The Absolute Beginners Guide to Cyber Security - Part 1 | Alexander Oni | Skillshare

Playback Speed

  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x

The Absolute Beginners Guide to Cyber Security - Part 1

teacher avatar Alexander Oni, Web Developer & Cyber Security Expert

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Lessons in This Class

53 Lessons (3h 30m)
    • 1. Promo

    • 2. Welcome to the Course

    • 3. Connect with Me Cyber Platforms

    • 4. First things First

    • 5. Difference Between Information and Cyber Security

    • 6. The CIA Triad

    • 7. The Security vs Ease of Access Paradox

    • 8. Computer Protocols

    • 9. TCPIP

    • 10. World of Hacking Section Intro

    • 11. What is NOT Hacking

    • 12. Types of Hackers

    • 13. Hacking Methodology

    • 14. The WhoIS Query

    • 15. Social Engineering

    • 16. Attacks Section Intro

    • 17. Brute Force Attacks

    • 18. Phishing and Spoofing

    • 19. Phishing Scams Part 2

    • 20. Bots and Botnets

    • 21. DoS and DDoS Attacks

    • 22. Pings

    • 23. Man in the Middle Attack

    • 24. SQL Injection Attack

    • 25. Malware Section Intro

    • 26. Viruses and Worms

    • 27. Trojans

    • 28. Adware and Spyware

    • 29. Ransomware

    • 30. Other Types of Malware

    • 31. Defences Section Intro

    • 32. How an Antivirus Works

    • 33. Encryption

    • 34. Firewalls

    • 35. Biometrics

    • 36. Factor Authentication Methods

    • 37. Honeypots and DMZs

    • 38. Wireless Security

    • 39. Password Management

    • 40. Cyber Security Policies

    • 41. BYOD

    • 42. A Sample BYOD Policy

    • 43. The Security vs Ease of Access Paradox

    • 44. The Weakest Link and The Disgruntled Employee

    • 45. Cyberwarfare

    • 46. The Attack Against Estonia

    • 47. Stuxnet The Attack Against Iran

    • 48. Colonial Pipeline Attack

    • 49. The Sony Pictures Hack

    • 50. The Weakest Link and The Disgruntled Employee

    • 51. Biggest Myths of Online Security

    • 52. Course Promos

    • 53. Cyber Security Conclusion

  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.





About This Class

Have you ever wondered exactly how hackers 'hack'? Do words like firewalls, encryption, bio-metrics and malware sound confusing to you? Have you been looking for a course that teaches you all the basics of both information and cyber security in a fun relaxed manner? If so then you are going to find this course absolutely perfect for you.

This is a course that is perfect as an introductory one for individuals and students who are interested in becoming cyber security or information security professionals. It is also ideal for students who just want to have a well rounded knowledge about the basic concepts used in the world of information security.

'An expert with great teaching style: provided clear explanations and concise definitions. Topics were reinforced and made tangible using graphics and real life (or movie) examples. The quizzes helped me retain and feel confident about the material.'  - E. Wolfe

"Great intro to Cyber Security. I currently work in IT and I'm considering transitioning to InfoSec. This course was very informative and it has me motivated to continue exploring and learning more about the field of Cyber Security and InfoSec. I am even going to recommend this to my wife who works in IT management as it would be very useful in helping her understand the different concepts. The instructor is good. Speaks clearly and provides good examples." - Chris Loyola


This course is intended primarily for students who have little to no prior background or knowledge about the field of cyber security. 

Course Curriculum

In the very first section, we will cover the basic terminologies used and discuss topics like the trinity of IT security and computer protocols.

In section 2, we will explore the world of hackers and the hacking methodology. We will take a look at the different types of hackers and how they actually hack.

Section 3 will introduce you to the various ways how cyber criminals and hackers attack systems and networks. You will learn about the most popular forms of attacks such as 

  • Phishing

  • Brute Force Attack

  • DoS & DDoS Attacks

  • Bots and Botnets

  • and much more

We will then move on to cover everything about malware. You will learn the various forms of malware such as viruses, worms and trojans and how they differ from one another.

In section 4, you will learn about the methods employed by cyber security professionals to protect systems and networks from cyber attacks. You will learn how the following work

  • Antivirus

  • Firewalls

  • Encryption

  • Biometrics

  • Authentication Methods

  • and much more

Finally we will cover and discuss about other topics related to both information and cyber security such as the BYOD policy and cyber warfare.

By the end of this course, you would have gained a lot of knowledge and insights that can help to jump start your career as an information security professional. 

Meet Your Teacher

Teacher Profile Image

Alexander Oni

Web Developer & Cyber Security Expert


My passion is teaching people through online courses in a fun and entertaining manner.  I have been teaching online for about 3 years now and during this period, I have created over 25 different courses on different platforms including my own personal platform - The Web Monkey Academy.

What would you like to learn?

Would you like to learn how to build and manage your WordPress website? Would you like to learn advanced skills that will make you a true WordPress developer? Would you like to learn how you can establish a successful career as a web developer? Would you like to learn the basics of information and cyber security?

 If you want to do any of these things, just enroll in the course. I'm always improving my courses so that they stay up to dat... See full profile

Class Ratings

Expectations Met?
  • Exceeded!
  • Yes
  • Somewhat
  • Not really
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.


