this pdf about basic knowledge of cyber security

1. INTRODUCTI
ON TO CYBER
SECURITY

2. Table of Contents
Module 01: Introduction to Cyber security Ethical
Hacking
1. Information Security Overview
2. Cyber Kill Chain Concepts
3. Hacking Concepts
4. Cyber Laws And Its Standards

3. Information Security
Overview
Information security protects sensitive
information from unauthorized activities,
including inspection, modification,
recording, and any disruption or
destruction. The goal is to ensure the
safety and privacy of critical data such as
customer account details, financial data or
intellectual property.

4. Elements of Information Security
Information security is a state of
well-being of information and
infrastructure in which the
possibility of theft, tampering,
and disruption of information
and services is low or tolerable

5. Elements of Information Security
1. Confidentiality
2. Integrity
3. Availability
4. Authenticity
5. Non-Repudiation

6. CIA triad
1.Confidentiality
2.Integrity
3.Availability

7. What is CIAAN
1. Confidentiality
2. Integrity
3. Availability
4. Authenticity
5. Non-Repudiation

8. Confidentiality
Assurance that the
information is accessible
only to those authorized to
have access

9. Integrity
The trustworthiness of data
or resources in terms of
preventing improper or
unauthorized changes

10. Availability
Assurance that the systems
responsible for delivering, storing,
and processing information are
accessible when required by the
authorized users

11. Authenticity
Refers to the characteristic of a
communication, document, or
any data that ensures the
quality of being genuine

12. Non-Repudiation
A guarantee that the sender of a
message cannot later deny having
sent the message and that the
recipient cannot deny having
received the message

13. Motives, Goals, and Objectives of
Information Security Attacks
Motive (Goal) +
Method +
Vulnerability

14. A motive originates out of the notion
that the target system stores or
processes something valuable, and this
leads to the threat of an attack on the
system
Attackers try various tools and attack
techniques to exploit vulnerabilities in
a computer system or its security
policy and controls in order to fulfil
their motives

15. Motives behind
Information security
attacks

16. Motives behind Information
security attacks
Disrupting business continuity
Propagating religious or political beliefs
Achieving a state's military objectives
Damaging the reputation of the target
Stealing information and manipulating data
Creating fear and chaos by disrupting critical infrastructures
Taking revenge
Causing financial loss to the target
Demanding ransom

17. Classification of Attacks

18. 1. Passive Attacks
2. Active Attacks
3. Close-in Attacks
4. Insider Attacks
5. Distribution Attacks

19. Passive Attacks
Passive attacks do not tamper
with the data and involve
intercepting and monitoring
network traffic and data flow
on the target network

20. Examples of passive attacks:
Footprinting
Sniffing and eavesdropping
Network traffic analysis
Decryption of weakly encrypted traffic

21. Active Attacks
Active attacks tamper with the data
in transit or disrupt the
communication or services
between the systems to bypass or
break into secured systems

22. Examples of active attacks:
Denial-of-service (DoS) attack
Firewall and IDS attack
Bypassing protection mechanisms
Malware attacks (such as viruses,
worms, ransomware)
Modification of information
Spoofing attacks
Replay attacks
Password-based attacks
Session hijacking
Man-in-the-Middle attack
DNS and ARP poisoning
Compromised-key attack
Close-in Attacks
Profiling
Arbitrary code execution
Privilege escalation
Backdoor access
Cryptography attacks
SQL injection
XSS attacks
Directory traversal attacks

23. Close-in Attacks
Close-in attacks are performed
when the attacker is in close
physical proximity with the target
system or network in order to
gather, modify, or disrupt access
to information

24. Examples of close-in attacks:
Social engineering (Eavesdropping,
shoulder surfing, dumpster diving,
and other methods)

25. Insider Attacks
Insider attacks involve using
privileged access to violate rules or
intentionally cause a threat to the
organization's information or
information systems

26. Examples of insider attacks:
Eavesdropping and wiretapping
Theft of physical devices
Social engineering
Data theft and spoliation
Pod slurping
Planting keyloggers, backdoors, or malware

27. Distribution attacks
Distribution attacks occur when
attackers tamper with hardware or
software prior to installation
Attackers tamper with the hardware or
software at its source or in transit

28. EXAMPLE:-
Modification of software or
hardware during production
Modification of software or
hardware during distribution

29. INFORMATION WARFARE
Information war is an
operation conducted in
order to gain an
information advantage
over the opponent.

