Cybersecurity Introduction - Netacad.com
How are hardware vulnerabilities mitigated
Malware protection and a physical security.
Exploit
A program written to take advantage of a known vulnerability.
Script Kiddie
Amateurs that use instructions or existing tools online to launch attack
Gray Hat Hacker
Between white and black hat attackers. The gray hat attackers may find a vulnerability in a system. Gray hat hackers may report the vulnerability to the owners of the system if that action coincides with their agenda. Some gray hat hackers publish the facts about the vulnerability on the Internet so that other attackers can exploit it.
Hacker
Breaks into computers or networks to gain access
White hat hacker
Breaks into networks or computer systems to discover weaknesses so that the security of these systems can be improved.
Buffer Overflow
By changing data beyond the boundaries of a buffer, the application accesses memory allocated to other processes.
Non-Validated Input
Data coming into the program could have malicious content, designed to force the program to behave in an unintended way.
Weaknesses in security practices
Developers should not attempt to create their own security algorithms because it will likely introduce vulnerabilities. It is strongly advised that developers use security libraries that have already created, tested, and verified.
Goal of an Attack
Gain access to a system, the data it hosts or to a specific resource.
Main purpose of cyberwarfare
Gain advantage over adversaries, whether they are nations or competitors.
State-Sponsored Attackers
Gather intelligence or commit sabotage on behalf of their government. These attackers are usually highly trained and well-funded, and their attacks are focused on specific goals that are beneficial to their government.
Cyber Criminals
Groups of professional criminals focused on control, power, and wealth. The criminals are highly sophisticated and organized, and they may even provide cybercrime as a service to other criminals
Cyberwarfare
Internet-based conflict that involves the penetration of computer systems and networks of other nations.
Hardware Vulnerabilities
Introduced by hardware design flaws.
Hacktivists
Make political statements to create awareness to issues that are important to them.
Buffers
Memory areas allocated to an application.
Organized Hackers
Organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers.
Access Control
Process of controlling who does what and ranges from managing physical access to equipment to dictating who has access to a resource, such as a file, and what they can do with it, such as read or change the file.
Access-Control Problems
Security vulnerabilities are created by the improper use of access controls.
Black Hat Hacker
Takes advantage of any vulnerability for illegal personal, financial or political gain
Attack
The act of using an exploit against a vulnerability.
What can buffer overflow lead to?
This can lead to a system crash, data compromise, or provide escalation of privileges.
Race Conditions
When the output of an event depends on ordered or timed outputs. A race condition becomes a source of vulnerability when the required ordered or timed events do not occur in the correct order or proper timing.