1. Promo: have you ever wanted? Exactly how hackers hack do you find Ward's like firewalls? Encryption, biometrics mal way A little bit confusing. Have you been looking for it? Cause that teaches you the very basics. Off information and cyber security in a phone. Relaxed manner. Well, if you answered yes to any one of those questions you in the White place. Hi, My name is Alex, and I want to welcome you to this course, the Beginner's Guide to Information and Cybersecurity. Now, this is meant to be an introductory course for anyone who is interested in becoming a cyber secrets professional or an information security professional. It is also ideal for students who just want to have a well rounded knowledge about the world of information and cyber security. So what exactly are you going to learn in this course? Well, we'll take a look at the technologist used in the world off. Information security will explore concepts like come to protocols and even the TCP I put a cold. You will They learn about the methodology behind hacking how hack is actually hack and how they think and how they operate. We will also take a look at the different ways. Our Satya criminals, attack systems and computer networks will also explore the different ways how cybersecurity professionals fight back, how the attempts to protect data and it works from several attacks will also cover a wide range of topics related to the world off information security, such as information, security at the workplace and even cyberwarfare. By the end of this course, you'll have gained a lot of knowledge and insights that will better help you understand the walled off information security and help to jump start your car via either as an information security professional or as a cybersecurity professional. Now, who are my to teach this course? Well, I have a carrier both as a cybersecurity professional and as a Web developer that I spend more than 10 years. I have been involved in different security projects for different companies over this period of time, and I also do have a masters degree in cyber security and have also been teaching online for about two years now. So I definitely have the necessary experience and qualifications to teach this course. So I hope you sort of forget cost today and I'll see you on the inside. But by 3. Connect with Me Cyber Platforms: so welcome to this very special video. And yes, I know that I do look very different from some of the other videos that you may see in this course. But that's because this coast was made a couple of years ago. And, as you can imagine, with cybersecurity there a new technical just coming out every time and in an effort to keep the course updated and ensure that you get in the best information, I do have to go on updates. Now this particular video isn't about an actual lesson in the course. It's more about ways how you can connect with me outside off the platform where you may be taking this course in. So essentially, I would like to invite you to connect with me outside off the educational platform. And if you're on LinkedIn, I do have a London account. My name is Alexander Bony. That's me right there. You can send me a connection requests, and please just mention that you are a student of mine and I'll happily accept your connection. I also have a page on it linked in a brand new page. It's called Lab Cyber. That's actually the name off my cybersecurity Educational platform lab cyber. That's the logo right there. So I do have a page on lengthen out, encouraged to please follow the page on later. Because I do update and provide lots off news regarding cybersecurity in general. So if you go to send me connection request only, then please also follow the page lab Seiple on Lincoln as well. I do have my page on Facebook, Lap cyber as well. So if you do have a account on Facebook, it's actually ah, love cyber training. But you can just sit for lab cyber on the sidebar. Andi, I believe you will find the link for you to follow now. Very, very important. If you do have a page, I'm sorry. An account on Facebook. I would encourage you to join the group. I do have a very special are private group. It's called the Cyber Monks. So I would encourage you to follow or join a group at least that where you can reach out to me a lot faster, a lot easier. Plus, you can also learn from other students who are in the group as also anything cybersecurity relate head are we discuss it in that group. Now, when you try to join, you will be acts. Two questions first is you'll be execute from that you have purchased one of my courses or that you enrolled in anyone. One, of course, is say yes. And then, please, the second question you'll be asked. Okay. Name one of the courses. Please ensure that you answer these two questions. If you don't, there is a possibility that I might not let you into the group. This is just to ensure that you are who you claim to be, because I don't people from outside who haven't and all that any of my courses to join the group. So it's not the most effective way, but at least it does help in in a certain way. So please do ensure that you answer those questions. And finally, I do have a brand new YouTube channel. It's called Lab Cyber Brand new. I just publish this channel about two days ago, so they consider. Right now it's still new. Only have three videos, but by the time you watch in this particular video, I might already have probably will have already are some other videos in there is also, if you if you want to learn more about cybersecurity because there's just so much so much happening in seven security, it's hard for me to make a course out of it. So I have referred making videos on YouTube and just to explain to you what's going on and things like that. So if you're interested, it will help encourage you to subscribe to the channel and also hit the bell S O that you notified whenever I upload a new video. So that's basically it's you can connect with me on LinkedIn, Facebook and YouTube. So that's a thank you so much. Now let's continue with the vest off the course. 4. First things First: Well, hello. Thank you for enrolling in the course. And before we get started, I wanted to spend a few minutes to introduce you to a few tips on how best to take this course here on skill share. Now I've pulled up one of my courses, which is the absolute beginners Gate of Cybersecurity. Just as an example. So don't worry if you taking a different course this video festival event to you. Now, if you go to the main course page, you should see a few tabs down in here. You should see the about tab, which is basically a short description of what it costs about reviews. If this class hasn't reviews, you'll find them in here now. Community is very, very important. This is where you can either aesthetic conversation. You can ask a question. So please, if there's anything that took the boat in this class that you're not comfortable with, maybe you didn't quite understand. This is exactly where you can ask a question. So please make use off this future. You can also share a project. So if have access to do something, maybe quitted project to do something like that. This is where you would be able to do so. All right, and then finally under Thank the teacher, which is under the committee tab. This is where you can leave a review for the course, and I really hope that you will enjoy the course and you will be motivated enough to leave a review. Just click on thank the teacher, and then you'll be prompted to write a review about the course of Please do that. If you really like the course now, your project is also a very, very important tab. This is where I will provide you with an assignment that you may have to do dependent on the course you're taken. Not all causes on Scotia will have in a 7% but if there is a product that you have to take for this course, this is where you would find the description of that project. Now, to the white, you can see I have attached files. This is very, very important because in this cause she about to take I will make a reference to the resource is or the downloads. Whenever I say seven things like that, I'm referring to the attacks files here on the your project. So please go right now to your project and then download all the attached files. That could be pdf's files that you'll have to read to improve your knowledge on the topic just discussed. Or you would also have zipped files contain images or logos or your father, maybe even video files. You can download them in all likelihood you'll have to use them and this particular course . So please take a moment to download all the attached files that you have in your pocket and finally, under all projects, have other students have done the project or something like that. This is where you would find such our products. That's of course, if they chose to share their projects. So that's basically how to make use of the features here on skill share. Now, if you'd like to connect with me outside of school share, I'm on LinkedIn. You can sit for Alexander only send me a request to connect, but just please make sure that you what time is it saying you a student of mine from school share so they know who you are? I'm also on Facebook. I have a page for my Web monkey, which is the monkey online. So if you're taking any of my what press or Web development courses all the commitment, you like this pitch because in here I upload tutorials are shared lots of useful information about what? Press some of development. So if you're interested, you can like my page on Facebook. I'm also on YouTube have YouTube channel, which is the Web monkey. I upload tutorials on the weekly basis, so as regularly as I can anything regarding website creation. What prayers With development. You will find such cereals in hip. And finally, I also have an about me page if it interested in learning more about me both as a person and as an instructor. I have an about me page on my period platform, which is the Monkey academy. Calm. Just go to the mechanic will come four slash pages for slash about and here you can basically read my life story about my family, my education, my work experience, how I stayed teaching online soon and so forth. So that's it. Just wanna learn more about meat, so that's basically it. Thank you so much. Full choose into in wool in this course and ah, let's get started 5. Difference Between Information and Cyber Security: so the very first time we need to talk about would be the difference between information security and cyber security. Is there actually a difference between this, too? Because they are used all the time. They're used interchangeably. So is there actually a real difference? Well, there is. There is a slight difference between both of them. They're both very, very closely related. But there's just a slight difference. And the difference have been that while cybersecurity deals exclusively with threats that you get online mostly, of course, that the Internet information security is a lot broader. It's all about the different kinds off threats that you get from being on line. It could even be physical threats such as criminals trying to break into an office to steal hard drives, even computers. That's basically information security. So you could say that technically cybersecurity is under information security. Cybersecurity is a more. It's more specific. It's it's more targeted at online threats, cyber threats, information security is a lot broader. It's all about the different forms of security against all the different hands of attacks, whether they're physical, whether the cyber attacks and so on and so forth. So that's basically the biggest difference between information security and cyber security and on one or the notes. Whenever you have countries like the United States or China, Russia talking about how they need to protect their infrastructure against threats online cybersecurity is the is the term that's usually used in such instances and such scenarios that you have. When you have a country that launches a cyber attack against another country, you're now technically in the world off cybersecurity. If that makes sense, however, when you have a company or business that needs to protect its it's information or its data form cyber threats, then technically talking more about information security. But then again, really, they're both so closely related that no one is gonna George you if you said information security when you should have said cybersecurity, because again they are really, really closely related. So if you have any questions about this, feel free to reach out to me. I know it can be a bit confusing, so do not hesitate to contact me and ask me your question. So thank you so much for watching and let's move on to the very next topic 6. The CIA Triad: Let's talk about the C I. A. Try it. And no, I am not referring to the Central Intelligence Agency. I am referring to a model there is designed to guide every information security policy. All seven security policy often organization. So behind every security policy, you have three core fundamental parts, which makes up the C I. A try. And so what exactly is this CIA Treadwell. The C stands for confidentiality. I stands for integrity and the A stands for availability. So what exactly do these three things? Meat. Well, first off, we have confidentiality. This limits access to information and physical mix show that Onley people with White Clarence have access to that information and a sort. It also ensures privacy. It makes show that data is kept safe and secure from the general public. Onley people with the right access would be able to view sitting information or data. That's all confidential T is all about. And there are several methods by which we can achieve this. We have encryption, which will talk about later. We have biometrics, which would involve things like fingerprint scans, ice cans, voice sampling and so on and so forth. We also have passwords, of course, probably the most popular confidential to method out there, and we also have security talking's as well. Next up is integrity, and this ensures that data has been sent from one point a lives at its destination without any alteration in physical. Make sure that dates have remains consistent and accurate. It makes sure that data has not been tampered with in any way, and there are different methods by which we can achieve this. We have the use off user access controls, and we also have check sums, which we'll talk about later as well. And finally we have availability, which ensures that date up is available at all times. Whenever people need to walk on data, it is right there waiting for them. And there are different methods of achieving this. We have backups we have. How do maintenance and repairs and we also have disaster recovery as well, which will talk about it later as well said to symbolise well, confidential T will involve sets off rules that limit access to information. That's basically all what confidentiality is all about. Integrity, on the other hand, is the assurance that information has not bean compromised. It's not bean all tired. It remains pure and unaffected. And finally, availability is a guarantee off reliable access to information by author wise people by people with the necessary clearance. So these three together make up the C I A. Try it, and it is the backbone off every information security policy, all cybersecurity policy, often organization. 7. The Security vs Ease of Access Paradox: so the major goal off any Sabbath security, professional or any information secrets professional would be to find the white balance between ease of access and security that by ease of access, I'm talking about how easy it is for employees or people in general to be able to access their files. The documents how easy it is for them to walk on the computers. Security obviously refers to how well protected computers are, or how well protected in network is So Here's the thing when you have way too much ease of access. If it becomes very easy for employees to get more done on the computer, yes, efficiency will be improved when you have. When you have too much of that, then security goes down because you should have things like passwords and place on other security checkpoints. When you don't have those and becomes very easy for an employee to walk on the computer, well, guess what. It will also become very easy for a hacker to be able to break in and do some serious damage. But then, when you have lots of security, let's say, for example, and employee before he or she can access the computer, they will have to do a fingerprint scan. Maybe they will have to put in a using them in the past sword. Maybe they might even have to say something so that the system recognizes their voice when you have all the security checkpoints in place. And, yes, the computer, the networks have become very secure. Unfortunately, though, it becomes more difficult for the employees to get work done because imagine on employees who wanted to be able to walk from home. Okay, they may not be able to do that because they need to be physically present at the place of folk, another to get the work, actually inner, to get clearance, to be able to access the files or data that they might need to walk on. So the major corn off too much security is that efficiency is reduced. Ease of access is reduced. So as a seven security professional, if you intend to be one is to try and find the white balance between ease of access and security, so computers and networks are secure, there will secure, but at the same time they're not so secure to the point where it becomes really difficult for employees to be able to get their work done off course. There will be major exceptions, like if the kinds of data the kinds of information the employees are supposed to walk on are extremely sensitive, then, yes, ease of access is not a priority. No one cares about ease of access at that point. It's all about security like. But for most companies, midsize companies, businesses there should be a balance between the ease of access and the security so that employees can get walked on efficiently. But at the same time, the computers and networks are also well protected. So that's the major goal off any Sabbath security, professional or information security professional. 8. Computer Protocols: If you plan on becoming a cybersecurity professional, or you just want to improve your overall knowledge off information security, then you need to understand what computer protocols are. So what exactly is a protocol? Well, a protocol is a set off rules that determine how computers communicate with each other. So if you have computers on the same network trying to exchange information, or maybe even have a computer trying to access a website, you have a protocol or even different protocols working behind the scenes. Now a protocol will also govern how an Internet document gets transmitted to a computer screen. So again, when you go online, if you're using Firefox or chrome or safari and you try to access a website, all of the images and text and videos that you see on your screen you have protocols walking behind the sense to ensure that you get to receive all that information. And of course, protocols will also determine what part of the conversation comes at which time and also how the conversation end. Remember that we're talking about the conversation between computers and networks here, so let's just start off with the two most popular particles out there, Which would be Http in h T T. P s. So, http, this is the hypertext transfer protocol. And the reason why I said this is one of the most popular protocols is because it determines how blouses and Web service communicates. So basically, http is the major protocol off the Internet. Whenever you go online, whether you're trying to buy something, we're trying to access the website or even if you're trying to play games online. You have http working behind the scenes now, One thing about http that separated from other particles out there is that it is a fair to as a stateless system. Now, what this means is that whenever your blossom makes a request to a Web server wants, that request has been satisfied. The communication between your Web browser and the verb several will be dropped. The connection will no longer be maintained, so it will only be re opened whenever again, you try to access another website or maybe even another page on the current website. So in such a scenario, where connections are dropped between the person making the request, all the system accepted the request that's called a stateless system. Now, https is the secure version off H T T P. The s just ends for secured. So the one thing that separates https from http is that with https, you have something called encryption, which means that all the information and text that you see on that website will be protected and secured from several criminals or hackers. So before moving on to other protocols, I wanted to give you real life examples off Http and https in action. Now, Right now, you can see on the website one page that has competed or comb. And you can see that we have this information right here, and I have a click on it. It say's your connection to this site is not secure. Now there isn't. Why you would say this is because we don't have any https. The basic political walking right here is http, particularly at a set like Amazon now, you also we have aged T T P s right over here. And you can also see the message that stays secure. Now, what this means is that https is enforced. Is the major a protocol in use right here. And this is very, very important whenever you are on a side were sensitive information would be exchanged, maybe credit card information or pin numbers or things like that. Https should be the major protocol in operation and not a city p. It's the PS tribute image or are critical in operation. So that's just one useful tip out there. Whenever you're trying to buy something online and you are on a store on e commerce store, if they don't have https, that would be a very bad idea to shop and such a website. I want to moving onto the next two, which would be the S S l and S S H. Now SSL stands for the secure sockets layer, and it's used by exit appears to provide encryption. So whenever you syrup says that have the https protocol, that means that they also have to secure sockets layer because it's actually the secure sockets layer that provides the necessary encryption. Now, ssh stands for secure shell, and it's used specifically by programmers and network administrators. So whenever a network administrator needs to log into the back end off websites or Web server to make certain changes, they will very often use s H to connect to the Web server because it is very, very secure. Now one thing you should know is that they are technically not protocols. SSL and ssh are not technically protocols, but they are always used by security protocols like the https sftp and some other ones out there for them to fully cooperate. And that's why we constantly mentioned as a cell and ssh, we never were talking about, Ah, protocols. So moving on to some other protocols out there, we also have the FTP and as FTP. Now FTP stands for the file transfer protocol, and it governs how files transmitted from one computer to another. So whenever you're trying to download files from another computer or from another observer , you have FDP in operation. Or even if you're trying to upload files documents as well, then FTP would be the political in use. Now s FTP is simply the secured form off the file transfer protocol. So this will provide encryption and make it more secure against cybercriminals and hackers . And let's also talk about the I'm map and as MTP protocols. Now I am up. It's simply the Internet access message protocol and of course, it controls how Internet messages are sent. So whenever you're chatting online, most likely it is the I'm map that is in control, right? Them while SMT B stands for the simple mail transfer protocol. And this governs how emails are sent and received. Now, of course, these aren't all the protocols that exist. There are several ones out there, but the ones have covered all the major ones that you should know about. So that's it for protocols. Thank you so much. Fortunate video. I will see you in the next class. 9. TCPIP: Another topic you should be familiar with is the TCP I. P protocol. Very, very important, very often used in the world off computer security is what exactly are these? Well, TCP stands for the transmission control protocol. Now what it does is that it divides a message off file into smaller packets that are transmitted over the Internet. And then we assembled when the destination is reached. So imagine you wanted to send a very big device or some sort of machinery to a friend of yours who lives across the country. Now send in the device as one piece might be difficult. So what you can do is to split up the device into smaller pieces. You could pick out the parts one by one, separate bolds, the not things like that and then send them in smaller packages. That's basically what TCP does. It splits up data into smaller packets so that the air transport it more effectively across the Internet. Now I P stands for the Internet protocol. Now what these doors is that it is responsible for the address off each packet that is sent so that they are sent to the right destination. That's Basically what happens to sippy will split up the data into smaller packets. I p would make sure that all those pockets are sent to divide destination. And then when all those packets have alive at the destination, Tous IPI takes over again and then reassembles all the smaller packets in tow, the original data or file that was sent so together differently as the TCP I P protocols. And they are. It's the particles used to interconnect network devices on the Internet, and they are divided into four major layers in the very 1st 1 is the data link layer. This consists of protocols that op Ooh, it's strictly on a link that connects host on a network. So whenever you have your computer Lincoln up to the Internet, that actual link itself is the detailing clear. An example of a political that would exist here would be the Ethan It political. Now we also have the Internet or the Nets walking Leah. This connects independent networks together, and this is where you would have the actual AP Protocol itself. So the Internet Leah is all about connecting networks now together and not just single hosts, but major networks next we have the transport layer that handles the actual communication between hosts. And this is where you will find the TCP political itself. And then finally, we have the application layer. This standardizes the actual detail exchange and this is where you would have protocols like Http and the FTP. So overall, TCP and I p is very, very popular. The air used for several kinds of communications that used mostly on the Internet used for emails. Whenever you're sending emails you're using TCP I p. And of course, whenever you're playing video games as well these are all examples off the TCP and I people calm into place. So that's it for the dizzy p i p Thank you so much for watching. I will see you in the next class. 