30. Information Warfare
Defensive Information
Warfare
Offensive Information
Warfare

31. Defensive
Information Warfare
Refers to all strategies and actions designed to defend against
attacks on ICT assets
Prevention
Deterrence
Alerts
Detection
Emergency Preparedness
Response

32. Offensive Information Warfare
Refers to information warfare that involves
attacks against the ICT assets of an opponent
Web Application Attacks
Web Server Attacks
Malware Attacks
MITM Attacks
System Hacking

33. Thanks

34. Unit 2

35. Cyber Kill
Chain Concepts

36. What is kill chain?
The term kill chain is a
military concept which
identifies the structure of
an attack.

37. What is cyber kill chain concepts?
Originally developed by Lockheed
Martin in 2011
This model helps organizations understand the various
possible threats at every stage of an attack and the
necessary countermeasures to defend against such
attacks. Also, this model provides security professionals
with a clear insight into the attack strategy used by the
adversary so that different levels of security controls
can be implemented to protect the IT infrastructure of
the organization.

38. cyber kill chain methodology
The cyber kill chain methodology is a
component of intelligence-driven defense for
the identification and prevention of
malicious intrusion activities
It provides greater insight into attack
phases, which helps security
professionals to understand the
adversary's tactics, techniques,

39. 7 Phases of the Cyber Kill Chain Process
Phase 1: Reconnaissance
Phase 2: Weaponization
Phase 3: Delivery
Phase 4: Exploitation
Phase 5: Installation
Phase 6: Command and Control
Phase 7: Actions on Objective

40. Phase 1:
Reconnaissance
Gather data on the target to
probe for weak points

41. Phase 2: Weaponization
Create a deliverable
malicious payload using an
exploit and a backdoor

42. Phase 3: Delivery
Send weaponized bundle
to the victim using email,
USB, etc.

43. Phase 4: Exploitation
Exploit a vulnerability by
executing code on the victim's
system

44. Phase 5: Installation
Install malware on
the target system

45. Phase 6: Command and
Control
Create a command and control
channel to communicate and
pass data back and forth

46. Phase 7: Actions on
Objective
Perform actions to
achieve intended
objectives/goals

47. Thanks

48. Unit 3

49. Hacking
Concepts

50. What is hacking
Hacking refers to activities that
seek to compromise digital
devices, such as computers,
smartphones, tablets, and even
entire networks.

51. What is meant by ethical hacking?
Definition. Ethical hacking involves an
authorized attempt to gain
unauthorized access to a computer
system, application, or data.
Carrying out an ethical hack involves
duplicating strategies and actions of
malicious attackers.

52. SOME TYPES OF HACKER
WHITE HAT HACKERS
BLACK HAT HACKERS
GRAY HAT HACKERS
SCRIPT KIDDIES
GREEN HAT HACKERS
BLUE HAT HACKERS
RED HAT HACKERS
STATE/NATION SPONSORED HACKERS
HACKTIVIST
MALICIOUS INSIDER OR WHISTLEBLOWER

53. WHITE HAT HACKERS
• WHITE HAT HACKERS, ALSO KNOWN AS ETHICAL HACKERS ARE THE
CYBERSECURITY EXPERTS WHO HELP THE GOVT AND ORGANIZATIONS
BY PERFORMING PENETRATION TESTING AND IDENTIFYING
LOOPHOLES IN THEIR CYBERSECURITY. THEY EVEN DO OTHER
METHODOLOGIES AND ENSURE PROTECTION FROM BLACK HAT
HACKERS AND OTHER MALICIOUS CYBER CRIMES.
• SIMPLY STATED, THESE ARE THE RIGHT PEOPLE WHO ARE ON YOUR
SIDE. THEY WILL HACK INTO YOUR SYSTEM WITH THE GOOD
INTENTION OF FINDING VULNERABILITIES AND HELP YOU REMOVE
VIRUS AND MALWARE FROM YOUR SYSTEM.

54. BLACK HAT HACKERS
• A BLACK HAT HACKER IS THE TYPE OF HACKER YOU SHOULD BE
WORRIED. HEARD A NEWS ABOUT A NEW CYBERCRIME TODAY? ONE OF
THE BLACK HAT HACKERS MAY BE BEHIND IT.
• WHILE THEIR AGENDA MAY BE MONETARY MOST OF THE TIME, IT'S NOT
ALWAYS JUST THAT. THESE HACKERS LOOK FOR VULNERABILITIES IN
INDIVIDUAL PCS, ORGANIZATIONS AND BANK SYSTEMS. USING ANY
LOOPHOLES THEY MAY FIND, THEY CAN HACK INTO YOUR NETWORK AND
GET ACCESS TO YOUR PERSONAL, BUSINESS AND
FINANCIAL INFORMATION.

