Information security overview
1- Definition
Information security is a state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low.
2- Essential terminology
- Hack value - is the notion among hackers that something is worth doing or is interesting.
- Vulnerability - is the existence of a weakness (design or implementation error) that can lead to an unexpected event compromising the security of the system.
- Exploit - is a breach of an IT system security through vulnerabilities.
- Payload - is the part of an exploit code that performs an intended malicious action.
- Zero-Day attack - is an attack that exploits the computer vulnerability before software engineer releases a patch.
- Daisy chaining - it involves gaining access to a network and /or computer and then using the same information to gain access to multiple networks and computers that contains desirable information.
- Doxing - Publishing personally identifiable information about an individual or organization.
- Bot - is a software application that can be controlled remotely to execute or automate predefined tasks.
- Warfare - or info war refers to the use of information and communication technologies to take advantage over an opponent.
- Hacking - Unauthorized attempts to bypass the security mechanisms of an information system or network.
- Hacker - is a person with excellent computer skills, with the ability to create and explore the computer software and hardware.
- Ethical hacking - is the use of hacking tools and tricks to identify vulnerabilities so as to ensure the system security.
3- Elements of information security
- Confidentiality: the information is only accessible by persons authorized to.
- Integrity: the trustworthiness of data.
- Availability: systems available to whom requires them.
- Authenticity.
- Non-repudiation: not denying sending or receiving data.
4- Levels of security
Levels of security in any system can be defined by the strength of three components which are functionality, security, and usability.Functionality represents the features, security represents the restrictions and usability represent the graphical user interface (GUI).We can find a close association between these three levels and move toward one of them is losing the two others.
II/ Information Security Threats and attacks
Attack = motive + method + vulnerability
Threat categories:
- Network threats.
- Host-based threats.
- Applications threats.
Some threats and attack vectors:
- Cloud computing threats.
- Advanced Persistent Threats (APT).
- Viruses and worms.
- Botnets
- Insider attacks…
Motives behind attacks:
- Information theft.
- Manipulating data.
- Damaging the reputation of the target.
- Propagating religious or political beliefs.
- Taking revenge.
III/ Hackers classes and hacking phases
A. Hackers classes
- Black hats: are hackers with malicious intentions.
- White hats: are ethical hackers.
- Grey hats: are black and white hackers.
- Suicide hackers: are hackers that are not afraid of going jail or facing any sort of punishment.
- Script kiddies: Unskilled hackers who use real hackers’ tools and programs.
- Cyber terrorists: hackers having religious or political beliefs with motive of creating a large-scale fear.
- State sponsored hackers: hackers engaged by governments.
- Hacktivists: hackers promoting a political agenda or a social change.
B. Hacking phases:
1. Reconnaissance
Reconnaissance is the preparation phase. It seeks to gather information about the target. There’s two kind of reconnaissance; active and passive.
- Active reconnaissance permits direct interaction by any mean with the target.
- Passive reconnaissance does not permit any direct interaction with the target.
2. Scanning
Scanning is the pre-attack phase, it’s done on the basis of information gathered during recon phase. This phase includes the usage of port scanners, net mappers, and many other tools.Information extracted by the attacker during this phase are live machine, OS details…
3. Gaining access
Gaining access is the point where the attacker obtains access to the system or the application. The attacker can then, escalate privileges to gain a complete control of the system.
4. Maintaining access
Maintaining access is the retention the system’s owner.
5. Cleaning tracks
Clearing tracks are hiding its malicious acts to prevent being uncovered.This was an introduction to ethical hacking covering an overview of information security, threats, and attack vectors, it also covers hacker types and hacking phases. The Next article will cover information security controls, laws, and standards. Stay tuned!Brought to you by Zyed Nammouchi