10. World of Hacking Section Intro: It's welcome to this section where we're going to be talking about hackers. Hackers are the different types of hackers, how they hack and why they hack. And there isn't why this is coming very early in the course is because without hackers, we won't have Sarah security. There won't be a need for information, security or cybersecurity. It's kind of like cops and robbers. If we didn't have criminals, we might not need to have any police or what would be the point. So it is very important to understand hackers and how they act. When you understand your enemy, it's easier for you to defect them. So for this of this section, we've been talking about hackers and why they have different types of hackers that we have and also how they hacked. How do people actually hack into computer systems? And they took. So I hope you enter the section and let's jump right in 11. What is NOT Hacking: I'm gonna play you a clip from a movie title Sort fish. It's gonna be about 30 seconds long ago. Thereabouts. So just sit back, relax. Enjoy the clip, and I'll see you at the end of it. Take a look at this. What do you think I have been told with best crackers in the World Can do this in 60 Minutes needs someone who could do it in 60 seconds. 321 All right, so I hope you enjoyed the clip. It's on a movie title Sort Fish. It was released back in 2001 and you had some stars like John Travolta, Halle Berry, Hugh Jackman. If you're someone who enjoys thrillers or action movies idea and you haven't seen it told commend you watch it. It's a pretty good movie. So what exactly did we see in that seen? Well, we have a hacker who goes by the name off Stanley. Now Stanley has been hired by this character played by John Travolta, whose name is Gabriel. Gabriel wants Stanley to help him in this big, huge hacking operation. However, Stanley needs to prove to Gabriel that he's capable off taking the job so Gabriel tells him that he wants Stanley. He wants telling to gain access to the Department of Defense database were then just one minute. So you have Stanley doing his very best. His typing furiously at the keyboard. He's done everything he can to gain access. He prints, enter the screen, tells them access. Denied he tries again. Access denied. He goes even faster. He stopping forest on keyboard, his trained horses of different combinations, and he keeps on person. Enter, Enter. And, of course, in typical Hollywood fashion, the very last second he's able to gain access to the Department of Defense database. Here's a thing, okay, that sin is laughable, because in the real world of hacking, that never ever happens. It's not about how quickly you can type at a keyboard. That is just auto Hollywood garbage right there. Hacking is more about you sitting back trying to uncover vulnerabilities, weaknesses in a security system, And when you find those vulnerabilities, then you strike and sometimes gets in. Those vulnerabilities and weaknesses can take hours. It can take days. It can take weeks, months, even years. And that's what many times I like to compare hackers with snipers. You know, the guys who stay very fire way. They have a life full, that the point at a target, and then they can be at the exact same sport for a very long time. In fact, some of the best numbers have been known to wait at the same spot for days, just waiting for the perfect shot. And then when they see that opportunity, bam, that take the shot In the real world, that's how hackers usually are. They sit back, the pick a target. They look for all the possible witnesses, and then they start attacking. It's never about you type in quickly on the keyboard. That is just auto nonsense. Auto garbage. So I just wanted to let you know that what you see many times and hold movies about hacking is not feel that is not how hacking occurs in the real world. And of course, we'll talk about the various methods how hack is actually hacked. But I hope you enjoyed the clip. Hope you enjoyed this video. Hopefully, you now have gotten out of your head that hacking is all about how quickly contempt keep or no, if you have seen other movies about hackers, and you'd like to share some of those movies, please feel free to use the Q and A for other students would like to watch those movies as well. I personally would also love to hear from you as well. If you have seen are the movies where hackers are depicted either in a good way or era in the way or in the long, Just let me know so thank you so much fortune and let's get into the very next class. 12. Types of Hackers: Let's talk about the different types of hackers that we have. And believe it or not, not every hacker is a bad person. And I know this may come as a surprise to you because way too many times, whenever people talk about hackers and hacking in general, there is always this negative mindset that comes with it. Hackers are bad guys, hackers of those who steal credit card information, hackers that those who hack into American elections, things like that. And it's partly true because he has. We do have hackers like that, but it's patently false because not every hacker is a bad person. So let's talk about the different types of hackers and why they hack. And the very first of of hacker would be the white hat hacker. These are the good guys. Guys like me were the ones who protect cos data and networks from the bad guys. Now you might be wondering, Okay, how exactly do you hack to protect data? Isn't hacking all about trying to get your hands on that data in the first place? Well, yes, but we do have people called certified ethical hackers. These are people who are professionally trained companies hire them to hack into the networks with a purpose off, trying to see if there were any vulnerabilities. So you hack a network in order to uncover what the weaknesses are That is the legal side off hacking. That's why they are called certified ethical hackers. So these are the good guys. These are the white hat hack is These are also those who protect networks and data from the bad guys. The bad guys in this case now are the black hat hackers. These are the guys who had because hey, they want to make money doing it. Still critical information. They want to co opt the website, lose at the bad guys. Oh, my. But in between the white hat hackers and the black hat hackers, we have the gray hat hackers kind of a mixture off a white hat hacker and a black hat hacker. So how exactly does that work? Well, I will make a very small confession to you right now. I used to be a gray hat hacker, and every now, every once in a while, I do becoming grey hat hacker. What do I mean? Well, here's a thin go ahead. Hack is hack not for financial motivation, but a hack head of curiosity. Can I get this password? Can I get access to the network? They do so because they are curious. Can I actually do this? I Am I good enough to do that? That's why they're called Gray Hat. Now. You may have read online about people who deliberately hack into networks and then when they uncover the vulnerabilities, the old sent an email to the CEO or maybe the CEO of the company saying, Hey, I was put him on the little yesterday and I uncovered this vulnerabilities you need to patch. They're going to do that. Those are gray hat hackers they basically had, because we want to help you. However, here's the thing. It is illegal for anyone to try hacking into a network. I don't care whether your motivation was genuine or not. It is illegal. That's where the black hats aspect comes into play. The white hat aspect comes into play because these guys don't didn't have because they wanted to still data. They hacked because they wanted to see if there were any vulnerabilities and men, and then when they uncovered those vulnerabilities. They let the company know that's where the white hat hacking aspect comes into play. So it's basically in a nutshell. Inside off on requested help the conference. They ask for their help, but they're given the company to help anyway. So some companies will be happy and say, Yeah, well, thank you so much for letting us know about this. This problems other companies would be like, Well, we didn't give you permission to hack on. It took. So why did you do it? So great hats. Another good, the nether bad. And people like me. In fact, lots, lots, lots of hackers, Whether they're white hat, hackers of black hat hackers are usually also gray hat hackers. We hack out. Of course, if you want to know African actually do this. Can we actually get access? Can we? How good? Only. It's basically a way for us to test ourselves. Now let me just say right now that look, I am not in any way advocating for gray hat hackers because, like I said, when you spend time trying to hack into a network on toe into a complete system, it's usually illegal. So my advice to you would be to always try to get permission first before you attempt to do such a thing. I'm not occurred in you to become a gray hat hacker. Please stay white. OK, don't become a black hat hacker or great have acolyte. Now we also have another group of hackers called the script Kiddies. Now, in the world of hacking on technology is a script. Kida is a derogatory term. It's basically used to describe people who are amateurs, beginners, people who are new to the game. So in online communities, you can see someone calling another person X script Kiddie. Oh, you're just a script kiddie. You're someone who doesn't know anything. So that's one that's a bunch of hackers they should know about. They're not really professionals. They're not really dude of what they do. They're just amateurs. And finally, we have people that call hacktivists. Activists are people who hack primarily for it up a political purpose or a social purpose, maybe even a really just cause. A classic example would be anonymous so many times you see on the most getting themselves involved in social matters like our elections. Abortion, wides gone, Why it's things like that. That's usually where you have activists comin into play. You could also say that people from the Wikileaks are activists. Even Edward Snowden arguably is also a hacktivist. They're not really in there because off financial motivation they had because they believe in a particular purpose. They believe in a particular cause, and many times activists are usually favored positively by the regular people. A lot of people will favor them in a positive light. And so, yeah, you know, they did something good they had because they believe in it. The government, on the other hand, usually wouldn't fit a hacktivist as the bad guys because they many times go against what the government wants to do. So I usually have this sort of clash between the government and activists. But then you also have a lot of people, regular people who will actually support activities because they say activists, people who hack for those who don't have a voice is they say, hacktivists, people who make statements for those who don't have a voice. So these are basically the five major types of hackers that we have. We have the white hat hackers, the great have hackers, the black hat, hackers. We have the script, kiddies. And then we have the activist. So I hope you've enjoyed this video. You have any questions about this terms? Let me know. If not, I'll see you in the very next class. 13. Hacking Methodology: Let's take a look at the general hacking methodology, and I should tell you that different hackers have different ways of going about the business. But this seven steps just about to learn are the general ways how most high castled go about their business. So the very first step right here would be foot printing. So what exactly is footprints and, well, this is the use of passive methods off gain information about a target. So Hacker will typically try together as much information about his target before actually striking. So it footprint in its a very laid back approach. Very, very passive. Examples of this would include things like the Who is query, which will talk about later Google searches and even job board searches as well. So I guess, of a job boards such as an example, if a hacker I wanted to find out the kinds off software being used in a particular company , he could try saying Eve job positions that are related to software develop our or systems administrator have been posted before because usually when companies advertise such positions, they'll talk about the necessary skills required, so that could include name in the kinds off software that the intended applicants should be able to know how to use. So this is on the ways how the hacker can find out information about his target. So next would be scanning, which is now a more active way off gathering information. So examples have could include things like your port scan in pink slips and even a physical observation off a target or facility. That's what we have we have on their these canon face Now. The third step would be enumeration, which is an even more active way off gathering information. Now, over here, the kinds of information that can be gathered here would include things like user names and passwords so you could have social engineer mean at this particular state will talk about social engineering a bit later. But this is probably the most active way how and hack I would be able to gather information about his intended victim. So now in stage full, we finally have system hacking. So this is where the hacker finally strikes at his target. Based on all the information that he has gathered from the three people steps so far, Next would be escalation off privileges. So in this case, right now, in this stage, the hacker tries to gain as much control over his targets. That is really attacked. So an example could include moving from a low level account to an admin account. So basically the hacker trusted gain as much control over his target. The six stage would be Colvin tracks. So basically the attack a trust to cover all his tracks and destroy any possible evidence to avoid detection. So if a hacker can attack a system or a network and remain behind the sins remain hidden, he can exert as much damage as much control as possible. So Corbyn tracks very, very important. And finally we have planting backdoors. Now a back door in the I T. Security technology. We first to you a logical or virtual door that allows an attacker to regain control or we gain access to a system on network later. So it's basically a hacker saying, Okay, well, I'm done for now. But later in the future, I would like to come back and do some more damage or get us some more information from this particular target. So I'm gonna go ahead and plant this backdoor, which would allow me to gain access a bit later. So that's it for the general methodology. Off hacking. Thank you so much for watching. We'll see you in the next class. 14. The WhoIS Query: all right. So the people's video, we talked about the methodologies off the hacker and in the very first state we talked about footprints in and we said, Foot point in is the passive ways by which a hacker can gather information about a target. And one of the key ways is using who he's queries. Now, this is the ICANN who is website now. What exactly is this? I can Who is website will every year we have millions off. Individuals are we have businesses, entrepreneurs, organizations, governments. They already stand new domain names, new websites now everything they do. So they must provide some form of identifying and contact information. So this could include things like name, a melon address, a phone number and fax number, and so on and so forth. So all that information is generally referred to as the buoys data. All right, so basically, with the Lewis tool, you can look up the admin contacts for any website. So, as an example, let's just come in here and a little type in facebook dot com. Yep. Facebook. Let me just put into the capture in here Keen Colorado close that. Oh, look up all right, So right now you can see we do have three different contacts, although it's pretty much the same way. Half of the registrants, the admin, and it takes contact. You can see why, Then we do have the melon address once exile, when we load Miller Park, California we do have a phone number. We do have a fax number, and we also have an email address as well, which is domain at FB toe com. So with Facebook, it's not gonna be as easy for anyone to use this information. To course malice, because the people that Facebook, of course, are well trained. They know exactly what they're doing. But for any small sized website or any person who is naive about how cyber attack is able to gather information, what they could do is they could simply call this phone number that they see right here called the person and say, Hey, we're from the Cyber Security Policy Organization. We would like you to tell us, you know, blah, blah, blah, blah, blah or something like that. Or or they could simply send an email to another email that find over here over there saying, Hey, I tried together you some information about a certain product. Could you click here to fill the survey? Now? The link that they will send in the email will be a link to some sort off virus or some sort of malbert that can cause harm. So if you've ever wondered how people get people's phone numbers and email addresses, well, this is one of the key places where he'll get a such information from now coming down here , you can also see that we do have the registration expiration dates so facebook dot com the domain name is going to expire 29th off March 2025. So maybe you might want to look out for this one. Who knows? They might forget to renew that the main aim, and then you you can quickly go in there and buy facebook dot com. Imagine how fantastic there would be. Facebook would have to pay millions to get the main name back for me. So ah, good luck waiting on that one. Now, over here to the body can see we do have name service. Now. To most people, this is useless information. You know what's the name servant, but to experience hackers. They could use this information to begin planning the very next stage off an attack, just letting you know. So that's it for facebook dot com. Let's take a look at another website, which is WP Uh, sorry about that. WP beginning the comb. All right, let's look this up and see what we have. Now if you don't know this website, it is a fantastic website. If you're looking to learn how to use what press, that's basically what the block is all about, they can see once again that we do. We have three contacts. It's pretty much the same information, but we have the person's name. The person's name here is said, balky. The decision is boy genius Inventions L L C. We do have a 1,000,000 address. We have a phone number and we also have an email address, which is said balky at gmail dot com. So again, someone who wants to attack this particular upside could decide to fix a malware or virus too attached to an email, and then send that email to this pressure, right? Yes, and hey Ah, click here to find out more about this particular put up or something like that. Now, I am not saying you should do this, okay? That's my disclaimer. If you're caught you on your own, I am not Titian you. I'm not asking you to go ahead and attack all those upsets. I'm simply showing you how to use the ICANN who is tool so you can actually go ahead. And if you do have a website, you can go out there, put your name in here and look up the information. Now, if you're not happy with the kind of information that's available to the world, you can decide to protect your who is information by making a private Now, what you want to do would be to contact your Web hosts. If you're using any good Web host, they should be able to protect your who is information so they will make sure your name, your mailing address, your phone number is all protected so that people from the outside world will not be able to look up your personal information. So that's it for the ICANN who is website. If you have any questions about this, of course, feel free to contact me. Thank you. Fortune will see you in the next last 15. Social Engineering: So now let's talk about one of the key ways. How hackers are able to gain access to information and systems. And I'm talking about social engineering. Now. You think to yourself that the very best hackers in the world of those who are technically gifted people who can wide viruses, who can write code, who are very good at hacking networks. And, yes, it's always nice to have those technical skills. But the best hackers in the world actually very good at one thing, and that is being able to get information from people by simply talking to them. In other words, they get people to give them the information that they want. Shot and spending days and weeks long strand figure out what the password to a particular system is. They can simply just talk to the person who owns the system and get the password they might be thinking. Okay, how does that work? Well, you may have seen the movie clips before. You may even have read about real life stories like this where? Let's imagine Becky. There was this lady who walks in the accounting department off a company enemies Becky. So Becky receives this phone call from somebody called Mike who say's that they are from I t. And it might say is hey, Becky hiding today? Good morning. And Becky will be like, Hey, good morning. Who is this? And then Mike would say, Well, this is Mike from I t. We just discovered that your system has a malfunction, and we need to clear out seven things from your memory. Could you provide us with their user name and password? Against that, we can make sure that you're actually active of the network. You know, something like that. And Becky been, well, maybe a bit ignorant. Remember the fact that the person appeared to be so confident and calm on the phone that she actually trust the person Beckett goes on to give the person how using them and passed with. And then Mike, who is actually the hacker, would be like, Yeah, thank you very much. Okay. Yeah. It was just confirmed that your system is better than that talk. Thank you so much and have a wonderful day. That is what is called social engineering. The ability for a hacker to gain sensitive information without needing to do anything technical just picking up the phone and talking to the person. In other instances, it could be the ACA, the hack actually coming face to face with the person that they actually get the information form. It could be a guy who invites the target out for a drink. They go to a bar, they get drunk. And then while the victim is drunk, the person starts playing out secrets. Yes, we use this particular software for our systems every day. We want updates from eight AM to you know, stuff like that that is social engineering, and it is very, very common these days. Now, thankfully, lots of people are becoming more and more aware off this kinds of tactics. But again, when a hacker is very skewed at social engineering, many times they're able together. Information gets access to passwords, user names with minimal effort because they have that ability. So social engineering is the most effective way how hackers are able to gain access to information because they don't need to spend hours weeks. Everyone's trying to figure out exactly what the password is, that just pick up the phone, the call, the intended victim, and they get information, and that's it's and the very best. Hackers are very good at social inch knowing, So that's his for social engineering. Thank you so much for watching I'll see in the next class. 16. Attacks Section Intro: So let's take a look at the different ways. How hackers and cybercriminals at tax systems and networks. Now, obviously, I'm not gonna cover every single way, as there are hundreds of different ways how attacks are carried out. But what we're gonna cover in this section would be the major ones that happen very are regularly the major ways how attack is and cybercriminals hack into systems and network. So you have head of a few of them before, like the DOS attack, the man in the middle attack and some other kinds of attacks like that. So we're going to take a look at them one by one and off course. I will see you in the beginning of the Bendix section chairs. 