55. GRAY HAT HACKERS
• GRAY HAT HACKERS FALL SOMEWHERE IN BETWEEN WHITE HAT AND
BLACK HAT HACKERS. WHILE THEY MAY NOT USE THEIR SKILLS FOR
PERSONAL GAIN, THEY CAN, HOWEVER, HAVE BOTH GOOD AND BAD
INTENTIONS. FOR INSTANCE, A HACKER WHO HACKS INTO AN
ORGANIZATION AND FINDS SOME VULNERABILITY MAY LEAK IT OVER THE
INTERNET OR INFORM THE ORGANIZATION ABOUT IT.
• IT ALL DEPENDS UPON THE HACKER. NEVERTHELESS, AS SOON AS
HACKERS USE THEIR HACKING SKILLS FOR PERSONAL GAIN THEY BECOME
BLACK HAT HACKERS. THERE IS A FINE LINE BETWEEN THESE TWO. SO, LET
ME MAKE IT SIMPLE FOR YOU.
•BECAUSE A GRAY HAT HACKER DOESN'T USE HIS SKILLS FOR PERSONAL
GAIN, HE IS NOT A BLACK HAT HACKER ALSO, BECAUSE HE IS NOT LEGALLY
AUTHORIZED TO HACK THE ORGANIZATION'S CYBERSECURITY, HE CAN'T B
CONSIDERED A WHITE HAT EITHER

56. SCRIPT KIDDIES
THESE HACKERS USUALLY DOWNLOAD TOOLS OR USE
AVAILABLE HACKING CODES WRITTEN BY OTHER DEVELOPERS
AND HACKERS. THEIR PRIMARY PURPOSE IS OFTEN TO
IMPRESS THEIR FRIENDS OR GAIN ATTENTION.
HOWEVER, THEY DON'T CARE ABOUT LEARNING. BY USING
OFF-THE-SHELF CODES AND TOOLS, THESE HACKERS MAY
LAUNCH SOME ATTACKS WITHOUT BOTHERING FOR THE
QUALITY OF THE ATTACK. MOST COMMON CYBER ATTACKS BY
SCRIPT KIDDIES MIGHT INCLUDE DOS AND DDOS ATTACKS.

57. GREEN HAT HACKERS
THESE HACKERS ARE THE AMATEURS IN THE ONLINE WORLD
OF HACKING. CONSIDER THEM SCRIPT KIDDIES BUT WITH A
DIFFERENCE. THESE NEWBIES HAVE A DESIRE TO BECOME
FULL-BLOWN HACKERS AND ARE VERY CURIOUS TO LEARN.
YOU MAY FIND THEM ENGROSSED IN THE HACKING
COMMUNITIES BOMBARDING THEIR FELLOW HACKERS WITH
QUESTIONS.
• YOU CAN IDENTIFY THEM BY THEIR SPARK TO GROW AND
LEARN MORE ABOUT THE HACKING TRADE ONCE YOU
ANSWER A SINGLE QUESTION, THE HACKERS WILL LISTEN
WITH UNDIVIDED ATTENTION AND ASK ANOTHER QUESTION
UNTIL YOU ANSWER ALL THEIR QUERIES.

58. BLUE HAT HACKERS
• THESE ARE ANOTHER FORM OF NOVICE HACKERS
MUCH LIKE SCRIPT KIDDIES WHOSE MAIN AGENDA IS
TO TAKE REVENGE ON ANYONE WHO MAKES THEM
ANGRY. THEY HAVE NO DESIRE FOR LEARNING AND
MA USE SIMPLE CYBER ATTACKS LIKE FLOODING
YOUR IP WITH OVERLOADED PACKETS WHICH WILL
RESULT IN DOS ATTACKS.
•A SCRIPT KIDDIE WITH A VENGEFUL AGENDA CAN BE
CONSIDERED A BLUE HAT HACKER.

