being secure, such as: freedom from danger, freedom from fear or anxiety” (Merriam-Webster) • Cybersecurity: “measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack” (Merriam- Webster) ◦ Alternatively: “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation” (NIST Computer Security Resource Center)
“access to information, assets, etc. should be granted only on a need to know basis so that information which is only available to some should not be accessible by everyone” ◦ Integrity: “information is not tampered whenever it travels from source to destination or even stored at rest” ◦ Availability: “make sure that the services of an organization are available” ◦ InfoSec Institute • Non-repudiation is a similarly important concept ◦ “Assurance that the sender of information is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither can later deny having processed the information” ◦ NIST CRSC
cost the world $3 trillion. Additionally, this figure is expected to double by 2021 (Cybercrime Magazine). • More than half of all businesses in the US have reported being hacked (Insurance Journal). • This isn’t just a threat to corporate bottom lines, though. Real, everyday people can be affected. ◦ For instance, in Adobe’s 2013 data breach, over 3 million credit card records and login data for countless users was leaked. ◦ A 2014 eBay data breach leaked over 145 million user’s data, including names, addresses, dates of birth, and hashed passwords. ◦ Equifax’s 2017 hack leaked Social Security Numbers, birth dates, addresses, and some driver’s license numbers for over 147 million customers. ◦ CSO Online
been the targets of cyber attacks, things have escalated into the realm of cyber warfare in recent years. Many of these attacks target critical infrastructure and industrial control systems (ICS). • In a famous attack known as Stuxnet, computers operating nuclear power plants in Iran were targeted and hacked (probably by the US). From there, hackers were able to dismantle the power plant and render it useless (Wired). • A similar attack was conducted on Ukraine’s electricity system (Helpnet Security).
have to think about security, they’re not the only ones. • IT professionals must keep security in mind when setting up systems. ◦ Make sure routers and firewalls are configured properly, make sure user account access is set up securely, etc. • Software developers must keep security in mind when developing software. ◦ Make sure app isn’t vulnerable to SQL injection, XSS attacks, etc. • Everyone else must keep security in mind during day-to-day life. ◦ Anyone can be the victim of phishing and other social engineering attacks. ◦ In fact, humans are probably the weakest link in security (SANS Institute, Treasurers).
we use many different tools. ◦ We use nmap to scan network ports. ◦ We use Wireshark to analyze network traffic. ◦ We use hashcat to crack password hashes. ◦ We write scripts in Python, bash, etc. to automate tasks. ◦ We employ firewalls, IDS’s, IPS’s, etc. to secure our networks. ◦ We use access-control tools like Active Directory to manage user access. • Kali Linux is a Linux distro that comes with many security tools built-in. ◦ It’s common to run this as a VM so you don’t mess up your main OS.
We can utilize scanme.nmap.org for practice. ◦ The command ‘nmap scanme.nmap.org’ performs a basic port scan, but there are more sophisticated options. ◦ For instance, the ‘-O’ flag scans for operating system information and the ‘-sV’ scans for version info. ◦ Examples • Let’s crack some password hashes with hashcat. ◦ We’ll be cracking some md5 hashes. ◦ The command ‘hashcat -m 0 -a 0 [target file] [dictionary file]’ will perform a dictionary attack on md5 hashes. ▪ The ‘--force’ option may be necessary. ◦ Hashcat can perform more sophisticated attacks as well. ◦ Hashcat Tutorial
more than just knowing tools, though. You need to understand the underlying concepts and ideas in order to properly apply these tools. ◦ A general understanding of computers and computer systems is essential. ◦ You need to understand computer networking, how computers communicate. ◦ You should be comfortable with using cryptography. ◦ Knowing some scripting and programming is nice and often times even essential. ◦ Familiarity with databases is very useful. • Hands-on experience will help you tremendously ◦ There are many ways to get hands-on experience even without a security internship or job, like NCL • You also need soft skills; even if you know that something is insecure, you need to be able to communicate that to nontechnical people.
security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. • Penetration Tester: Not only scans for and identifies vulnerabilities, but exploits them to provide hard evidence that they are vulnerabilities. • Security Analyst: Analyzes and assesses vulnerabilities in the infrastructure, investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. • Jobs also exist in malware analysis, application security, computer forensics, incident response, cryptography, etc. • See here for some more info.
semester, we will be giving presentations, hosting guest speakers, and leading hands-on activities/demonstrations to help explore the world of cybersecurity and help us all gain some experience. ◦ We’re already in touch with several people from industry who are willing to come in and give talks • Today’s meeting gave a general overview, but we will be digging into more technical details in future meetings.
is an online cybersecurity competition designed for students. • Players compete in a Pre-Season competition, an Individual Game, and a Team Game. ◦ Additionally, there is access to a practice “Gymnasium” before the competition begins • Players compete in Open Source Intelligence (OSINT), Log Analysis, Network Traffic Analysis, Cryptography, Scanning and Recon, Wireless Security, Password Cracking, Enumeration & Exploitation, and Web App Security.
get some hands-on security experience and learn more about security. • Challenges range from easy enough for a beginner to rather difficult. • Registration is only $35 and is open until October 2. • The Gymnasium opens September 14, and the Pre-Season begins October 12. • Check out https://nationalcyberleague.org to register and find out more. • Many of us competed last year and found it to be a great experience.
holding Officer elections. • Anyone may run for an Officer position, provided you meet university requirements regarding GPA, good standing, etc. • In order to run or vote, you must be registered as a member of the club on OrgSync • Officer Positions: ◦ President ◦ Vice President ◦ Treasurer ◦ Event Coordinator ◦ Outreach Manager ◦ Social Media Manager ◦ Webmaster
poll to determine which day and time is best for future meetings. Please fill out the poll if you have not already. ◦ Starting next week, we will likely be changing the meeting day and time based on the poll results. ◦ We will make an announcement about this. • If you have any suggestions of specific topics or activities you’d like to see us cover, feel free to share those with us. • Don’t forget to sign up for NCL!
unt_csc
soudai
destraynor
reverentgeek
addyosmani
mlcsv
brettharned
katarinadahlin
eitanlees
garrettdimon
popppiees
shpigford
mayatellez