17. Brute Force Attacks: All right. So let's take a look at one of the oldest forms of attack and a very, very popular one, which is the boot force attack. So what exactly is the boot? First attack? Well, this is considered to be a trial and aero attack against passwords, maybe even pin numbers, encrypted data, and so on and so forth. Now the reason why it is a trial and error attack is because it checks all possible key combinations. So you have the hacker who tries every possible combination off Aleta, figure or symbol, all in attempt to get the right combination for the password. Now, automated software is typically used to generate a very large number off consecutive guesses. So it's not going to be the hacker who types in manually every single combination you have sort so they can actually do that for them now it is considered to be infallible but time consuming, infallible because eventually, eventually the hacker would get the password if he keeps on trying every possible combination. But guess what? It can take years. Yes, to get the great combination for setting kinds off passive, because such an attack depends heavily on the key length. So the longer a password is in the length than the more time it is going to take for a hacker to crack that password, try to think of the beautiful attack and the same way as a Bogle, a trend to break into a safe. Now he knows that there is a combination that needs to be entered for the safe to open, so he begins to try every possible combination. So the more characters that our code or password will have, then the longer it's going to take for the password to be cracked. Now let's take a look at an example. All right, let's imagine that a password had just two characters, just two characters in length. Now this would only take 3844 guesses. Why? Well, let's take a look at this. Well, imagine the very first character. You can either go with a lower case. Letter in the book is later or with a number. All right, let's just imagine that this person is not using symbols for the first character or the second character. He can only use lower case letters, uppercase letters or numbers, so the entire combination here would be 26 plus 26 plus 10 which would give you 62 same thing with second character as well. You can either go with lower case letters, all because let has again. So everything equals 62. And finally, the total number of politicians will be 62 multiplied by 62 which is 3000 844 guesses. It may be thinking to yourself, Well, that's a lot. That's almost 4000 guesses. But guess what? With automated software, these can be generated within seconds. There are very powerful software that can generate such number off guesses within seconds. So definitely you should not use two characters for your password. Now there is a special, kind off brute force attack known as the dictionary attack, where every word from a dictionary is used in an attempt to crack that password. And this is one the reasons why it is always recommended that you do not. You do not use words from a dictionary for your password. So what are the general ways? How you can fight against brute force attacks? Well, obviously, using strong passwords, make sure your passwords have a minimal length off eight characters. Make sure the combination off uppercase letters, lower case letters, numbers and symbols as well. Then you can also restrict the number of times a user can attempt to Logan successfully. You may have seen this on many websites already. Where you're told you have a maximum off three attempts to Logan successfully, and then you can enforce a time out for users who have exceeded that specified number or filled log in attempts. So when you have all these three in place, brute force attacks would be very, very, very tough. Find one to crack your passwords using the brute force attack. So that's it for the brute force attack. Thank you so much for watching. We'll see you in the next class. 18. Phishing and Spoofing: let's take a look at two or the major forms off at tack, which are extremely common in the modern day world, and that it's phishing and spoofing. So what exactly is fishing? Well, fishing is a former Florida where the attacker or the summer criminal pretends to be a reputable entity or person in about to gain access to sensitive information. Now it is very, very common with e mails. This is the major way how hackers are able to execute phishing attacks through emails. So what happens here is that the victim, the Internet I get will receive an email, and that email will have either a link or an attachment that, if clicked on or download it, will install malware on the victim's computer or device. This is the typical way how hackers are able to execute phishing attacks now efficient. The worst fishing itself is a homophone for real world fishing, where you have the fishermen of the present and efficient who puts some bait around the hook and then puts the hook into the water, hoping that the fish would go for the bait and then in the process, get hooked and be caught. Now It is very popular because it is easier to trick someone to give them access to data passwords than actually breaking through the computers defenses. That's why fishing is extremely popular among hackers and cybercriminals, and also you don't even have to be technically sound enough to pull off a phishing attack. Now it is often built around popular events and holidays, so you can imagine doing Christmas. You can receive email saying, Ah, click here to save 15% on all your Christmas purchases or click here to book three weeks free. Stay at this popular hotel stuff like that. That's how AH hackers able to execute phishing attacks they usually use them or the very popular doing popular events and holidays Now logos off well. Companies are often used to fool the victim. So, the victim say, is a local from a reputable competent, like maybe Sony or Amazon. It might instantly be fooled into thinking that, oh, this is a legitimate email now misspelled. Your bills and sub domains are also used, and you can see two examples everywhere. We have discounts dot Sony dot com. No, Sony might not actually have a sub domain that says discounts of Sony dot com. But because the victim here sees Sony and the Websites address, they immediately think that Oh, this is just Ah, child website off the major Sony websites. It must be legit. And then, of course, we have the misspelled. You are girls like amazon dot com. So if the victim isn't very vigilant them, I just see the words am ese o n. And then I just think, Oh, it's Amazon And then they look in not knowing it's actually hammock Zune and not amazon dot com. So these are two very common tricks employed by phishing Attackers. Now spearfishing, which is a from a fish. In our attack that I directed spits at specific targets she could be going after, maybe the government over business where bank those would be spear phishing attacks, attacks against specific targets. Now there are tax today, even more specific, and this would be attacks against senior executives off a company, such will be called a whaling attack. So when you have a separate criminal going after the senior executives off a major company , that is what we call a whaling attack. Now emails spoof in or spoofing is simply the forgery often email Heather so that the email appears to have originated from someone or other than the actual source. So it's extremely smart, efficient and in many people even used the towards interchangeably spoofing or phishing. So it's basically just and attack out, being able to forge an email headers so that the victim things that the email came form an actual reputable source rather than the original. Our source itself. Now fighting against Vision world, there are three major ways of doing this. Force will be vigilance, so the more vigilant a person is with the garden misspelled. You are wells and sub domains. Well, the better prepared you will be against phishing attacks. Now use off email filters are lots of email feel that's out there that are able to detect phishing emails and automatically to live them. And there is a website, which is the Ford Watch international dot com that keep track of all the latest fishing trends. The latest E mills and email head has been used by phishing attack as to fool people, and of course, you can visit our website to learn more about this. So that's it for phishing and spoofing. Thanks so much for watching See you in the next class 19. Phishing Scams Part 2: All right, Welcome to part 2 of fish in, and in part one, we already talked about the theoretical aspects of fish and you know what it is, how it's done by having parts, Your Honor, show you an actual real life example of not just one, but two phishing e-mails I've gotten from YouTube. So the idea here is to show you what they look like and the thins look for. Whenever you receive such e-mails, that will let you know that it is indeed efficient e-mail. I I do have a YouTube channel, lab cyber, be sure to subscribe. And I got this email from YouTube support. You can see the name My dad says from YouTube supports. And they do have the logo. Okay. It must be legit. And the message here says that some some videos you recently uploaded to your channel has been flagged as inappropriate, my gosh, inappropriate videos by clicking, Edit, inappropriate videos by clicking the link below. If you don't edit inappropriate videos in your channel, your channel will be suspended. Your job will never allow an appropriate video uploads. And of course you have that nice juicy button here that says, Click here to edit. Okay. Two things. I know this is already fade because I don't upload inappropriate videos to YouTube. But secondly, if you take a very close look at the from, you can say, it says from Egypt to provide. But then if I hover effect, you can say divide, it says reply to, you can see the you can see the April edges right here. It is Mary Berry, 39 edge And if I hover the YouTube support as well, you can see the same. Marry my eBay, I believe that's how you pronounce it, Marybeth, that in nine, at, you can imagine YouTube, the actual YouTube company using an e-mail address like this. Does that make any sense? No. So if I did, I know that this is absolutely fake. However, if I also hover on the link, actually this is not a good example because this link has already been disabled. Now, let me show you another phishing email from YouTube again. Now, this one is a bit more threatening. The headline here is worn and as the title of the e-mail warning. And here is the message with the aim of easy intelligibility and transparency. We update in our terms of service for YouTube channels, but please accept a new terms and service by clicking on the link below. Otherwise, the monetization future over YouTube channel will be disabled within 24 hours. Are you starting to see a pattern in this kinds of emails? It's always a threat, right? You need to do this or else you're going to be suspended. You need to do this or else you will not be able to make any more money, things like that. Now, if I hover on the from name right here, you can see at least this guy or this guy is, they went to some efforts to have, at least trying to get their images look similar to YouTube. It is white seed one in the worn at So this is AB, so fake. If you're going to receive an email from YouTube, it usually will end at Okay, so right there, I know that this is completely fake, but if I hover on the link, I'm not going to click on the link. Do not ever click on these links. If I hover on the link and you can look down, did, can you see where it goes to e goes to our plt.plot CEO, forward slash 700, blah, blah, blah, blah. Right there. You know that this is not taking you to YouTube, it's taking you to another site. So these are the two primary ways how you can tell when an email is efficient scam. One, it will have some from a threat. You will lose access to our services, your account will be suspended. Or it could be another kind of e-mail that will invoke some form of fear, for example, usually from PayPal and paper, by the way, does the company that's usually impersonated the most when it comes to fishing, I think YouTube is number two, but PayPal is number 1. So if PayPal, you might receive emails like suspicious transactions recorded in your account, or they might even say something like you sent money to somebody and you know, you didn't send money to that person. So you become scared why you want to click on the link and find out what's going on. So be very, very careful whenever you receive such e-mails that invoke some form of fear in you. Think twice before clicking on those links and then do your due diligence hover on the forum name and then look at where it points to look at the email address that points to hover on the link. Never click on the link hover on the link and see where it also points to lie there. You'll be able to tell that these are phishing scams, phishing emails. Now one question you might have is, okay, what if you actually clicked on the link? What's the worst that will happen? Well, what most likely happened is that typically, when you click on the link, it will take you to an external page where you'll be asked to log in with your username and your password. Now that paid is going to look very, very, very similar. In this case, my identity to look very, very similar to YouTube. So use the YouTube logo idea that pixel the bill to look just like the O'Donnel kind of page. But the difference here is that when you login and you provide your use them when you pass on, you log in, those credentials are immediately sends to the hacker. Therefore, they will have access to your email and your password. That's how this works. So that's what will happen if I decided to click on the link. So that's it. Hope you enjoyed this practical examples on phishing emails. And at this point, you should never, ever, ever fall victim to a efficient MLB shut to inform your friends and relatives, those who feel they might fall victim to these kinds of scams, be sure to inform them, let them know so that they stay safe. Thank you so much and I'll see you in the next class. 20. Bots and Botnets: Let's talk about boats and botnets to very popular terms in the world, off network and computer security. So the first thing you need to know about boats is that it's actually short for robots. The full word is actually robots. Bots is just a shortened would, and boats are also very commonly referred to as zombies or zombie computers. And the reason why is because in a bought attack, an attacker would gain complete control over the infected computer using a Trojan horse. So basically, the computer can be used to do anything you have. The attacker manipulates in how the complete old actually work, and that's why they referred to as zombies. Now the infected computers performance is usually severely degraded. So many times, if an individual notices that he's our system isn't performing quiet as effectively as it's used to. It could be because the computer has become infected and is actually in our part off a botnet and a botnet. Of course, we first to a collection off bots. So when you have multiple boats all under the same control, we refer to that as a bought nets. Now, the person in charge of a botnet would usually be a bottom master or a bought herder. These are the two terms used to affect people who are in control off the botnets. Now, a very popular server that you should be aware of is the command and control server. This is actually the survey used to issue commands to the boats in a botnet. So you have the attack out who would use the command and control server to pass instructions to the computers that are in the botnet. Now, botnets are very often used to perform d does attacks, which we'll talk about in the Vertex video. But I did. This attack is a very, very powerful attack and often requires thousands and thousands of computers in other to pull off. So botnets are usually the very commendable used to perform sort and attack. And over here we do have a diagram giving you an illustration of how the botnet actually works. Now you can see the attacker right there and because he has control of all the boats around him, we have the victim right there at the bottom of the screen. And now the attacker is able to issue commenced to all the boats via the Comment and Control Server, which you can see at the center off the screen. That's basically how it works. The attacker has complete control over all the bolts and can tell this computers to do whatever he or she pleases now. Prevention. Well, updating your anti virus and anti malware products are one of the best ways to fight against being becoming part off a botnet and, of course, not clicking on suspicious links. Remember that one of the key ways how computers become boats is by clicking on Trojan horses. So you have the attacker who will send out multiple emails, two different accounts and then when the individual of the victim clicks on any one of these links in the email that actually has a malware, that committee becomes infected and will become a bots and could be compact off important. So not clicking on suspicious links and updating your anti virus and anti malware products are easily the two most effective ways off fighting against becoming a bottle part off a boat net. So that's it for boats and both nets. Thank you for watching. We'll see you in the next class 21. DoS and DDoS Attacks: So let's take a look at two other very popular cyber attacks. The DOS and DDOS attacks, otherwise known as the denial of service and the distributed in AL off service attacks. So let's take a look at a very common scenario on a daily basis. You have a Web server in this case right now, the Web server for BBC dot com and then you have a computer making a request. Maybe the individual wants to get the content for a particle, a page, maybe the content for the home page. So the Web browser for the individual to make the request, saying, Hey, give me content now the Web server for business combo to respond in kind, saying, Well, here you go. Here's the content for the home page. He was the content for this particular article, right? But now imagine it's now will wear this particular individual makes over 100,000 requests at the same time. What happens here is the Web server from a visitor. Com is going to become awful wimp because it has so many requests. It cannot keep track of all this request, and as a result, the server is going to put out off action, the seven is going to be knocked out. This is what is referred to as a denial off service attack, where an attacker since Seoul minutes, so much traffic, so many requests to a server knocking to serve it out in the process. Now, with a distributed denial of service attack, the objective is the same. The objective is to knock out a server. The main difference have been that with a D dos. What happens is better than one single computer making the because you now have thousands and thousands of computers all over the world making those requests at the same time. So it's a lot bigger in scale, and it's a lot more difficult to combat against. DDOS attacks are a lot more severe than it does attacks. Simple because off the scale off such an attack. So let's take a look at some of the things you should know about the DOS and DDOS attacks Now. As I said earlier with a DOS attack, the attacker will flawed servers and their talks with useless traffic, all with the objective off. Looking out the server now our website becomes inaccessible or there is an enormous amount of spam email. These are usually the two major indications that a DOS attack is on the way. Now one of the best ways off fighting against a DOS attack is to simply block the I P address off the source. Since it's one single source, it's a lot easier to fight against all. You have to do a bit of block the air P address off that particle. Our source. That's the usual way off. Fighting against the doors attacks now with a distributed denial of service attack. It's a lot harder to combat because traffic comes from thousands of different sources when no longer getting traffic all four months single source for getting traffic from all over the place. Now it is also more difficult because it is hard to distinguish between legitimate. There's a traffic from attack when spread across so many sources. So this is another reason why did those attacks are very difficult to combat against now? Did those attacks are often distributed using botnets? That's usually the middle way, how hackers are able to make such requests from thousands of computers at the same time because they are in control off all those computers now doors and did. Those attacks are very common with activists. It's very often hacktivists. Hold, employ this kind off attack, although there are many several criminals out there who would actually use DOS attacks and the those attacks also but usually activist and to be the ones who often use such attacks. Now combatant against those attacks is not easy. But there are three. Mitchell weighs how to do so now over provisioning. Bandwidth is one of the best ways where a company can buy so much band. With that, it becomes more difficult for them to inundated Web service now. This wouldn't exactly stop or prevent a DDOS attack. It was simply make it more difficult for the Attackers to inundate the Web service. Because there's now a lot more band with now creating the Dido's playbook. This is what many cybersecurity specialists would often do. They will have a policy in place that would combat or they'll provide solutions whenever there is a detours attack. That's one of the best ways of fighting against it. Those attacks having a playbook or a policy in place directing the company on what to do when there is a DDOS attack and finally calling a D Does specialist There are companies who specialize. President gives it those attacks we have come I and we also have cloud flip. So that's it for the doors Indeed. Those attacks thinkers about fortune I will see you in the next class. 22. Pings: all right. So we just talked about the denial of service attack and the distributed denial of service attacks. And remember, I said that in both attacks, useless amounts of traffic are sent to the server. The target server and I wanted to quickly show you an example off such a useless traffic. And that would be the pink, the pink traffic. Now, you may already know what a pink ISS, but if you don't well, a ping is simply a network command. It's used to determine whether or not a particle out server is working if it's on line. So basically what you would do is as an example, if you are using Windows or if you're on your Mac, I go to the command prompt. So for Windows, it's going to be the Windows key and our I'm gonna type in CMD and this is gonna bring me to the command, prompt, as you can see right now. So, typically, if I wanted to find out if, ah CNN dot com, I was working okay, I could simply comedian seeping. Www dot CNN dot com Chris enter Now you can see that we have reply, reply, reply, reply So this means that indeed, CNN dot com is online. The website is working. Sometimes people use the pink to test whether or not they have Internet connectivity problems. Sometimes you may not be able to reach a certain website, and sometimes it may not be the weather that has the problem, but you there might be something wrong with your own connectivity. So one of the ways how network administrators are test is using the Pink command. They'll try to ping the websites address and then see if there's a reply. Then they know that the problem is internal and not with the actual Web site itself. So right now you've seen I sent out a ping. So what happened right here was that the Web server for CNN had to response. And yes, yes, I'm alive. I'm online on a plane back to you. So, in a denial of service attack and the distributed denial of service attacks, such commands like the paying paying ping there, would be in the hundreds of thousands, maybe even millions. So this is the example off the kinds off useless traffic that can be sent to a Web server. In my case, right now. This wasn't useless, per se. I wanted to generally find out whether or not CNN was online. But if I decide to send out the same ping request millions of times at once, then you know I'm being militias. And this is exactly how a denial of service attacks and distributed denial of service attacks are carried out is one of the ways one of the few ways how they are carried out. They send out tons and tons of pink requests. So that's it for the pink. Hopefully, you've learned something new today. Thank you for watching. I will see you in the next class and actually before I go. Linda's as well, just show you. If you are interested in learning more, you can come down here to Wikipedia. There is a very good article about the pink. Then they're talking into little, which is paying, and it is a little bit technical, so I really don't know how far you want to go, but you can learn some pretty cool stuff from Wikipedia about pink. So that's a thinking fortune. I will see you in the next class 23. Man in the Middle Attack: So let's talk about another major attack, which is the man in the middle attack. And then what happens here is Maginness. And everywhere we have two computers interacting with one another, you have them exchanging data and information. Everything is going smoothly until we now have a Hecker who is able to position themselves virtually in between both computers, and they're able to intercept the messages being transmitted from computer wants a computer to and vice versa. This is the man in the middle attack. So a hacker virtually is able to place himself ourself in between two computers who are communicating with one another and is able to steal, even modifying the data being passed in between such computers. So let me give you a real world example off a man in the middle attack and two divers. I am going to take you back to the good old days before the invention of the Internet and e mails. So let's imagine we have a guy named Jim who had a letter saying, I love you, too. Jessica, who now the postman intercepted letter The postman, in this case being the hack up here, then edit the letter to I hate you. Jessica then received the letter, and then, finally, poor poor Jim wonders why Jessica never called him again. So this is a real world analogy, a real life scenario off a man in the middle attack where you have someone who is able to intercept messages between two or more people. So there are some key points to know about the man in the middle attack, and that is that it can only succeed when the attack. I can impersonate both sites, so it's not just a matter of being able to position themselves in between two computers. Virtually, they also need to be able to fool both computers. It is thinking that they are the actual legitimate source or the intended. Our tag off the message and an example here would be the attack have been able to impersonate the I. P addresses off all the computers involved. Now it is very common with own secure wireless connections. A man in the middle attack is very difficult to pull off in a wired network, But when you have a wireless connection that is now on secure, a man in middle attack is very, very common and there were three major types off mid Mars. Many middle attacks. The very 1st 1 is the email hijacking, where an attacker is able to get access to email accounts. So imagine a hacker being able to log into someone's email. They can read all the emails, been sensitive, particular individual. And then they can even decide to send emails to all the people using the victim's email address. So that is email hijacking. We also have the WiFi eves dropping, which is kind of like what we just took the boat in the presentation, where an attacker is able to hack into an own secure wife a connection and then able to intercept the messages between computers. And and, of course, we have the session hijacking, where an attacker is able to hijack the connection between a computer and a website now specifically not just to computers, but a computer and a website Now in the real world, Mit mas have been very, very liquidity for some hackers, and an example here would be in 2015 you were cybercriminals in Belgium stole over $6 million the did this by being able to get access to the corporate accounts off several companies. The email accounts off several companies. So the way able to impersonate the companies send out emails to clients and customers who then in couldn't send them money, thinking that the emails came from the real companies not knowing that they came from the hackers. So that's it for the mid Mars demand in middle attack. Thank you so much for watching. We'll see you the next class. 