Cybersecurity
Cybersecurity Resources
The resources for cybersecurity can be divided into two types: cybersecurity articles and CTF walkthroughs.
Articles on Cybersecurity
The Cyber Kill Chain
Types of Hackers
Intrusion Detection Systems (IDSs)
Escalating Privileges With an RSA Private Key
CTF Walkthroughs
What is Cybersecurity?
Cybersecurity is an ever-evolving field that is concerned with the protection and restoration of computer systems and digital information.
The National Institute of Standards and Technology (NIST) defines cybersecurity as:
“Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.”
Cybersecurity is closely tied to information security, and there has been much debate/discussion around the relationship between them.
How to Learn Cybersecurity
How you should learn cybersecurity depends on who you are; your goals, and what you enjoy.
One of the best aspects of cybersecurity is capture the flag (CTF) exercises designed for training and enjoyment. CTFs are a great way to learn by getting hands-on in a challenging but supportive format. A great beginner site for CTFs is tryhackme.com. I have put together a number of walkthroughs for TryHackMe rooms, which you can find here. Other popular sites include hackthebox, proving grounds, pico ctf, and over the wire among others.
Non-technical folks who just need to understand the basics can get by on reading high-level tutorials.
The CIA Triad
Confidentiality
Synonymous with privacy, confidentiality means that data has been protected against unauthorized disclosure.
Integrity
Integrity is ensuring that data is accurate and has not been modified in any way from its’ original form.
Availability
Availability means that the data can be accessed when it needs to be.
Important Terms in Cybersecurity
One of the things that can make cybersecurity difficult to learn is that there are tightly woven concepts that can be tough to differentiate. Four such terms are: vulnerability, threat, exploit, and risk. We’ll cover these briefly below:
Threat
A threat is anything that can cause negative impact to an organization. Threats can include things like people (like hackers), programs (such as malicious bots), or even natural events. A storm, for instance, can take down power or data lines and is therefore considered a threat.
Risk
Risk is defined as the probability of an event having negative impact occurring. Since it is impossible to achieve 100% security on all systems, at all times, organizations need to decide tolerance levels for different risks. For example, expert lockpickers can pick almost any mass-produced lock within a few seconds. Given this information, we may decide that drastically greater security measures need to be put into place to safeguard our homes.
We might choose to install 10 locks instead of one or two in order to slow the lockpickers down. However most lockpickers functioning at that level are not criminals and the chances of such an event occurring are extremely low. Further, our homes and possessions can easily be protected more completely by using automated home security, movement detecting lights, and having insurance.
Vulnerability
A vulnerability is an error, flaw, or loophole that can be exploited to get the system to do something unintended.
Exploit
An exploit is an event during which a vulnerability is taken advantage of in order to breach the security of an IT system. The exploit itself describes the steps taken to cause the security breach, including any code executed to achieve exploitation.