1. Home
  2. Training Library
  3. Security
  4. Courses
  5. IT Security Fundamentals

External Attacks

Developed with
QA
play-arrow
External Attacks
Overview
Difficulty
Beginner
Duration
1h 49m
Students
140
Ratings
5/5
starstarstarstarstar
Description

IT Security Fundamentals 

This is a beginner-level course designed to provide you with an introduction to Information technology security concepts. The course will suit anyone interested in understanding the fundamentals of security concepts from a business and technology perspective.  

Outline 

In this course we will provide:

  • An introduction to the concept of Information Security
  • We will cover the basic concepts that pertain to Information Security
  • We then begin to answer the question - what is information security and why do we need it?
  • We then explore some of the frameworks, controls and activities we can implement to control information security 

Pre-requisites 

This is a beginner level course where having a basic understanding of computing concepts will be useful 

Feedback 

Please reach out to us at support@cloudacademy.com with any questions, comments or feedback. 

 

Transcript

Hello and welcome back. Now we're going to look at external attacks. Now, an external attack has a number of stages.

First, we footprint. That means we go and find out what is available to hack. Find out as much information as possible. So, for example, maybe you intercept an organization’s employees  at the coffee shop. You’re having a conversation, talking about football, and you pay attention to him, you recognize where he puts his pass, you realize that he's got a pass that could be copied, you also be able to copy it there and then with a card reader. You also realize who his workmates are and see if you can intercept them. You set up face Facebook accounts to interact with them as well and have a good conversation. You’re doing reconnaissance work. You could do some dumpster diving, rooting through the trashcan to find information about their network, piecing  together shreddings that weren't done very well. Social engineering. Getting into the organization. I'm going for job interviews. All of that type of stuff where we actually find out information that we can use for a hack. Finding out what systems they're running. 

We then do a bit of scanning where we actually scan their systems and find out what systems they're using. That allows us to then move towards enumeration. If we know what they're running, then we can find out the vulnerabilities. And then we chose our pathway based on all of this foot printed information.

If footprinting is done correctly, the rest of the stages of an external attack run ever so smoothly. Yet if it isn't done sufficiently, this becomes hard work.

Penetration, that's then taking advantage of the vulnerabilities that we found and actually using an exploit. 

Then we elevate our actual privileges. Moving from user to admin or power user, or the main administrator, or whatever that might be.

Then we have pilfering, so we pilfer stuff, we take things that don’t belong to us. And then we cover our tracks. We cover our tracks by doing things such as deleting logs, changing things so that it doesn't look like we've been there, destroying accounts that we've created, etc.

And then, finally, we stage our return. We do what's called an established persistence, once we've penetrated. And that's what we'll do in terms of establishing some sort of command or control so that we can get back into the network at any point in time that we'd like to, leaving ourselves a back door, if you will.

So let’s now take a look at targeted attacks and advanced persistent threats, otherwise known as APTs. These are the norm nowadays. So you'll see big companies and nations stay active with doing all of this. They have so much money they can really, really hunt. And they can also pay for what we call Zero Days.

So, there are a couple of vulnerabilities. There are normal vulnerabilities which you will find on the CVE list, which can easily be found with a quick Google search.

CVE stands for Common Vulnerabilities and Exposures. We also have Zero Days. Now, the difference between these two are that CVEs are known, while Zero Days are unknown.

The unknown vulnerabilities are not on the CVE list. So if someone discovers an unknown vulnerability, through a penetration test, for example, in an organization’s systems or in their software, it's known as a Zero Day. Nobody's found it yet. So, Zero Days are the most dangerous type of vulnerability, because they're not known to the vendors. They're called Zero Days because nobody knows about them, there's nothing to protect against them, therefore at the time they are known it's zero days. There's nothing in place to fix them.

However, with common vulnerabilities and exposures there are patches. So if you get hit with this, that's your fault then. If you get caught with a CVE that's your fault. Some people spend time finding new vulnerabilities and putting them on the CVE list. It's also a good way to make money. They call it bug bounty hunting. People get paid to find bugs and vulnerabilities. Companies pay so much money now to bug bounty hunters and penetration testers to find these things before people that have malicious intent do. Or before people that don't have very good ethics do. Because what those people can do is use Zero Days and chain them together and to take advantage of them and launch very sophisticated attacks. Because nobody knows that those vulnerabilities exist.

APT threat stages are similar. Intelligence gathering. Finding a point of entry after that intelligence gathering. Setting up command and control. Lateral movement and persistence, which means moving from one system to another across the network, finding the data that you want to get, and then exfiltrating it.

That might be done in a multitude of ways such as email, USB devices, DNS traffic, tunneling, encrypting traffic and sending it out. There are so many different ways to get data out of an organization. They might get somebody to hide it on their person. And these are all examples of exfiltration.

 

About the Author
Avatar
King Samuel
Cyber Security Trainer
Students
1186
Courses
6
Learning Paths
1

Originating from a systems administration/network architecture career, a solid part of his career building networks for educational institutes. With security being a mainstay his implementation he grew a strong passion for everything cyber orientated especially social engineering. The educational experience led to him mentoring young women in IT, helping them to begin a cyber career. He is a recipient of the Cisco global cyber security scholarship. A CCNA Cyber Ops holder and elected for the CCNP Cyber Ops program.

Covered Topics