24. SQL Injection Attack: Let's take a look at Warn more type off attack and this is the SQL Injection. Very, very, very popular attack with cyber criminals and hackers. But first of all, what exactly is SQL? SQL stands for structured query language, and it is the language used for database management and data manipulation. All right, so SQL can be used to query to update data, modifying data or even insert data into a database. That's primarily what SQL is used for now in an SQL injection attack. The attack are the hacker will execute militias SQL commands in order to corrupt a database . That's the primary objective behind an SQL injection attack. Now, such an attack can provide the attacker with on authorized access to very valuable information, such as user names, passwords. So in such a scenario, where the attacker has gained control, he could decide to delete very sensitive information from a database. He could decide to add his own data to the database or simply modifying the data that already exists in that database. That's primarily what an SQL injection attack is, and it's also one of the oldest forms off attacks. Very, very old, but still very very popular, and it's also very powerful because such an attack has me used in attacks against Sony, LinkedIn, Yahoo, Microsoft and even to C I A. So this is a very, very powerful from off attack now. One particular software you need to be rare off is the have each software. This was developed in Iran by cybersecurity professionals, and it is a tool used by penetration tests us to find and exploit SQL vulnerabilities. So very often, whenever a penetration test A has been hired by a company to test how strong or how weak the database is usually have, ege will be the software used for such a process. The problem here, though, is that have it is a double edged sword just as you have the good guys. The pen test Pettus doesn't this case, testing out how vulnerable a database is with the tool hacker is also used, have each to attack databases. So basically it's a very powerful tool can be used for either good or for bad purposes. So very, very purple out software with SQL Injections have itch. Now, a very similar attack to the Escalade diction attack is the cross site scripting attack, otherwise known as the X S s attack. Now, in such an attack, the attacker will execute militia scripts off code into a website or Web application. So it's similar to an SQL injection attack in that the attack I use is malicious code. The difference, though, is the target. In an SQL injection attack, you have the cycle going up against a database in an ex SS attack. You have the attacker attacking a website now or a Web application. Now. Such an attack isn't aimed at a victim directly, but at the website that the victim would actually visit. And then when they visit our website or they used at the application, the victim's brother becomes infected as a result. So that's primarily the cross said scripting attack. An attack against a Web application or a website using militia scripts off court. So combating SQL attacks Well, there are three major ways how this can be done. One will be to limit database privileges, which means that you basically limits the par or the amount of things people can do from the database. So even if a hack out or an attack against control of a database, the amount of damage that they can perform, why they would be limited. Next would be comprehensive data sensitization, which means that databases need to be configured in such a way that Onley the right kind of characters are accepted in certain fields. So, as an example, if you had a field in your database, which was reserved for former numbers you would expect on Lee numbers or figures to appear in such fields, you're not going to expect to have special characters or letters in such a field. So databases into become pickled in such a way that their fields would only accept the tractors that they're meant to accept and finally applying software patches very, very important. This has been said so many times before, updates airplanes off the patches and so on and so forth. But unfortunately, lots of people take these things for granted. But when you apply your software patches, you have a much better chance off fighting against SQL and even X S s attacks. So that's it for the SQL injection attack. Thanks so much for watching. We'll see him the next class 25. Malware Section Intro: All right. So welcome to this new section where we're going to be talking about Muay End the different kinds of Molla way that we have now I'm sure you have head off terms like viruses warms Trojans, spyware, adware. Well, all these terms are collectively referred to as mal Whip. Malware actually stands for militias software. So any kind of software that is aimed at destroying files or corrupt in a system, that's what we generally refer to as a malware. And as I said, Alia viruses and Trojans and warms and all the others are different types off mall way. So in this section, we're going to be analysed in each one of this different types of malware, how they operate and also how they can be defeated. So I hope you have a little fun, and I will see you at the end off the section 26. Viruses and Worms: So let's talk about the two major forms off malware, which are the viruses and warms very similar and what they do but are actually different in the way they operate. So what exactly of ounces and alarms? Well, they're basically malicious code that is developed to change the way a computer or a network operates. Always keep it in the back of your mind that various is and warms attack network systems also not just computers but also network systems as well. Now there is a major difference between houses and warms, and that is the fact that while a virus would require an active host or and already infected system enough to unsuccessfully, a warm, on the other hand, is self replicating and self propagating. Now what this means that a warm or warms can spread themselves without any help. They have the ability to reproduce on their own and spread themselves toe all the networks and computers without any help. Viruses, on the other hand, require an active host or an already infected system. Enough for them to long successfully. That is the major difference between the two. So you could say that warms arm or advanced than viruses. Now let's talk about Vallis is in general. Well, there are four basic stages in which a veils goes from been developed to actually causing harm on a computer system, and the very first stage right here is a very well typically attach itself to an executable file or award document. That's typically how they attached themselves. And then they will spread via email attachments, infected websites and flash drives. These are typically the three major ways how vows is are able to spread themselves, and then, once they get into a computer system or a network, many verses can remain dormant until the infected file or system is activated. So if vows to be written to Onley act when something has actually happened on a system, say, for example, a veils could be written to become active only when a user visits a particular website. That's how developed valances can be. And then once they're activated, the veils goes onto course destruction. That's basically how various is operates with warms, even though they're more advanced the way the open is actually very, very easy. They first of all, spread themselves or enter systems via nettle connections or downloaded files is a basically the two ways how warms are able to enter systems, and then was they do so they can make copies of themselves and then spread again. Vire in network or Internet connection kind of like Agent Smith form the movie matrix. If you haven't seen it, go ahead and see Matrix. It's a wonderful movie, so going back to Vallis is again wanting you to keep in mind is that valances can vary widely in their objectives. Warms 99% of the time, warms our destructive but various is can vary widely in the way they operates. For example, you could have some viruses that are purely destructive. Their intent. The objective is to destroy files. That's all they're there to do. But you could also have some various is that won't slow down system performance, so they're not really destroying files, but they are there just to slow down the way a competent system operates. And believe it or not, there were actually some viruses that are known destructive, that is their late in Paris. Is there just there? They're not really doing anything that not causing any harm there. Just there now the three best ways. How you can fight against valances and warms would be the use off Ontiveros and anti malware products. These are some of the two best ways they can fight against Paris is in warm ups, but it could also restrict the use off flash drives. Remember that vows is, and warms can spread rapidly with the use of a flash drive and then finally scanning email attachments still one of the most popular ways how warms in particular are able to spread via email attachment. So whenever you see animal attachment, always be sure that it is from a trusted source. Or make sure that you use can before you download it to your system. So with these three methods, you can hire really restrict the effectiveness off houses and warms on any computer system on the talk system. 27. Trojans: All right. So I'm gonna play you a clip from a movie Tattle. Troy. I wanted to sit back. Relax. Enjoy. The clip is going to be about two minutes, 30 seconds, and I'll see you at the end of the clip. Enjoy. What is this? And offering to recite. The Greeks are praying for a safe return. I hope to see God spits in their offering. Let's more drown at the bottom of the sea. This is a gift. We should take it of a temple of the site. I think we should burn it. Burn in my print. It's a gift to the gods, Father. But all right, so welcome back. I hope you enjoyed the clip. If you've send the movie before then you know what that scene is all about. If you haven't seen the movie before or you don't know the story, well, here's what happened now. The people you saw at the beach looking at the huge wooden horse Those people want trojans . They came from a city called Troy. Now the people inside of that wouldn't cost and eventually came out. Those were the Greeks. The Greeks were trying to conquer Troy. So they had been waging war. But you are able to defeat the Trojans. So here's what the Greeks did. They knew very well that the Trojans are very superstitious people. They believed in gods and gifts and things like that. So they built this wooden horse, and then they heed a feel of them inside. And then the left that the beach off Troy. So many Georgians with the king came and saw the wooden horse. They thought that you know what? This must be a gift from the gods. Let's take it into our city and worship it. So they dragged the horse into the city, not knowing the Greek soldiers were inside, so they were very happy. A. The gods have given those this huge gift, and then it nights when all of them were sleeping, the Greeks inside of the wooden horse came out to them into the main gates, open the gate so that the rest of the Greek soldiers could come in. And if you've seen the movie, then you know that at the end of the movie, well, the Greeks are able to defeat it. Origins. Now there isn't why this clip was so important because it describes accurately how Trojans actually walk in the world off. Itis secure it. And in fact, the tempt fortune came from this story about the Greeks fighting against the Trojans. That is, read the Ward Trojan came from the Trojan malware. So Trojans appear to be legitimate. They appear to be useful so far, but in fact, they're actually malicious, called looking to harm your computer system or a computer network. All right, And so Trojans, What exactly are they? Well, a Trojan is a very powerful mall way often disguised as legitimate software. Now this makes them very sophisticated, because they could be anything it could be a game, video, a song or even an application. Now the one major difference between a Trojan from a virus or warm is that while viruses and worms can self replicate, a Trojan cannot self replicate, which is really a blessing. Imagine if virgins were able to self replicate. This will make them incredibly destructive now, in terms of how destructive Georgians can be. Well, there are four major types of trojans that you should be a whale off, and the very 1st 1 would be the backdoor Trojan now. This allows a hacker on authorized access toe a system in order to control it. So basically a bad allows a hacker to penetrate into a computer and then take control off that computer system. We also have the in force still a Trojan. Now this steals data from infected computers. It could be critical information, passwords, addresses and other things like that. And then there's a Trojan downloader thes are used to download and install new visions off malware onto a system so a Trojan can be programmed to infect the system and then go on to download additional Vallis is and warms to even make things more destructive for the particular competence, system or network. And finally, we also have the fortune de does, which is able to conduct a denial of service attacks against websites. There are so many other different kinds of treatments out there, but these are the four major ones that you should know off now in terms of fighting against logins. Well, the best would be to use anti malware products. This is basically one of the best ways I can fight against virgins, and of course you can also on updates whenever they are available. And finally, Onley download files from trusted websites. Remember that Trojans, and as well as Faris is in warms often are able to infect systems and networks because people go on to download files from unscrupulous websites. So that's it for virgins. Thank you for watching. And of course, I will see in the next class. 28. Adware and Spyware: So let's talk about adware and spyware, and I'm pretty sure you must have heard of these two terms before. So what exactly are they? Well, I'm pretty sure you must have seen advertisements like this before on the Internet. Some would say, Hey, you're the proud winner off a new car or congratulations, you've won $10,000. Or you might find some other ads that will promise you that if you take a certain appeal, you might last longer in bed or something like that. All these I won't refer to as ad where So what exactly is our do it? Well, odd. Where would be a program that displays on one Ted banner advertisements? That's all adware basically is. Now they're very often bundled within software that is installed. So whenever you go on the Internet and you install a free software away free app, there is the chance that you might also be installing an ad where as well now the reason why we have the ad way included is because the developer or whoever wrote that programmer software would like to recover some of the costs that it took him or her or them to develop the product in the first place. So basically, it's a way for developers to make some money out off, offering a product for free, so you get to use the public for free. But then you also have the ad way installed on your computer system as well. That's basically what add way. That's basically why add way is included within our free software applications. They should also know, though, that some setting outweigh can be more militias in that they can hijack your browser start or such pages. You may have experiences before where you've set your home page to be the Google search engine. And then when you open your brows are it takes you to a different home page. That is an ad way that is working. But now there are even more since that ad way out there that can track Web usage. And these are what refer to as spyware. So he could say spyware are a form off armed with a track Web usage. So spyware you can see from the image right now that we have a laptop and we have two eyes bulging out looking at the main computer screen and the keyboard as well. That's exactly what spyware is. They spy on you. And as I said earlier, they can monitor computer and Internet use and how they did as well. An example would be key loggers. Key loggers can be called keystrokes that every time anyone types on a keyboard, the killer yoga will record every single keystroke that is made. And they can also take screenshots off what the person is viewing on their screen Now. This data can then be sent back to hackers who can then get credit card information passwords. Things like that, or the data can also be sent to advertising agencies so that they know what your interests are and will begin to serve you advertisements. That's what spiral where can do so. Basically the two best ways. How you can fight against ad and spyware would be to think twice about using free software . Now off course, there are software out there that is completely free, no strings attached. However, there are many free software out there that also require that you have the adware installed as well. So think twice about installing free software is very often recommended that if I can't afford to go for the premium version of its software. Go ahead and buy the human vision. And, of course, you can always use spy ways cannons as well. There were so many of them out there, which you can always use to scan it. Come to system, make sure that any ad or spyware malware one in on your computer system. 29. Ransomware: Let's talk about one of the absolute worst forms off Moloch, and I'm talking about van somewhere now. You may have seen an image like this before We are a computer gets locked out. And then there's a message saying You have to pay a certain amount of money in other to unlock the computer. This is a classic example off somewhere. Basically, a computer system is infected and prevented from being used by the owner until the owner pays a set in a mint off monitor. It's basically hijacking a computer system or kidnapping a competent system. So to say now the general idea behind on somewhere is that the victim did something bad. Maybe they listed a pornographic website or they did something wrong somewhere, and so they now have to pay for their cyber crimes that left general idea behind around somewhere. Now, on some, I can prevent you from using your PC and even included files. And this makes it really, really bad, because at least with viruses or warms or trojans, even though your system is infected, you can still use it with around somewhere. On the other hand, your system can be completely locked out, you will not even be able to go to your home page in a deck stop or even use any off the applications that you have, making it extremely difficult to fight against it on some whip. Now it can spread to other pieces as well, and toned them to botnets or boats, which we'll talk about a bit later. Now one of the horrible things about one same way is that it doesn't discriminate it. Take its anyone and everyone. They don't care whether you are hospital, a private business and individual school. As long as the cybercriminals behind on somebody can make money from you, they will attack you and also to make morning form you. They don't care. Also, payments are very often requested in Bitcoins or crypto currency because they cannot be tracked by the police or by the authorities. Now, the very 1st 1 summer emerged back in the air off 1989 and it was called the AIDS Trojan. Now, what's interesting here is that the aid students spread through the use or floppy drives and those who are affected had to send money to a bank in Panama was about $180 another for them to get the code that would allow them to decrypt the files and continues in their system. How time has changed since then. Now numerous variants off once only exists, and more are produced very quickly, making it even more difficult for the cyber security experts to keep track of all the different forms and variants of malware over and some other that we have out there. Now it infects computers, mostly through email links and downloads. Again, e mailings are one of the primary ways how malware in general spreads to computers and networks. So now let's talk about some of the worst forms off ransomware that we've had so far, and the very 1st 1 is the one acquire a van somewhere. This emerged in May 2017 very, very recent, and it infected over 200,000 computers in our 150 different countries, and it used a vulnerability in the Windows open system to exploit computers and attack them . We also have the Torrent Loca that came out in early 2014 now these encrypted files and relied on spam emails to distribute itself. Now. It also used something called geographical targets and which means that it only attacked people from a specific region off the wall. And in this case, it was mostly in the United States and Canada that the reason why Ransom M might used geographical targeting is because in the lockout's queen, where the message is written in a certain language, they would rather have people who actually understand that language baby wants to be affected by the ransom ever than people form a different part of the world who may not speak that language. That's why geographical targeting is used. Sometimes then, we also have Lucky, which emerged in February 2016 and get this lucky extorted over $17,000 from the hospital in Hollywood. Remember when I said that one somewhere targets anyone and everyone? They got over $17,000 from the hospital in Hollywood, and since then it has continued to spread across the world, and finally we have the CTB locker that emerged in early 2014. Now these had multi lingual capabilities, which means that the lockout screen message could be changed to Chinese. It could be changed to finish it creatures to Portuguese, Spanish, German, and it was on the very first Vance made to be sold as a service in on the Ground forms the city be locker imagined in early 2014. Now you can take a look at this infographic the damage course by run somewhere over 97% off . Phishing emails deliver. Run some way again. E mails are one of the key ways. How long? So my spreads to computers over 70% off infected businesses ended up paying the ransom. So you can imagine why Sarah criminals continue to use around somewhere as a way of making money because victims are forced to pay the money now on Lee for it to be sent off. The answer. My victims were able to recover their data even after making payment, so making payment doesn't always work Now. The amount of money that was often charge was between $200.10,000 dollars, depending on who the victim. Moore's. More than 50% off this complex paid between $10,000.40,000 dollars, and, of course, one in four p in users never recovered the data, so you can imagine just how bad and horrible run somewhere is so Let's talk about the five key ways how one can fight against one somewhere. One. Used data backups. If you have a backup off all your data, you will not care as much if the current data that you have was infected since you already have a backup. Secondly, turn off excellent applications like Job Box could go drive and only turn them on when you need to use them. One updates, including browser Adams. So if you haven't extensions in your browser or adults, make sure they are well updated. If they are dated, either update them or remove them entirely. And, of course, never opened spam emails or click on suspicious links. Never, ever do that. And finally, as always, use an anti violence. So thank you so much fortune. We'll see you in the next class. 30. Other Types of Malware: so we have already talked about all the major types of malware out that we've talked about . Viruses warms Trojans, Spy Way found somewhere and a few others. So now let's round up this discussion on Mallet by talking about a few other ones, and the very 1st 1 will talk about would be root kits. Now these are very similar to a burglar hiding in the Arctic off a house. And the idea here is that would kids will hide and then strike when the opportunity allies is now. These are the hardest Amalia off all to detect, and we move. And one of the key features of wood kids is that they allow all the mall way to sort of hide in plain sight by disguising them as riel essential files so you can see just how sophisticated with kids can be. They can make the most malicious or viruses out there look like an essential file, and then it will full the anti virus into thinking that such fells actually legitimate. Now they're activated even before the open system puts up. Say, if you're using windows, that's an example. Even before your computer has finished. Putin, the good kid is already walking once that system is infected, so you can see why it is so hard to get weed of them now. The recommended solution. Once you've discovered that you've been infected with the work, it is to simply wipe out the hajj life. There is no software available out there that can guarantee you are 100% that they would. Kid has been removed. The sophistry will be completely by party hard drive or in fact, use a brand new head drive and just a scarred. The hard drive has been infected by the kids. It lasted about a browser hijacker, which is known as militias as the all the Molotov took the boat. In fact, this is very similar to an adware. They're basically hijack the victims browser, and what this means is that they can redirect victims to specific page is a classic example is when you set your home page to be a particular website, and then when you click on your browser and you open it expecting to see that website, you have a dedicated to a different website. Now the intention behind brother hijacks hijackers is to make money by feeding adds to the victim. Brother hijackers really Arens in there to steal information or destroy files. All they want to do is to redirect the victim to a website where they can provide adds to the victim now most actually developed by advertisers looking to track usage habits. So again, these aren't exactly the most malicious forms off Mullah out and actually move annoying, then are dangerous. Let's talk about the very last one, which would be the log security software. Now these are sort of that pretend to be good programs to remove my people die. In fact, my always themselves. Now the one thing about them is that once installed and once activated, they would actually turn off any real security software that is available now. These are often gotten from websites, often better security. You may have seen many of them online before, where they promise you Grinch stole this app. You will get rid of all your viruses and so on and so forth. Now the safest way to protect one from block securities of travel between stole softer on lee from known vendors. So get your security software form known vendors like a Spassky McCafe Norton and so on and so forth. So that's it for malware. Thank you for watching. We'll see in the next class. 