59. RED HAT HACKERS
• RED HAT HACKERS HAVE AN AGENDA SIMILAR TO WHITE HAT
HACKERS WHICH IN SIMPLE WORDS IS HALTING THE ACTS OF
BLACKHAT HACKERS. HOWEVER, THERE IS A MAJOR
DIFFERENCE IN THE WAY THEY OPERATE. THEY ARE RUTHLESS
WHEN IT COMES TO DEALING WITH BLACK HAT HACKERS.
INSTEAD OF REPORTING A MALICIOUS ATTACK, THEY BELIEVE
IN TAKING DOWN THE BLACK HAT HACKER COMPLETELY. RED
HAT HACKER WILL LAUNCH A SERIES OF AGGRESSIVE CYBER
ATTACKS AND MALWARE ON THE HACKER THAT THE HACKER
MAY AS WELL HAVE TO REPLACE THE WHOLE SYSTEM.

60. STATE/NATION SPONSORED HACKERS
• STATE OR NATION SPONSORED HACKERS ARE
THOSE WHO HAVE BEEN EMPLOYED BY THEIR STATE
OR NATION'S GOVERNMENT TO SNOOP IN AND
PENETRATE THROUGH FULL SECURITY TO GAIN
CONFIDENTIAL INFORMATION FROM OTHER
GOVERNMENTS TO STAY AT THE TOP ONLINE.
• THEY HAVE AN ENDLESS BUDGET AND EXTREMELY
ADVANCED TOOLS AT THEIR DISPOSAL TO TARGET
INDIVIDUALS, COMPANIES OR RIVAL NATIONS.

61. HACKTIVIST
IF YOU'VE EVER COME ACROSS SOCIAL ACTIVISTS
PROPAGANDIZING A SOCIAL, POLITICAL OR
RELIGIOUS AGENDA, THEN YOU MIGHT AS WELL
MEET HACKTIVIST, THE ONLINE VERSION OF AN
ACTIVIST. HACKTIVIST IS A HACKER OR A GROUP OF
ANONYMOUS HACKERS WHO THINK THEY CAN
BRING ABOUT SOCIAL CHANGES AND OFTEN HACK
GOVERNMENT AND ORGANIZATIONS TO GAIN
ATTENTION OR SHARE THEIR DISPLEASURE OVER
OPPOSING THEIR LINE OF THOUGHT.

62. MALICIOUS INSIDER OR
WHISTLEBLOWER
• A MALICIOUS INSIDER OR A WHISTLEBLOWER MAY
BE AN EMPLOYEE WITH A GRUDGE OR A STRATEGIC
EMPLOYEE COMPROMISED OR HIRED BY RIVALS TO
GARNER TRADE SECRETS OF THEIR OPPONENTS TO
STAY ON TOP OF THEIR GAME.
• THESE HACKERS MAY TAKE PRIVILEGE FROM THEIR
EASY ACCESS TO INFORMATION AND THEIR ROLE
WITHIN THE COMPANY TO HACK THE SYSTEM.

63. Thanks

64. Cyber Laws
And Its
Standards

65. What are the cyber security laws in
India?
According to the Ministry of Electronics and
Information Technology, Government of
India : Cyber Laws yields legal
recognition to electronic documents and
a structure to support e-filing and e-
commerce transactions and also
provides a legal structure to reduce,
check cyber crimes.

66. IT ACT 2000
The Information Technology Act, 2000 also
Known as an IT Act is an act proposed by the
Indian Parliament reported on 17th October
2000 and Amended in 2008.
This was the first act for the computer
related offences.

67. What is cognizable offence?
Cognizable offence means an offence for
which, and cognizable case means, a case
in which, a police officer may, in
accordance with the First Schedule or
under any other law for the time bell in
force, arrest without warrant. Cognizable
offences are usually serious in nature.

68. What are non-cognizable offences?
In case of a non-cognizable offence, the
police cannot arrest the accused without a
warrant as well as cannot start an
investigation without the permission of the
court. The crimes of forgery, cheating,
defamation, public nuisance, etc., fall in
the category of non-cognizable crimes.

69. CYBER LAWS
Section 65: Tampering with computer source
documents.
Section 66: Hacking with computer system.
Section 66B: Receiving stolen computer
devices.
Section 66C: Using someone's username and
password.
Section 66D: Cheating using computer
system.
Section 66F: Acts of cyberterrorism.

70. Section 67A:Publishing images
containing sexual acts.
Section 67B:Publishing child
porn.
Section 67C: Failure to
maintain records.
Section 68: Failure/refusal to
comply with orders.

71. THANKS