access

    Trojans

    Os backdoors

    Clears Tracks
    Information security controls

    THESE are measures taken to reduce information security risks such


    as information systems breaches, data theft, and unauthorized changes to
    digital information or systems.

    Access controls including restrictions on physical access such as security


    guards at building entrances, locks, and perimeter fences
    Procedural controls such as security awareness education, security
    framework compliance training, and incident response plans and
    procedures
    Technical controls such as multi-factor user authentication at login (login)
    and logical access controls, antivirus software, firewalls
    Compliance controls such as privacy laws and cyber security frameworks
    and standards. 
    What are the 3 CIA triad?

    1.Confidentiality

    Data confidentiality means that personal data, trade secrets, and other


    private business data are protected against unauthorized access,
    disclosure without permission, and theft
    2.integrity
    Data integrity refers to the reliability and trustworthiness of data
    throughout its lifecycle

    3.Availability
    Availability' means ensuring timely and reliable access
    to and use of information.

    You might also like