31. Defences Section Intro: All right. So welcome to a new section. We were going to take a look at the defenses the way how we the good guys tried to protect data and networks from the several criminals from the bad guys. So we're gonna be taking a look at things like an anti virus firewall encryption. These are all technologies that you should be familiar with. And I'm gonna do my best to explain them to you in the best way that they possibly can. So I really hope you enjoy this section. I hope you learn a lot. And of course I will see you at the beginning of the next section chairs. 32. How an Antivirus Works: So let's talk about one of the most popular, always off protecting systems against viruses and hackers. And we're talking about the anti viral. So what, exactly is an Auntie Vera's well and enter? Verus is a software that is used to protect a computer from all way. This is about the simplest explanation one can give as to what an anti virus is. But how exactly does an anti verus work? How does an anti virus identify if a hail as well There are basically two ways, and the very first will be to use something called signatures. Now is signature, refreshed to a pattern off data or behavior that is known to be related to an already identified malware. Now, take a look at this image right here. We have to the left. We have the source code off an executable file. Now what happens here is the anti virus will scan the source code off the file, and then to the right, you can see that there is a dictionary file or a database where the anti virus has all the cold off. All previously identified Violence is so basically, the antivirals would compare the source code off the file toe what it has in its dictionary . If there's a match, that means that that file is a valueless. If there's no match that it means that the file is possibly illegitimate, file the other way would be, for the anniversary employ something called a hubristic method, where the anti verus is able to predict that a file is militias by simply stored in its behavior. Now, one of the key ways how the intervals can do this is by using something called sandbox testing in a sandbox testing. Basically, the file is allowed to loan in a controlled virtual environment to see how to file actually behaves. So the thing here is that the antivirals is acting like a predictable. It can tell that in the future or in the near future, this particular file is going to become militias by simply starting how it's acting. The downside here is there. There is a possibility off something called a false positive of a very popular terminology . In the world of I T security, false posting means a legitimate program was wrongly classified as a mile where so there is the tendency for an intervals to Longley predict the legitimacy off a program. However, this really happens most of the time when an anti Vallas detective vows through hubristic methods, it's very often correct. One should take note of that. All right, so what exactly do we have under the anti vowels or privations? Well, we have on access scanning, where the answer veils constantly checks every file or program that is opens is basically an anti virals on demand. Every time a new fell is open, the intervals checks to see if that file is legitimate or not. And then there's, of course, the full system scan where the antivirals would want a full system scans. Can the memory the hardest? Make sure that the entire computer is free off viruses? Speaking of viruses, there is one particular kind of virus that you should know off, and that's called the poorly morph IQ virus. Now this is a various that has the ability to morph or change It's cold, making it very difficult to be detected. Polymorphic viruses are one of the most difficult kinds of viruses to detect. The good news, though, is that many Ontiveros software these days are becoming more and more able to detect polymorphic viruses moving on what separates an antiviral software from another? Well, there are basically two off them. The very 1st 1 would be the ability to detect viruses so different and develop systems will have different rates off detection. Some are better at detecting Valassis than others, while orders could use less. Resource is some anti viruses would use lots of stem resources like the process saw the memory, while others will not use quite as much. So that's basically an introduction to anti virus software and how the walk Thank you for watching and I'll see in the next class. 33. Encryption: So let's talk about another major way of protecting data from cyber criminals, and that is going to be encryption. So what exactly is encryption? Encryption is a process of making information hidden or secretive. Now encryption comes from two words, which would be n and then crypto and mins to make. Crypto means hidden or secret. So encryption, in other words, is all about making certain kinds of data or information private so that it's only people with the right access that we'll be able to view that information. Now encryption uses a key to make the information secretive. Now once the information has become encrypted, it then becomes a cipher. So cypher is a term used to refer to encrypted messages. Now decryption, which is the exact opposite, would also use a key to unlock the sci-fi and then make it accessible. Again. That's basically how encryption and decryption works. Now cryptography, which is very often confused with encryption, is the study or science concerned with secrete communication. So whenever you start in encryption, you're basically doing cryptography. It is important to understand the difference between cryptography and encryption so that you don't get confused. Now, there are two major types of encryption, and the very first one is the asymmetric encryption. The second is the symmetric encryption. Now what's the difference? Well, asymmetric will use two different keys for encrypting and decrypting while symmetric uses just one single key. So let's take a look at a typical example of an asymmetric encryption. So let's set a center on the left, wants to send a message to the right. What he's gonna do is he's going to use a public key to encrypt the plaintext. Their plain text then becomes a cipher, which in turn will now have to be decrypted using a private key by the receiver. So it's basically using a public key to encrypt the plaintext, turn it into a cipher, and then the receiver would use a private key to decrypt the cipher, tunneled back into a plain text message in a symmetrical encryption, it's the exact same process except that the major difference would be rather than using a public key and a private key, the sender and the receiver would use the exact same key to both encrypt and decrypt the message. There are a few types of asymmetric encryption that you should know about. And the very first one is the reversed. We also have X0 mu and we have Adelman. These are the three major types of asymmetric encryption. While for symmetric, we have the Data Encryption Standard, otherwise known as the desk, and the Advanced Encryption Standard, or otherwise known as the a, E S. So that's the frame encryption. Thank you so much for watching the video. I will see you in the next class. 34. Firewalls: Let's talk about the very next security measure, and that is going to be firewalls, a very popular term in the world of I T and cybersecurity. But what exactly is a firewall? Well, a firewall is a secure to device that monitors incoming and outgoing knits. Walk traffic. So let's take a look at this illustration. You can see that to the light. We do have a local network for a company. We have computers, we have pointers and then to the left. We do have the Internet, the walled out there with other computers or the devices. And basically there's love. Communication amongst old is devices. You have computers in the company's network linking to the Internet, downloaded information, sending emails and so on and so forth. But then, when you introduce a firewall, a firewall is going to sit in between these two major connections. So that firewall as a gateway, it makes show that whatever information is coming in from the Internet to the complex network is safe, and it can also make sure that whatever information has been sent from the company's network to the outer world is also safe and allowed, apart from monitoring traffic between the Internet and a company's network. Firewalls can also be programmed to monitor traffic with mean the company's networks as an example. From the outbound side, firewalls can prevent employees from sending out setting kinds off data such as e mails and then from the in bounce side files can prevent employees from access in setting kinds of up sites. So whenever you hear of employees not being able to access Facebook or YouTube at their place of fork, it is because there is a firewall prevented them from doing so. So how exactly do firewalls work? Will never three ways how they walk in the very 1st 1 which is the most basic off them all would be packet filtering. What happens here is that the firewall inspects each packet of data. The firewall has a filtering table, but it has all the conditions listed. So if the packet of data matches any one of the conditions in his Fortune table, depending on how the Farrell has been configured, it can either allow the packet of data to go through, or it refused that packet of data. Next would be the proxy service. Were the fireball simply stands in between two systems or more and simply acts as the intermediary. So whenever a system from the order network wants to request information to or from another network, the firewall will take that request past the request to the other network. And then, if there's a response, the response passes through the firewall and then again, back to the network a question for that information. That's basically how a fire world would walk in a proxy service and then, finally, which is the most advanced form of firewalls. We're talking about the state full inspection. What happens here is that the firewall actually tracks the state off a connection between systems so it checks to see the kinds of the top passing through it checks to see the I. P addresses off all the devices operating it checks to see the kinds of devices communicating as well. So this is a very advanced form off a firewall. Now there are two major types off firewalls. The very 1st 1 would be the hardware firewall, which can be stand alone, harder advice, or it could be built into nettle devices like switches and routers. Then, of course, we have the software firewall, which could be a standalone application or simply pat off a security application like it like an Auntie Vera. So many times. You see Ontiveros is that claim that they have firewalls that come with them. That is true. Many times we do have anti phalluses and anti Molly products that also have a firewall program built into them as well. So that's it for firewalls. Thank you so much for watching. I will see you the next class. 35. Biometrics: because it's protected by gait analysis. The step beyond facial recognition. These cameras actually know how the agent walks, how he talked, how he moves right down his facial tics. So what you're saying is no mosque. The clip you just watched was from the movie Mission Impossible five Stemming Tom Cruise and was released in 2016. Now what you saw there was an individual trying to fool a security system. The security system has been designed in such a way that it could detect simply by starting with way the individual walked, whether it was actually the white individual or and in person, NATO. And of course you saw hilariously at the end, the system was able to detect that this person was a fake and not the real individual. Now what you saw right there was biometrics in action. So what exactly is biometrics? Biometrics is a security mechanism used to authenticate and provide access based on the verification off physical characteristics. Now the general idea behind biometrics is that everyone is unique in one way or the order. Whether it's our voice, the way we talk, the way we walk, our fingerprints are eyelashes. There is always something about every individual that separates them from other people. Now there are two general biometric identifiers. We have the physiological characteristics which would refer to the shape or composition off the body. And then we have the behavior of our characteristics. You should refer to the behavior off a person slightly more advanced now on the physiological characteristics. But talking about things like your fingerprints, Your D N A. You're Latina scans your face your hand All these fall under the physiological characteristics now for behavioural characteristics, which is more advanced but talking about your voice, your gestures and even your gate. So what we saw in that clip was behavioral characteristics. The cameras were able to detect that the person was a fake simply by the way the person was walking. All right. Now, biometrics in general will involve a database that stores the biometric data for comparison . So every individual that is supposed to have access will already have the R. I scans there, fingerprints taken the way the walk or talk would have been recorded. And all this will be compared to every other individual walking in just to make sure that they're actually the white person. So if there's a match in the database, then they know that individual is direct person. If there's a mismatch, then they know that that person is a fake. Now accuracy has improved, and also the cost has reduced over time. Back in the early days, implementing biometrics was extremely expensive. But now, thankfully, things have gotten cheaper, and as a result, it's becoming increasingly common. You can even see nowadays on many laptops that would require a fingerprint scan before you can gain access. So that's it for biometrics. Thank you so much for watching. I will see you at the next class. 36. Factor Authentication Methods: the black vote locked down. The only person allowed in the room has to pass through a series of security checks. William Down Low. The first is a voiceprint identification and a six digit access. This only gets him into the out of room. Next, he has to pass a retinal scan. And finally, the intrusion Countermeasures are only deactivated by a double electronic key card, which we won't have. So the clip you just watched us from the movie Mission Impossible, starring Tom Cruise and always saw there was an individual trying to gain access into a particular room and another to do so. He had to, first of all, go through multiple checkpoints. First of all, he had to do a voice scan, and then he had to provide a six digit access code. He then had to do a nice canon and finally had to use a key card in order to gain access into that particular room. Now we already know the voices scared, and the wetness can to be part of biometrics. But when you combine biometrics with all the things like a pass code and a key cut like we saw in deaths and then you have multi factor authentication methods on display. Now, the most popular form off the factor authentication methods is the two factor authentication. So basically, here a user provides to authentication factors to verify who they are Now. This off course obviously provides an additional layer off security. All forms off factor authentications, provide additional layers of security. Bet exactly what all these authentication factors well, just like we saw in that clip, we do have the knowledge factor, which is something the user nose like a password. And in that clip we saw the user tapping in a six digit code. So the knowledge factor could include things like passwords, user names, key phrases and so on and so forth. We also have the possession factor, something the user has, like a token or maybe even a mobile device. Now, in the clip, we saw that the user had a key card. And of course, we have the inheritance factor, something the user is biometrics. And of course, in the clip we did see the user providing or that individual provided his voice prints. And of course, his eyes can as well now from the clip, even though the individual went through four security checkpoints. In reality, he actually went through three authentication factors. Now, when I mean here is let's take, for example, with the two factor authentication years into factors from the same category would not constitute a two factor authentication. In this case right now, if you combine a using them and a password, even though those are sort off two different security points, you have to provide a user name yet provided password. They both still fall on that, the same category, which is the knowledge factor, and as a result, such would be the single process. Authentication are factor method now in the clip, even though the man did four things, two of them belonged to the same category, which was the inherits factor. Talking about the wetness can end the voice prints, so that was one factor. Then we had the knowledge factor where he had to use the provided the six digit code. And then finally we had the position factor because he had a key cut. So once again, using two factors from the same category would not constitute two separate factor authentication method. And, as I've said, Alia Factor authentication methods provide an additional layer off security. Authentication products, which are related to the position factor, would include things like tokens, smartcard smartphones and so on and so forth. Now over wall, specifically with the two factor authentication. It does improve security, but it's not foolproof because cards could be stolen. Fingerprints could even be lifted as well. And that is why three factor and multi factor authentication methods are for the improvements. That's why these are used just like we saw in that clip. Now we do have something called the multi factor authentication. In this case, this can include two more factors, like eight time and location factors. So in addition to the inheritance factor, the knowledge fractal and the position facto an individual could be required to be at a specific place at a specific time in a lot, again access to certain information. So that's it for the factor. Authentication methods. Thank you so much for watching. We'll see you in the next class 37. Honeypots and DMZs: So let's take a look at two other ways of protecting their talks from several criminals. And we're talking about 100 ports and TMZ's. So what, exactly is 100 point? Well, 800 part is a computer system or network that acts as a decoy in other to lure cybercriminals. So the main objective here is to study the attempts by the cybercriminals to gain on authorized access. So basically, you have the hon report the cybercriminals seat. They think it's a real target. They begin trying to attack the target. Well, this cyber, the subsequent specialists can see, sit back and observe exactly how the hackers are doing. So So the computer of the applications and the data involved in the whole report well similar to the behavior off a real system. Because if you're dealing with experience hackers they can tell, they can tell when a target Israel and when a target is fake. So the more real the whole report behaves than the less able the hackers would be able to detect that Oh, this is indeed a decoy. So, depending on how they are set up, we have two major types of honey pots. We have the production hon report, and then we have the research honeypot. So what's the difference? Well, let's start off with the research honeypot. Now we Such reports are long to enable the close analysis of how attacks develop and progress in order to be able to learn how these hackers are actually going about the business and how the cybersecurity specialists can protect the systems against this hacker . So research reports are the typical kinds of honey pots you see. Those are the ones that set up, you know, to lose our criminals. That comment, and then the subsequent specialists can sit back and study exactly how the hackers are hacking. Now a production home report is slightly different Now. These are placed inside off aerial production network with all the real Savvas to act as a decoy. So they're designed to appear real, and they also contained resource is real resources to attract and occupy hackers. Now, the objective off a production honey port is to keep the hackers distracted while the view production service are patched up. So here's the difference. Okay, your research one report is very deliberate. The cell applied there in order to study how the hackers will hack and tried to attack that system. A production horn report isn't exactly deliberate. They are put in there along with real service. And will networks in the hope that shoot a hacker attempt to hack the network? The hacker will first of all, jump on these particular home reports. Now, when they hack and those that the sophisticated specialists will be a little bit notified that hey, someone is hacking into this whole report that would give them time to quickly patch the order networks. They're the real networks that are group to get out with the whole report. So it's basically keeping the hacker attracted or distracted, Father. That's why they tend to put out of UV so that they would actually put out some real information in such honey pots to keep the hacker right there. While they can actually go on to patch the order are more important servers, So to say now, a demilitarized zone is a physical or a logical sub network that separates a local area network from other untrusted networks. So it's basically a barrier between the real local air and the talk off a company or business and the outside nets or the outside world, basically the Internet. So you have external face and servers, and resource is placed in the M. C so that they are accessible from the Internet. But the internal land is kept off limits. So let's take a look at this illustration over here Now there are different ways off setting up D M's is, but this is usually the most popular away where you have to Firewalls involved. So basically, we have the Internet, the outside world on the left, and then you have the local event took off a company or business or an office to the light . No. In between these two firewalls, you have a firewall facing the Internet way. But you also have another firewall face in the local area network. So in between these two firewalls, you have your demilitarized zone. This is where you have your servers. Don't act as a sort of a barrier between the outside world and the internal local area network off a company or a business. So the real objective behind the EMS is to add an additional layer off security. So before anyone from the incident can get to the local area. In the talk off a company they will have to pass through this firewalls. They'll have to pass through the D M Z before they would eventually gain access to the local area network. So the objective behind DMC is to add an additional layer off security. So that's it for the TMZ's and 100 ports. Thank you for watching. We'll see you in the next class. 38. Wireless Security: So let's take a brief look at wireless security now, while a security obviously is the prevention off unauthorized access or damage to computers using wireless networks. And these days most of our connections tend to be wireless. But there it's our Internet connectivity of the office. Maybe it's how we connect to the Internet via our phone. The mobile devices at home. Most of the connections are wireless. Now, in general, there are two major standards. For while a security first, we have the wired well equivalent privacy, which is the weapon. And then we have the WiFi protected access. Vwp A. You may have heard of the blue p A. Whenever you try connecting to your while Israel tha at home or the office now weapon. Let's start with. This was the very first security standard for wireless networks. End was very weak, with 64 bit and 128 bit encryption keys and in the wall of encryption. 