Module 1

What is cyber security and why should we care about it?

Software is literally everywhere. Initially software resided on mainframes and only few people were in contact with it. Somewhat later the personal computer was invented and thanks to its popularity, software moved to our homes. (That said, in the home software was still restricted and an attacker would need physical access to the target.)

One day the Internet spawned and began globally connecting personal computers. The Internet is incredibly useful to non-attackers but it made things easier for attackers as they no longer needed to physically visit targets. The evolution of computers kept rolling on and one day we were introduced to cellular phones and eventually smart phones, which are basically small scale computers with wireless connectivity.

Currently we are on the brink of Internet of things, which promises to connect every device to the Internet. For example, we have smart TVs, smart locks, smart cars, and smart toasters. The software ranges from large, such as the operating system, to small, such as the USB driver.

There is going to be an explosion in the number of devices needing software. It has been said that by the year 2020 there will be 50 billion connections and devices. This poses a growing need for code and software developers, who will have great pressure to write both functional and secure code in a limited timeframe. Developers may face unrealistic time pressure to rush code to production.

In addition to the growing need for more code, the code base has gotten more complex. Every machine is connected and larger systems are now distributed. Different parts of the systems may be developed by different vendors, but need to interoperate. Moreover, most current systems are based on software frameworks which enlarge the code footprint of even small applications, and/or are extensible with/via plugins and addons.

Combining the connectivity, complexity, and extensibility of the software, we get a comfortably-sized attack surface for the attacker. It is perhaps not surprising, therefore, that the number of vulnerabilities in software has steadily risen over the years. Vulnerabilities and their statistics can be queried from the National Vulnerability Database and from the Common Vulnerability and Exposure database (NVD statistics query page and CVE).

For the attackers the attacking will stay easier than defending as long as the attacker can attack anywhere and the latter have to defend everywhere. With a successful security analysis, however, many of the obvious vulnerabilities — in other words, the low hanging fruit — can be found. This doesn't necessarily make a system totally secure, but rather that it makes the system able to withstand attack attempts by unskilled attackers, automated attacks.

The world is changing and cyber security is a rapidly-growing global issue. Adversaries come in many shapes and sizes, ranging from script kiddies to foreign governments to organized crime. Regardless of the adversary, all have easy access to very sophisticated and powerful technologies. Moreover, some attacks are so sneaky that they become evident only after the attack has happened.

Attacks can result in much mayhem and harm with significant monetary losses, but the business impact of a security breach can be difficult to tell. This is an area where it is hard to reach definitive and representative figures or findings. At least one study, however, from Oxford Economics, provides a set of findings based on surveys and case studies. Those findings show that cyber attacks do indeed result in major business impact on victims.

:
Loading interface...
:
Loading interface...

Login to view the exercise

The job of a vulnerability researcher is to come up with recommendations for minimizing the risk to an organization. The tasks of protecting enterprise systems and data include establishing policies, practices and tools that lower the risk of illicit behaviour. The technical security assessments performed by vulnerability researchers include the identification of vulnerabilities, misconfigurations, and weaknesses.

:
Loading interface...
:
Loading interface...

Login to view the exercise

You have reached the end of this section! Continue to the next section:

Remember to check your points from the ball on the bottom-right corner of the material!