Overview: What is Ethical Hacking?

Let's begin the course with an important question. What is ethical hacking? Well, it just means we're testing systems for weaknesses with the explicit permission of the owner. That means the person who controls or owns that computer, that network, that system has given us explicit permission to test using ethical hacking techniques. These are the same techniques and tools that an attacker might use to find vulnerabilities. We'll learn about Kali, Linux Metasploit, and we'll use lots of platforms from Linux to PC Windows desktops to Mac and even Android devices. And depending on the type of ethical hacking you're doing, you can either recommend and sometimes if you're working for the same company, apply the fixes and improvements to secure systems and networks. Above all, ethical hacking is practical, useful, and it's hands on. We'll actually perform the hacks and then we'll learn how to secure against them what we're trying to do in security is protect what we call the CIA triad or the security triad confidentiality. That means that we protect information from unauthorized access that can be insiders or outsiders who just don't have the permission to access certain materials integrity. That means that we're trying to protect our data or our systems from from unauthorized modification and then availability. That means that we have timely access to the information by the right people. That means, well, an example of a loss of availability might be a denial of service attack where all the Internet is shut down because of heavy traffic. A problem with integrity could be someone has gone in and modified files, changed data in a record or deleted log files to delete signs of hacking. And any loss of confidentiality just means that someone else can see data that they're not supposed to see. There are lots of different types of attackers. You have outsiders and insiders as threats. So outsiders can be your competitors. They can be black hat and gray hat, hackers, white hat hacker is what we're learning to be, that someone who uses ethical tools and means to test systems. A gray hat hacker sits sort of in between. They they usually state a positive purpose, but they can use some of the techniques that they shouldn't be using. That just means that they're trying something and don't have full authorization or using illegal techniques as part of their trade and black hat. It's no holds barred, no holds barred. They can use any techniques, any means to get into a system, organized crime, terrorists, foreign governments, military, law enforcement. There are lots of outsiders that might want to peek into your network or worse. Then insider threats come in the form of customers, suppliers, vendors, business partners. Think about contractors that come on your web, on your company's premises, temps, consultants, and then, of course, your employees, disgruntled current employees, former employees, or even employees who don't mean to do something wrong. Just human error can be an example of an insider threat. That's why the training that we'll talk about in ethical hacking is very important. It keeps our good people from accidentally doing something bad. There are lots of good reasons not to become an attacker. You're going to learn about ethical hacking, and hacking is not necessarily a bad term. We just associate it with the bad hackers and attackers because of the media. But being an attacker is illegal in most countries here in the United States. US Code Title 18, Section 1030 and others contain the computer Fraud and computer abuse acts. We've got the USA Patriot Act that determines who can see what information Homeland Security Act. If there's any suspicion of terrorism, the Protect Act, you can go to the Department of Justice's website, cybercrime.gov and see lots of good resources and information on what's legal and what's illegal when it comes to cyber crime. Just to give a short version, unauthorized access or use of any computer or network or system is illegal. A good example in the real world would be finding a key on the sidewalk. That's the same as finding a vulnerability, like somebody left a password in plain text out on the internet. That's a vulnerability. Finding that is not illegal. If you just see a key on the sidewalk, even sometimes if you pick the key up, it may not be illegal, but if you try that key on a door and walk into a house or walk into a business, you've committed unlawful entry. Let's the same spirit with all of the computer laws. When we try to exploit a vulnerability, that's like opening the door and walking into the premises that is an unauthorized access or an unlawful entry. You didn't have to break anything. It's not breaking and entering, but it's still an unlawful entry. Unauthorized access. And remember that even unintentional attacks are illegal too. If you try some of the techniques that can create a network flood, for example, on a network that you don't have explicit permission to test like a coffee shop, a library, your work, your school. If you take down the network, that is illegal as well. Even an unintentional attack can break the law. There are reasons that we study ethical hacking using the tools that actual hackers or bad attackers use. And that's because we want to evaluate the systems that we're defending just like an attacker would. We also want to be able to implement countermeasures or put something in place that will keep that attack from being successful. And then we also want to better understand the implications of the decisions we make if we turn off security in one area or lessen the security so that we make work easier, then we can unintentionally bring in additional vulnerabilities and allow other threats onto our network. So we just need to be able to make those decisions between usability and security and find the right balance for our organization. What are the things we do to protect a system and a network and our data from access? First of all, prevention is just putting in place techniques that cause attacks to fail. So a good firewall will block a portion of attacks. Good antivirus will block another portion of attacks. Training will help block a lot of attacks that employees or or users on your network might fall for. Then we put in place above prevention detection. Those are techniques that can determine when someone is attacking your network and detect that something has occurred and report it so that your security team can begin working on that last stage, which is recovery. Recovery just means techniques that stop attacks and then assess and repair any damage that's caused. Ransomware attacks are pretty prevalent these days. A good backup can be your first line of defense to making sure that ransomware doesn't affect your network as badly as it has many in the world. So we need multiple layers of security. We call this a layered approach because we we don't rely on just a firewall, just antivirus, just training. We put all of those types of things and more in place on our networks prevention, detection and recovery. And there's good news and bad news when it comes to the types of threats on our networks. First of all, a 2015 HP Cyber Risk report showed that almost half, 44% of all breaches in 2015 came from known vulnerabilities that were 2 to 4 years old. That means that there had been patches for most of these problems for over two years, and they were still successful almost half of the time. 44% of those breaches came from attacks that a patch had been available for and by a patch we just mean updating your systems. In fact, the Australian Signals Directorate, that's like the Australian NSA found that 85% of breaches were preventable in a certain year and I think this applies almost all the time just by doing four things. That's application whitelisting. So restricting which programs can run on your computer, not installing new software all the time and putting in place measures that will keep new software from installing itself, then patching applications. That means updating office, updating Java, updating your Adobe Flash or anything else that you may be using. Then patching operating systems like your Windows updates, doing software updates on your Mac or your Linux and then restricting administrative privileges. That just means account controls for your everyday computer use. You probably don't need to be an administrator, so you sign in with a user account and then you reserve the administrative account level or you elevate your privileges only when you need to do things to administer or to to maintain the computer. Just those four things can make an 85% impact in the number of attacks that that are successful or unsuccessful coming into your network. Now, let me wrap up this brief introduction with a couple of disclaimers. While many of the examples that you're going to see in this course came from exercises, we actually performed with real students in the National Cyber Warrior Academy. This online course is not sponsored or endorsed by the NSA or the University of North Georgia. All opinions expressed here are my own, and the techniques and tools demonstrated in this course can cause serious damage if misused, either intentionally or unintentionally. So please proceed with caution. Be careful where you use these techniques and tools. Do it only on a system that you own or you have your parents or your employers explicit permission to test. You need written permission in the case where you're going to run something on a network. Work or on a computer system that you do not personally own or pay for. You need to practice these tools and techniques in a virtualized environment like we're going to learn to do so that these tools don't cause unintentional damage on the network or on the system you're touching. Across this course, we're going to learn how to hack everything from Mac PC Linux computers all the way to Android devices, even car hacking as a part of this course. So you're going to get exposed to a lot of tools and techniques in a very short period of time. Take your time, work through each section, and feel free to explore each of the tools that we're going to use. We'll set up a safe network environment so that you can do that. But first, we're going to start with a practical example of real world ethical hacking. We're going to hack into a Windows computer with just two reboots, two commands or two special key combinations and four commands that have to be typed at the command line. You're going to see how to get into a Windows machine to retrieve old files, to set up a new user account when you might have forgotten the password. It's a very practical, real world, hands on example, and we'll start it next.