64 bits I want when it beats, are very, very low. It's not powerful. L and passwords with the Web could be cracked in minutes so you can sit. Was very, very, very weak. Was not the best at all end. It's no surprise that it was superseded by the W P A. In 2000 and three now, despite the fact that this is a very weak security standard in still widely used. So if you're using Web for anyone off your wireless networks, be sure to change to WP a Let's take a look at WP A. This was developed by WiFi Airlines, which is a nonprofit organization now with WP A massive security improvements were made over the Web with 256 bit encryption keys. So W. P. A is a much stronger way of protecting your wireless that talks over W E. P. And it was superseded by the W P A. To in 2000 and six. Ow! PH Who is a stronger version off the WP A. So that's security for wireless networks in brief things. So much for watching. I will see you in the next class 39. Password Management: So let's talk about the oldest form off authentication, which would be passwords. Passwords have been around since the existence of computers, and it looks like we're still gonna be using passwords for the foreseeable future, even though our biometrics continues to make advancements. People believe that in the coming years people will stop using passwords. People would be using things like their fingerprints. Can I scan and things like to gain access? But still, for the next few years at least, passwords will still play a very important world and security. Now it is 2017 and by now you should know that you're not supposed to use passwords like a B, C D E passwords like password, sort fish or 1234567 The problem here, though, is that people steal, use passwords like that. Any of your one of such people. Please stop doing that. Use very, very strong passwords. And this is one of the reasons why, if you've ever tried creating an account and most upset about one days on the Internet, when your ex to create an account, you but you have to provide the user name and password they very often have a password strength meter to tell you how powerful your password is, and even many times they might force you to use a passel that has a least eight characters . If it selected characters, you will not be able to create an account. And all this is for your own good. It's for the good of the website as well, because they want people to have secure accounts. So, really, when it comes to creating a strong pass or what exactly does that constitute? What makes a password strong? Well, your password should be at the very least seven characters, although commend eight or nine, but seven should be the minimum and out of those seven characters. Make sure you combine figures and letters and make sure one of your letters is a capital little as well. And then you can also combine or add a special character like the ash tag or the at symbol . So when you combine all of that together, you end up having a really strong pass or passes that can take months, even years, to crack with all the latest software and that we have today now, in most offices and many companies nowadays businesses. They have policies in place that forced their employees, used to change passwords maybe once a month, maybe once every two months. And of course, the reason is because off security they don't want the employees to keep on using the same passwords over and over again. So you might notice if you end up working for the company or you have to take up a job as a security specialist and some company or, you know, whatever you might notice such policies in place we are. They have to change their passwords once every week with the once every month, once every two months or something like that. And one final thing to talk about is not using the same password over and over again for different websites. So most of us we have one particular passer that we use all the time. We didn't reason for looking into our email accounts for our social media accounts. If you want to look into a bank account, bank account online will have to also use such a password. That is not a good idea. And one of the reasons why identity theft is so prevalent these days is because people tend to use the same password over and over again. So if a hacker always summer criminal, gets that password, then guess what they have access to all your accounts that can go to your Facebook profile , do something right there that can go to Twitter. If you have to return, of course, they can be do emails. They can log into the account online for your bank, things like that. So it's a very good idea to use different passwords for different kinds of websites. Now, the obvious challenge here is how do you keep track off all this passwords? I mean, okay, so you use a different password for your email. You use another password for your social media accounts. How do you keep track of all this passage? Well, the ideal solution here would be to find a system. So let's say, for example, your password is eight characters and left. You could decide to use the same six characters in between right and then the first character and the last character. You could make them different, depending on the website of trying to look into so you could look for two letters, maybe two numbers or something unique gold represented particular website, so you can use such systems in place to be able to constantly remember the password that you've used for such on account. Now, there are other tools out there on the Internet. There are world help. You remember your passwords. An example is dash lane. Gasoline is supposed to mean is very secure. Software, which are once you've created your accounts, actually would store the password for you. So you don't have to remember the password anymore. As long as you have Daschle and installed and running on the computer, Destiny will be able to remind you off that password, and you can also allow Daschle into create passwords for you. The problem, though, with this, is that you are now put in your security into the hands off sort A software. So if a hacker is able to crack that software world and guess what, you'll be in trouble. So it really depends on how you want to go about this. My constant recommendation would be to take security into their own hands, do this thing manually, figure out a system for creating different passwords for different websites. And even if a hacker was able to get access to one of your passwords, there would not be able to use that same pastor to look into your different accounts all over the Internet. That basically for password management again passwords one of the oldest forms of authentication but sticking amusing passwords for a while. So it is important to understand how to create strong passwords and also password management in general. So that's it. Thank you for watching. And I will see you the next class. Uh huh. 40. Cyber Security Policies: Let's take a look at a few policies that you should be aware of. N any company or organization that is serious about their cybersecurity will have these available. And here are a few of them. We have the security policy, the BYOD policy, and then we have the incident response plan, as well as the disaster recovery plans. So what exactly are these plans and policies? Well, the first one here is a security policy and this is the general written document that describes how an organization will protect both it's virtual and physical assets from threats. Now, keep in mind that cybersecurity isn't just about protecting data. It could also involve protecting servers, hard disks in a physical devices that may contain information. So the secreted policy in any organization is just meant to describe the methods by which these offsets are protected from threats. Now, here at all, if you questions that will be answered in your typical security policy. So it will identify the assets that need to be protected. It also describe the kinds of data that employees can access. So say for example, you are in the marketing department. Does that mean that you will be able to access data from the financial department and vice versa server and so on. It will also describe how employees can access the data. Do they need to provide a password? Do they need to have a security key and so on. Also, what can they actually do with the data? Can they copy the data into USB drives? Are they able to use USB drives? Can they access the internet freely? What I mean here is that, are they allowed to go on YouTube or use social media while they're in the office. And also things like how often would passwords be changed? So Here are just a few questions that should be answered in your typical secreted positive. Of course, it's a secret posted goes beyond these. This is just a sample of the kinds of things all be described in your security policy. But then we have the BYOD policy and this is opposed to that describes how employees are able to use their own personal device to access company data in a safe and secure manner. We will talk about Boyd policy in the very next video, but then we have the incident response plan. And this is a set of policies and procedures that I'll use to identify contain an eliminate cyber attacks. The whole objective of an incident response plan is to allow an organization or a company to quickly detect and stop cyber attacks, but also prevent the same kinds of attacks from occurring in the future. That's what an incident response plan is. And then finally, we have the disaster recovery plan. This is a planet focuses on distillation of critical systems after a disaster. Now a question I have here is what exactly is a disaster? Well, this could be anything like a fire, for example, an earthquake in rare situations, or maybe even a very wheels cyber attacks. So the whole point of a disaster recovery plan is to describe how a company can effectively recover and how quickly the company would be able to recover from such disasters. So there are a few more policies and plans out there like your business continuity plan and so on. But these four right here, the OS security policy, you'll be already policy. You'll incident response plan as well as your disaster recovery plan. These are the major plans and policies that exist in any company or organization that is serious about cybersecurity. 41. BYOD: have you ever heard of the term before? Be why O. D? Well, if you haven't it refers to bring your own device, and it refers to the phenomenon that we have at the modern workplace, where employees are able to do their walk on their mobile devices. So you have employees who are able to send walk emails from the mobile phone. You have employees who are able to download sensitive documents or documents they're walking on at walk to their laptops and mobile devices, and then take that walk home. That generally is the B Y. O D. Phenomenon. Bring your own device. Employees have been able to do their work on their personal devices, and it's very common in the modern workplace. It's the 21st century. Lots of people now do their browsing on their mobile phones. They have laptops, ipads and so on and so forth. So definitely it has its pros and its cons. The major pro is that well, efficiency is improved because people can now walk from different locations. They don't have to be physically present at the place of work. They don't necessarily have to use the PC or the computer that's been assigned to them. They can be at launch. They can even be in the boss going home, and they can still send emails to their clients, Get some work done all from the mobile device. The major corn here, though, is the fact that it opens up new security vulnerabilities. Because think of it this way. If you are in charge of security information, security for a company, now you've heard it on your part. You've made sure that the local network is secure. You've also made sure that all the computers have and two fireballs. You have firewalls. You have all the security policies in place. But how do you handle the devices that belong to the employees? It's their own device. It's not yours. It doesn't belong to the company. So you now have to either bring about a security policy that will restrict how the employees are able to use their personal devices for work. But in many companies, they don't even think about such things and just allow their employees to download documents to their phones to the laptops and then take it home and then walk from home. So that's kind of like the major risk with the buh bye old. The often I'm not be by only policy. Being able to allow you employees to walk on the mobile devices improves efficiency. But at the same time it also opens up a new gateway off our security vulnerabilities. So that's the general B. Y O D phenomenon and the major problem in the middle corn associated with it. So in the very next video, I am going to walk you through. A few policies that many companies now put in place to minimize are the security risks associated with the B Y O D phenomenon. So thank you for watching. And of course, I will see you in the next class. 42. A Sample BYOD Policy: right. So let's take a look at a sample, bring your own device policy, and I really don't know if you intend on becoming a security specialist, but nevertheless, it's a good that you have a basic understanding of how policies are written and to see an example off one off them. But before we actually start the steps involved in this policy, there were two things that has to be addressed by the BUE bio depots. And the very 1st 1 is it was address both the concerns of the company and the employees, the consent of the company being the fact that new security vulnerabilities might be created as a result of employees being able to take work home. But the employees themselves also have issues. Concerns and the main concern have been that if they are going to walk with the one personal devices, then how much control off their own personal devices? Most Dave relinquish toothy company. So the bill, by already policy, has to address both the concerns of the company and the employees. And, of course, it must aim for a balance between security and ease off access. You want to make sure that the policy addresses all the security concerns, but at the same time you also on the policy to be able to allow the employees to work effectively with their mobile devices. So that's like a look at a sample policy. There are nine steps involved in here, and usually whenever you're writing a policy, a security policy, you want to start with the basics. Don't get old technical right from the start. Cover the basics first, and the very first thing here would be to determine what devices would be permitted and who will be allowed to use them. So are we going to allow a mobile phones only. Are we going to allow laptops? Are we going to allow iPads? And then once you've established the devices will be used? Who would be allowed to use them? Would it be the senior executives? Would the entry workers be able to use them? Would it be people from a specific department, maybe accounting? They're allowed to use them. These are the very first few things that needs to be addressed and the next determine the kind off company Data will be accessible. So what kind of data would the employees be ableto walk on their personal devices. Is it every kind of data the company works with, or would it just be specific kinds off data again covering the basics? Next, CREA listed the right of the company to access mannitol and delete information from the employees. Orange device is very, very important. You want to make sure that the employees understand that the company will have some control over their personal devices, and there has to be some sort of agreement between the employee and the company. All right, so that's what is addressed. And Stage three next step would be to explain how the company will protect the employee's personal data. Again. The B y or the policies isn't just about protecting the company's interest, but also protecting the interests off the employees. So you also have to think about the employees, and the company has to explain how they will protect the employee's personal data. Will there be back hops with every things like that will later be encrypted so that if it's stolen well on the one to be able to access their personal information, stuff like that, next will now be to deploy mobile device management. So once you've covered all the basics, now you can begin to get technical. And we will talk about the mobile device management in the very next class in the next video. But basically in here, you can now start getting technical. You can say, OK, the hard drives for the laptops or the maybe even the memory cats for the phones we can petition them into two. One will be specifically for the personal data town like pictures, videos, files and stuff about, while the other will be for the walk data. So now you are separating the hard disks. The memory cads into two again. One for personal data, one for the walk data. Next up, you cannot begin to enforce the use off. Strong passwords are anti malware and also the automatic lock up after periods off in activity. So these are the very next stages off security. You can begin to deploy. Make sure the employees use strong passwords, make sure all the devices, regardless of what they are, have some form off updated our anti malware as well. And then you can established protocols for lost or stolen devices. What happens if the employees laptop got stolen. How are you going to ensure that whoever stole the laptop will not be able to access the company's data? That's in it. How would you ensure that the information is Some are retrieved. They're gonna put some sort of encryption on the laptops on the mobile devices so that if it gets stolen, you can simply press a button somewhere on a server on a computer and all that they told we destroyed stuff like that is exactly what you need to address as well. And then, of course, developed the policy in partnership with I t with risk management and legal counsel again, whenever you're writing policies, it's not just about you. You, you, you You also have to consult or the departments. The policy effects everyone in the company, so you need to bring in as many people as possible. I t would be great. Of course, risk management would be a great department. And of course, the legal counsel. Very, very important. You want to make sure that one of our laws or rules real estate in your policy are you can actually defend them in court Should and shouldn't employees decide and to take the company to court. And then, of course, finally revised coin policies and protocols. No security policy is gonna last forever. In fact, sometimes the credit policies policies need to be updated every week, every month. Maybe because new things are constantly happening. We have new technologies, new ways, how hackers hack into company data. So the policies need to be constantly updated to meet the demands off the technology of the workplace. So that's it for a sample B. Y o d. Policy. Thank you for watching that will see you in the next class. 43. The Security vs Ease of Access Paradox: so the major goal off any Sabbath security, professional or any information secrets professional would be to find the white balance between ease of access and security that by ease of access, I'm talking about how easy it is for employees or people in general to be able to access their files. The documents how easy it is for them to walk on the computers. Security obviously refers to how well protected computers are, or how well protected in network is So Here's the thing when you have way too much ease of access. If it becomes very easy for employees to get more done on the computer, yes, efficiency will be improved when you have. When you have too much of that, then security goes down because you should have things like passwords and place on other security checkpoints. When you don't have those and becomes very easy for an employee to walk on the computer, well, guess what. It will also become very easy for a hacker to be able to break in and do some serious damage. But then, when you have lots of security, let's say, for example, and employee before he or she can access the computer, they will have to do a fingerprint scan. Maybe they will have to put in a using them in the past sword. Maybe they might even have to say something so that the system recognizes their voice when you have all the security checkpoints in place. And, yes, the computer, the networks have become very secure. Unfortunately, though, it becomes more difficult for the employees to get work done because imagine on employees who wanted to be able to walk from home. Okay, they may not be able to do that because they need to be physically present at the place of folk, another to get the work, actually inner, to get clearance, to be able to access the files or data that they might need to walk on. So the major corn off too much security is that efficiency is reduced. Ease of access is reduced. So as a seven security professional, if you intend to be one is to try and find the white balance between ease of access and security, so computers and networks are secure, there will secure, but at the same time they're not so secure to the point where it becomes really difficult for employees to be able to get their work done off course. There will be major exceptions, like if the kinds of data the kinds of information the employees are supposed to walk on are extremely sensitive, then, yes, ease of access is not a priority. No one cares about ease of access at that point. It's all about security like. But for most companies, midsize companies, businesses there should be a balance between the ease of access and the security so that employees can get walked on efficiently. But at the same time, the computers and networks are also well protected. So that's the major goal off any Sabbath security, professional or information security professional. 44. The Weakest Link and The Disgruntled Employee: so the weakest link in any security system would be. The individual will be the person of the employee because as a Sabbath secrets professional or someone who is in charge off the information security systems off a company, there is only so much that you can do. You can write out the security policies. You can put out the password, that biometrics of firewalls, all that cool stuff. But if an employee is going to be kill us, there is really little that you can do about that. Imagine an employee who is so killers. They write their password on a piece of paper, and maybe they lose that piece of paper, and that paper gets into the hands off a bad guy. What are you going to do about that? And disgruntled employees in particular, are very, very dangerous. That's kind of one of the reasons why many times at the workplace, whenever a company is going to fire an individual or an employee before they fire the employees, they'll have already made sure that he or she isn't going to have any access to the computers, Um, and that talks anymore so they would have changed all the passwords changed the user name. Or they'll have done everything to ensure that such a president would not be able to access the computer's all the networks after they have been fired because they've been so many stories and so many people who got fired. And the company did not even bother changing the passwords. And these people were able to go back in and cause a lot of damage. So an individual is always the weakest link in any security system, and also obviously the most dangerous Arthur to any secret system would be a disgruntled employee or an employee has been fired, all ready. So these are two things to keep in mind. If you intend on the communist era secret professional and walking in a company. So that's it. Thank you for watching. And of course I will see you in the next class. 