Getting Started With Cyber Security

People are always so intrigued about Cybersecurity. But do hackers fight tooth and nail, as shown in movies? Are there other options in Cybersecurity apart from hacking? To begin with, is hacking easy? How and where do I start? If you have had these questions bugging you for a long time, then it’s time to clear them up finally!

Let’s get started by understanding the critical points of the concept. Cybersecurity is a way of protecting all internet-connected devices from unauthorized access or cyber-attacks. There are many ways through which these cyber-attacks can take place. Let’s dive deeper into a few of them:

Few Types of Cyber-Attacks:

1. Phishing: Often posed as a request for data from a trusted third party. It is sent as an email and asks people to click on a link to enter their personal data.
2. DDoS: It stands for Distributed Denial of Service. The attacker sends a lot of data into the network to create network traffic. It overloads the network and creates loopholes to attack.
3. Man in the middle: The attacker can pull off this attack by being in between the website or app and the client. It helps them gain important information like passwords, bank details, etc. The client is under the belief that these details are provided for the legitimate website.
4. Drive-by downloads: It is the unintentional download of a malicious code or software without the user being aware of the consequences of the file.
5. Buffer overflow: The attacker targets the stack data structure where the data is stored and could inject components into the stack. It causes the buffer(the part of physical memory where the stack is stored) to overflow and not accept other data into it.

These are just a few ways a cyber-attack can take place. There are multiple other mediums and mechanisms like password attacks, malvertising, malware, rogue software, etc., to pose a security threat to a device. During such episodes, Cybersecurity relies on its three pillars to come up with a solution.

CIA Triad:

The CIA triad refers to the three pillars of Cybersecurity. They define the goals that every Cybersecurity system should attain to be reliable and stable.

1. Confidentiality: It assures the privacy of user information. An ideal Cybersecurity system makes sure that all the information related to the user is safe.

2. Integrity: It makes sure that all the information transferred by the user doesn’t get modified and reaches the destination in its actual form.

3. Accessibility/Availability: It ensures that the network systems and various applications are up and running so that the user doesn’t have to face the unavailability of services.

By now, I am sure you must be aware of what Cybersecurity entails. In the next section, we will be talking about hacking and hacker. Let’s look into it.

What do hackers do?

Not the ‘die-hard’ or ‘inception’ way of hacking, but let’s take a look into real hacking!

Hackers are cybersecurity experts who try to break the defenses of a system to penetrate through the system. What they do with the information next helps us categorize them into three categories: a white hat, grey hat, and black hat hacker.

Types of hackers:

White hat Hackers: They penetrate the system of an organization to report bugs and vulnerabilities in the organization’s security system.

Black Hat Hackers: They penetrate the system of an organization for malicious use of the information obtained.

Grey Hat Hackers: They strive to maintain a balance between the white and black hat hackers. They tend to violate laws sometimes but not as much as the black hat hackers.

Skills Necessary for Hacking

Hacking requires an in-depth knowledge of the following topics to penetrate a system and help get your job done safely and ethically.

Computing Aptitude:

1. Basic understanding of operating systems.
2. Understanding of basic software systems.
3. Grasp of CLI Commands.

Networking Aptitude:

1. Basic understanding of cables, systems, switches.
2. Basic understanding of Networking Architecture and different network protocols like TCP/IP.

Life Skills:

1. Ability to think out of the box.
2. Perseverance.

Preferred Operating System For Hacking:

Kali Linux is a Debian-based Linux distribution used for advanced penetration testing and security auditing. It contains more than 600 inbuilt tools used for penetration testing, security research, or reverse engineering.

Reasons for using Kali Linux:

1. Kali Linux is free.
2. Has more than 600 built-in penetration testing tools
3. Multi-language support with a customizable kernel
4. Committed to the open-source model.
5. Wide-ranging wireless device support.
6. Casting kernels have the latest injections.

There are many more reasons, but the above enlisted are the primary reasons to choose kali Linux over other operating systems.

Career Opportunities In Cybersecurity:

Considering the advancement of technology and the wide use of Cybersecurity in almost everything around us, the need for security rises. The devices we use need to be secured for other devices to trust them. This brings us to the topic of career opportunities in Cybersecurity.

Job titles

1. CISO(Chief Information Security Officer): Oversees the general operations of an organization’s IT security division.
2. Forensic Computer Analyst: Reviews computer-based information for evidence of a security breach.
3. Information Security Analyst: Responsible for the protection of an organization’s computer systems and networks.
4. Penetration Tester: They hack into a system to discover bugs or vulnerabilities of security systems.
5. Security Analysts: They plan and execute flawless security measures.
6. Security Engineer: Build IP Security systems for various organizations.
7. Security Specialist: An entry-level range with huge potential.
8. Incident Responders: They prevent and protect against threats.
9. Vulnerability Assessors: Their job is to spot vulnerabilities in a system and formulate appropriate patches.
10. Security Architect: They design tough security systems for an organization so that the system is less prone to cyber-attacks.
11. Security Administrators: Keeps the security system running smoothly every day.
12. Cryptographer: Write the code that hackers can’t hack.
13. Security Directors: They make the rules and solve complex problems.
14. Security Consultants: Advice on the security solutions to be used.
15. Security Managers: Keeps the system secure with the help of expert team advisors.
16. Security Auditors: Their works is to find weak spots in a security system before others do and cause harm to the organization.

As we have discussed the basics of Cybersecurity and the various paths you can pursue in this field, it’s time to get some hands-on experience on the same. Starting from a penetration tester to an analyst, everyone needs to have experience in handling bugs or finding vulnerabilities. So what are you waiting for? Let’s start our respective journies in Cybersecurity right now!