45. Cyberwarfare: so welcome to this venue section. We're going to talk about cyber warfare and yes, the age off Cyber weapons and cyber war is here. And in case you didn't know this, we already have. We've already had some attacks against the infrastructure goes off several countries, like Iran and Estonia. So cyberwarfare generally means an attack against the cyber infrastructure off a country. And very often the Attackers in this case would be the government off another country. So it may not necessarily be the government itself performing the attack. It could be that they are behind the scenes, sponsoring and helping those who are actually performing the attack. So we've had quite a few of them that have happened, and we'll talk about a couple of them in this section. So really cyber weapons and Malbin, militarized to become sub weapons, is now a real finnic. People believe that in the future, Well, God forbid, nobody wants wars bit people. People just believe that issued a war that happen in the future. Cyber warfare will play a key will because a country that has very powerful cyber weapons will be able to attack these cyber infrastructure off the country they're fighting against . Because many countries nowadays performing their transactions online, the Internet is now global. We have so many conscious whip people perform their bank intersections online. People communicate on land. We will talk online to get the information online. So one of the key ways how a country would attack another country, the future would be through cyber warfare. They can send out several points to take down the infrastructure off so many countries. And that's all the reasons why. If you live in the United States, you may have heard of the defense, the secretary of defense, talking about how the United States need to take several security very seriously because the power greens, the water systems, supposedly are all online. And it is possible for cyber Attackers from outside us to attack such systems. So welcome to this new sexual once again. And let's take a look at a few examples off cyber warfare that we've had in the past 46. The Attack Against Estonia: So let's talk about the very first major cyberattack that ever happened against a conscious infrastructure. And I'm talking about the attack against Estonia in the year 2000 and six. And before I tell you what the attack was about, let me just give you a hint. And maybe you can already identifying the kind of attack this war's. It basically involves on a lot of traffic from millions of computers all over the world. So I believe you already know the kind of attack this Waas and it was a DDOS attack, a distributed denial of service attack against the Internet infrastructure off Estonia, and it is believed that it was Russia that was behind this attack. So why rusher and what exactly happened? Well, here's the thing. In 2006 I believe it was April or May. I'll have to confirm that people in Estonia could not use the Internet effectively. They were unable to our communicate where the Internet that one able to do banking transactions, they were unable to read the news online. And to compound this problem, Estonia back then was considered to be the most wired country in the world in that the vast majority off. All transactions and Estonia occurred online are more than men to be sent of all banking transactions was don't online people read all the news, get it all the information online and even in politics, lots of the voting was done online. So estimate was all about Internet all and connectivity, WiFi access, things like that. So what happened here was that people suddenly realize that Hey, we can't access this this website. What's happening? I can't log into my account. I can't do any banking transaction. What's happening? So it turns out that Estonia was on the a massive, massive D toast attack. Now the reason why Russia was suspected to be behind such an attack was because a few weeks earlier there had been a lot of controversy in Estonia in talent, talent in the capital of Estonia, now back and the Second World War. After the Russians had driven the Nazi army out of Estonia, the Russian soldiers erected this big statue to commemorates all the Russian soldiers that had died. All right. Unfortunately, though, many Estonians saw that statue as a symbol off oppression because apparently even after the Nazis had been driven out. Russian soldiers stayed to act more as the new oppressors rather than Liberators. So apparently the oppressed, distant and people and, well, that's it. So ah, lot of Estonians felt that this statue, after all these years, is still a symbol of oppression. And we need to get it out off our capital now. Before that was carried out. Before that was done, the Russian government had worn dystonia, saying, Hey, look, if you do this, that there's gonna be precautions is gonna be bad for you. But the Estonian government ignored them, and so they simply remove the statue, and they took it outside off the city. So a few days later up there was a lot off controversy online, especially in the Russian dark Internet chat forms. Lots of people buy out there saying, Hey, this is bad. We need to do something about this. Their students have disrespected us. They don't care that many off our soldiers died trying to liberate them from the Nazis, you know, blah, blah, blah, blah, blah. So there was a public outcry in all this film. Some people said, You know what? We're going to attack a stony. We're going to the former Danel of service attack against them. Now The reason why the Russian government's in particular was now accused of this was because they believe that the Russian government sponsored most of all this cyber Attackers . But of course the government has denied it and no one really knows, because many times like upset earlier d does attacks tend to be countered by activists. So it could be that it was a lot of hacktivists in Russia who failed like, Hey, this is no light. We need to do something against the story. So you could be that without the help of the Russian government, they came together and decided to you attack Estonia's cyber infrastructure. So whether or not the Russian government was involved, no one really knows. So basically the guys in Estonia, once they discover that hey, we can't access our websites. They discovered that so much traffic was coming from countries like Egypt, Vietnam, So they immediately knew that Hey, this has to be a DDOs attack because on a normal day we don't typically get track from from Egypt or Vietnam. Like people in such countries don't really care about what's happening in Estonia, right? So they immediately realized that Okay, it's a DDOS attack. And one of the key steps they had to take two combat against the DDOS attack was that they had to shut off Estonia's Internet infrastructure from the west off the wall. So what happened here was that people living in Estonia they could access websites from Estonia beans in Estonia. However, they could not access websites outside of Estonia and likewise people from the outside audible out of Estonia the they could not access any websites based in Estonia. So basically estimate was cut off from the rest of the world. So that in itself was very, very scary because people for Mr could not inform the outside world off what's happening. So this became one of the very first major cyber attacks against a nation's infrastructure and eventually, of course, their students were able to fight back and were able to take down the boats on the boat nets. But this was this would always go down in history as the very first major cyberattack against in conscious infrastructure. So if you're interested, all hell, I encourage you to do some more reading about this It's a very, very interesting articles online don't give you more information as to what exactly happened and how the Estonian cybersecurity specialists were able to take down the botnets . So that's it for the attack against Estonia. Thank you so much for watching. I will see him the next class. 47. Stuxnet The Attack Against Iran: So now let's talk about what is arguably the most powerful cyber attack against a conscious infrastructure. And I'm talking about the stuxnet attack off the year 2010. No, this attack was directed against Iran. And if you're someone who follows the news, even if it's just a little bit you would know what the tensions between the United States and Israel and Iran it wouldn't have been trying for many years now to enrich their uranium so that they can have a nuclear program. And, of course, the United States and Israel have not like this at all. So because of the nature off the stuxnet attack, people believe that it was the government's off Israel and the United States who launched this attack against you band. So what exactly was stocks? Natural? Stuxnet was a word. It's a warm there was designed specifically to target centrifuges. Now I don't know much about how to an immature annual. I'm not a nuclear science specialist, but I do know that centrifuges play on important wall, in which in Vanya so stocks and was designed specifically to target systems that controlled centrifuges and at the end, off its operation, stocks and it had destroyed about 984 century Fuge is so you can imagine, and it actually brought down Iran's nuclear enrichment capacity by 50%. It brought it down by 50% so stocks and was a very, very sophisticated. It's actually gone down in history as one of the most sophisticated forms of malware ever created. So because off its level off complexity and what it was designed to do, people believe that it will state sponsored, they believe that it was the United States and Israel behind it. So, Struck said. Like I said, it was a warm. It's spread by a USB drive. So someone got stock sent into the USB. They plugged it into one of the computers at the nuclear facility and being a room, it was able to spread itself to all other networks and in the process, it said, attacking systems that controlled all these centrifuges. So you can imagine this being a very powerful several attack. No one had to launch our air strikes against Iran's nuclear facilities. No one had to invade it, man. All they had to do was to invent this particular stocks that warm get it into USB drive, plus the USB hard drive into a computer, and the damage was already done at that point. So stocks. That was a clear reminder off just how powerful cyber weapons can be and how mall way can be militarized to become Sybil weapons. So again, no one has actually proven that it is three United States or Israel behind such an attack. But people believe that is this two countries due to the immigration never nature of the attack and what the attack was meant to do. So, as usual, if you're more interested in reading about this particular topic about this particular attack, I would highly recommend you continue to do some of these such online about it. Now, before I go. I should also mention that stocks nets nowadays has bean we designed by many cyber Attackers. Nowadays, they use most of the code that was designed to develop stuxnet. They've modified a little bit and if now started using stuxnet to attack businesses and companies around the world. So this is all the problems with cyber weapons when you have a very complex form of malware that you believe all the government could sponsor eventually, Once the code for that particular warm or malware gets out, other cyber Attackers and regular cybercriminals would be able to take that cold, modify it and use it to their own advantage. So that's kind of like the downside. One of the major downsides off Sybil Cyber weapons is that it could fall into the hands off cyber criminals who could actually go on to not begin to target innocent people and businesses. So that's pretty much my take on the stuxnet attack off their 2010. Thank you for watching. I will see you the next class. 48. Colonial Pipeline Attack: Let's take a look at the Colonial Pipeline attack which happened April 29th, 2021. And if you live in the US, you most likely would have heard about this particular attack because it really was big news. So what exactly happened? Well, hackers shut down the largest pipeline in the US, which of course led to fuel shortages. Now upon receiving the ransom note, which is of course a constant in any Muslim or attack, pipeline was shut down to avoid for the damage. Now here's the thing. Colonial eventually paid the hacker group called dockside $4.4 million in order for them to regain access to their data. Wow, So what exactly happened? How did it happen, right? Hackers gained entry into the network by making use of a virtual private network account, which allowed employees or one employee in particular to remotely access the company Net walk. In other words, colonial had setup a virtual private network server. They had multiple accounts which they are sensitive, and employees, which would allow these employees to remotely access the network anywhere in the country. Now here's the thing. The account was no longer in use at the time. So it's believed that the employee who was using this account had since left the company. He had gone to another company and maybe she had gone to another company. We don't even know whether this was a man, a woman. Anyways, the accounts password has since been discovered inside a batch of leaked passwords on the dark web. Now how did this password end up on the dark web? Well, it is believed that the employee had used exact same password on n naught a website, had been compromised. That's how the hackers were able to gain access to this password. Now, it is not known how the hackers were able to identify that when a minute this password have gotten, it's actually the password for your VPN account belong into colonial. We don't know how that happened. But here's the thing which gets worse. The account did not use multi-factor authentication, which basically allowed the hackers to look in without any verification. All they had to do was to gain access to the username, which we also don't know how they're able to do so. But they had a password and a logged in as easy as that. So Colonial, they did have backups, which is one of the best ways to combat ransomware attacks. But here's the thing. They did not trust the integrity of the backups because they feared that they had also been compromised during the attack. And that's why they ended up in dockside $4.4 million. So what were the lessons learned in this particular attack? Well, first of all, non-active accounts should be deleted. If you're the IT manager or you work in IT, or whenever any of your employees leaves a company lives, the business accounts need to be terminated instantly. Never use the same passwords for personal and walk related tasks. It is, of course, very, very tempted to have just one single password I use for everything. It's so much easier that way. All you have to just remember this one single password, but it is very, very dangerous. Try as much as possible to at the very least, have one separate password for your personal tasks and then enter the password for your walk who related tasks. Now, two-factor authentication should be implemented at all times. This is standard at this point and why colonial didn't do that? Well, I don't know. And finally, backups should be kept offline. By this, I mean, the backups should not be hooked to a server. It should not be hooked to the Internet. Once you make your backups, stored them in your hard drives, and keep those hard drives in a safe place? It could be in a locker room or whatever in him in a server room. Just make sure that it's backups are not hooked to an event that's on line. If colonial had backups that have been kept offline, they probably will never had. I've had to pay dockside that ransom because then build up in very, very sure about the integrity of the backups. 49. The Sony Pictures Hack: Let's talk about one of the greatest cyber attacks against a company, and I'm talking about the attack against Sony Pictures in the year 2015. And this attack coincided with the release off one of the most controversial movies of the year, which was the interview staring Seth Rogan. So what exactly happened here? Well, on the Monday before Thanksgiving, the Sony Pictures employees who tried to log into the computers while greeted with the graphic off a red skeleton with gone sounds, there were also the words are hacked by GOP and also a threat to release data later that night. If an own specified a request wasn't met so naturally, Sony's 80 staff was brought into play. But before they could pull the plug, the malware which was used in this attack had spread from computer to computer from network to network, and it ended up. It wasn't everything stored in more than 3000 all's computers, and it also affected over 800 off their service to make sure nothing could be recovered. The attack has also attached a very special the little I'll go with them that ended up over right in the data in seven different ways. So not only that the competent lose that data, they could not recover the data in any way as well. So the studio was reduced using things like fax machines, communicating through posted messages using blackboards. And they even had to pay their employees using paper checks to make things even worse before destroying the company's data, the hackers actually stole it. They downloaded all the data. And then over the next three weeks, they ended up dumping all these confidential files and data into public file sharing sites . So they released things like on Finished With Scripts. Our emails between the employees and also more than 47,000 Social Security numbers and even four off only released Sony films were linked to piracy websites for free viewing as well. And finally, the hackers also threatened a sort of a 9 11 style attack against all the theatres who wanted to show the movie the interview. So, really, a week later, after all of the opera and all the threats, the studio was forced to announce that it would make the movie available only through video on demand and on very few are select theaters. So who was responsible for this attack? Well, it's really hard to determine who exactly was behind this attack. But the FBI and the United States government ended up blaming the North Korean government because again, the attack coincided with the release or for the movie, the interview. Now the reason why that particular movie was very controversial is because in the movie Seth Rogan's character and also his friend when was supposed to go to North Korea to try to assassinate the dictator over there. So in the real world, the not correct government did not appreciate such a movie, and they even ended up denying involvement of the attack. But they actually praised the attack, saying it was right shows, and they suggested that it could have been the walk off supporters off the regime. So really, at the end of the day, it is believed that it was hacktivists who are in support off the North Korean regime who actually carried out this attack 50. The Weakest Link and The Disgruntled Employee: so the weakest link in any security system would be. The individual will be the person of the employee because as a Sabbath secrets professional or someone who is in charge off the information security systems off a company, there is only so much that you can do. You can write out the security policies. You can put out the password, that biometrics of firewalls, all that cool stuff. But if an employee is going to be kill us, there is really little that you can do about that. Imagine an employee who is so killers. They write their password on a piece of paper, and maybe they lose that piece of paper, and that paper gets into the hands off a bad guy. What are you going to do about that? And disgruntled employees in particular, are very, very dangerous. That's kind of one of the reasons why many times at the workplace, whenever a company is going to fire an individual or an employee before they fire the employees, they'll have already made sure that he or she isn't going to have any access to the computers, Um, and that talks anymore so they would have changed all the passwords changed the user name. Or they'll have done everything to ensure that such a president would not be able to access the computer's all the networks after they have been fired because they've been so many stories and so many people who got fired. And the company did not even bother changing the passwords. And these people were able to go back in and cause a lot of damage. So an individual is always the weakest link in any security system, and also obviously the most dangerous Arthur to any secret system would be a disgruntled employee or an employee has been fired, all ready. So these are two things to keep in mind. If you intend on the communist era secret professional and walking in a company. So that's it. Thank you for watching. And of course I will see you in the next class. 51. Biggest Myths of Online Security: Let's talk about one of my favorite topics, which is the biggest myths, off information and cyber security. And the biggest myth of them all is the myth off. I'm not rich, I'm not famous. So therefore no one is going to hack me. I have met so many people who believe that they believe that because they're not which because they're not famous or because they don't have the biggest websites, no one is going to think off hacking them. Nothing could be further from the truth and yes, yes, the region famous arm or likely targets. But that does not mean that you who is in the region feminist, he's not gonna get hacked. There are different ways how several criminals can attack you, and there are different kinds of information that they can get from you. So whether it's your past ward, access to email accounts, your social security number or even just making use off your computer as pat off botnets, there are different ways how hackers can get at you. So do not think that because you're not some which celebrity or some famous person or because you don't own Amazon. Therefore, no one is going to hack. You know, cybercriminals and hackers do not discriminate. As long as they can get something from you, they will try to hack you. The second biggest myth out there is the myth off. I have installed this one secret application, so I am fine. I'm safe Lesson. Installing one secret application is just one step that you've taken to protect yourself. There is no one magical application our day or this magical security peel that will solve all your security needs. No, there are different ways how hackers can get at you, and as a result, you need to take several steps to protect yourself. So whether it's not clicking on suspicious links your email, but as the use off first trump passwords to use of anti malware and embarrass. You need to take several steps to protect yourself and your data from hackers come with number three, which is very similar to myth. Number two is the myth off. I have a strong password, so I'm good to go. Yes, having a strong password definitely helps, but it is just the very first step. Strong passwords can be cracked, so therefore, if you can employ multiple factors of authentication, such as the use of about metrics, pin numbers, tokens. Go ahead and employ them. Whenever you have the opportunity to employ more than one authentication method, go ahead and do so. Do not think that because you have a strong password, then you'll find you're perfectly safe. No, the strongest of passwords can be cracked as well. No myth number four is I trust my friends, so they will never send me suspicious links via email. Yes, fine. Your friends are your friends. You trust them. And yes, they probably would never send you any militias links on purpose. However, how can you be certain that this email that you got from your friend, your friend actually send that email? Do not forget that email accounts coming compromised. They can be hijacked. A spammer or someone who wants to attack you with efficient method can hijack your friend's email account and then send you an email using his account. So whenever you receive emails from your friends that seem to be suspicious, you see this link and you're not sure about that link. It's always best to contact your friend. Contact the maxim, Say hey, did you send to this email. But that link, what does that link actually take me to? You might be surprised that your friend might might actually end up tell you that. Hey, I did not send you that email. What? Email? When you're talking About whom? There. You know that your friend's email account has been hijacked. So once again, I'm not asking to get all paranoid about links and all that. But be cautious. Don't think because all this email came from my friend. Therefore, the link attached with that email must be safe. Do not think that way. Number number five is the myth off. I don't visit on safe up sites. So as a result, I don't need a security application. Yes, not visited on safe upsides. Definitely helped to protect you and your data. But how can you be 100% certain that these websites that you think are safe actually safe? How do you know they have not been compromised? So the very biggest upsets in the world have been hijacked and compromised by hackers before. It's kind of like saying, Oh, because I drive safely on the road. Therefore, I am never going to get involved in an accident? No. How can you be certain that people that you drive with on the world, the other drivers out there actually driving safe? You need to think about them as well. So you need to think about you driving safely but also taking steps to ensure that those who aren't driving safely underworld you actually prepared for them. So, in other words, when you're visiting, Webb says that you think you're safe to make sure that you've actually covered your own places, make sure that you're actually protected so that you just don't go blindly and visit a supposedly safe upset that's actually being compromised by hackers now. Myth number. Sex is the myth off. Social networks are safe. I have met a lot of people who have thousands and thousands of friends on social media, such as on Facebook, many of which they don't know personally. They know who these people are that never, ever spoken to them before. They just received a friend request, and then they accept. Listen, if you want to such people, you need to stop fat. It is very, very dangerous. People who steal other people's identities, stock with social media that gets know that targets, they get to know the friends off the target. They get to find out all the personal information about that particular targets, where the personal works with passive lives when facing goes application. So you need to be very, very careful about the cans of people that you add to your social circles. Make sure that these are people that you actually know people that you've met before and people that you can actually truly vouch for before you add them on social media. And the final myth only took about is the myth off. Oh, if my computer gets hacked or infected the small with and I was definitely No, listen, sometimes when you get hacked or you have a mother that's infected your system, you're not going to see a giant screen pop out on the competence of the face. Oh, you've been hacked. Oh, this is a mild affecting your computer system. Take steps to prevent this from happening. No. Sometimes you might get infected, and you may not even know there are different kinds of malware out there that have discussed about, and there are different ways how they actually attack you. You can have some of them just walking quietly behind the scenes, just waiting for the right moment to strike at you. Which is why you need to take steps to protect your computer. Since them any data at all times. So those are basically the biggest several minutes off cybersecurity and information security. If you have any other myths that you wanna talk about that you know off. Please feel free to share them. Thank you so much for watching the video. And as always, I will see you the next class. 53. Cyber Security Conclusion: Well, congratulations. You've come to the end off this beginner's course on cybersecurity and actually hope that you've enjoyed taking this course. No longer would you look posing whenever people talk about DDOS attacks or encryption or firewalls. Now, you know, exactly Waters terms me. Now, if you enjoyed this course and you feel like you want to learn more about cyber security, I have good news for you because I have three more savage security courses here on skill ship. Now, the very 1st 1 s titled The Absolute Beginners Getting Cybersecurity Part two. And it's actually the direct sequel to this beginner's course that you've just taken in part two. You're gonna learn practical skills, how you can walk with VPN taken work with talk. I'm gonna show you how you can encrypt your hard drive. You can back up your hard drive and so much more. So if you're looking for a very practical course on cybersecurity for beginners, part two is gonna be ideal for you. Now, in part three, I am going to introduce to you savage security for mobile devices. Now you know fully well there'll be alot used mobile phones to check. I e mails shop in. Basically, we do a lot of things using our mobile phones. So if you wanna learn how you can protect your mobile device against hackers and malware, part three is for you. And finally, I do have a very special course on statin and go in your career as a cybersecurity professional. So if you're someone looking to become a cyber security analyst or you like to start a car via in cybersecurity, I do have a course that acts as a guide for you. That horse is titled Stat and go your career As a security analyst, be sure to check out the links here on sculpture. I have a little before you. So once again, thank you so much for being a student of mine. If you enjoyed the course, don't forget to leave your review. My name is Alex has been a blast section of this course and I hope to see you in another one of my courses. Cheers. Thank you.