Weekly Report

Name of student: Dasmita Arjun Gowari

Name of Industry:

Name of mentor:
Week1 - From (04/06/2024) To (10/06/2024)

What are Cybersecurity Threats?

Cybersecurity threats are acts performed by individuals with harmful

intent, whose goal is to steal data, cause damage to or disrupt computing
systems. Common categories of cyber threats include malware, social
engineering, man in the middle (MitM) attacks, denial of service (DoS),
and injection attacks.

Types of Threats:

1. Cyber Threats:
o Malware: Software designed to cause damage (e.g., viruses, ransomware).
o Phishing: Deceptive attempts to obtain sensitive information.
o Denial of Service (DoS): Attacks aimed at making systems unavailable.
o Hacking: Unauthorized access to systems and data.
2. Physical Threats:
o Theft: Stealing physical assets like hardware or documents.
o Vandalism: Intentional damage to property.
o Natural Disasters: Earthquakes, floods, and other events causing physical
damage.
3. Insider Threats:
o Malicious Insiders: Employees or contractors intentionally causing harm.
o Unintentional Insiders: Employees inadvertently causing security breaches
through mistakes or negligence.
4. Environmental Threats:
o Climate Change: Long-term changes affecting business operations.
o Resource Depletion: Shortages of essential resources like water and energy.
5. Operational Threats:
o Supply Chain Attacks: Compromising through third-party suppliers.
o Process Failures: Inefficiencies or breakdowns in operational processes.
6. Strategic Threats:
o Market Shifts: Changes in market conditions that could negatively impact
business.
o Regulatory Changes: New laws or regulations affecting operations.
 Types of Attacks :

1.Malware Attack

 Viruses: Programs that replicate by attaching to other programs.

 Worms: Self-replicating programs that spread independently.
 Trojans: Malicious software disguised as legitimate software.
 Ransomware: Encrypts data and demands a ransom for decryption.
 Spyware: Gathers information from a computer without user knowledge.
 Adware: Displays unwanted advertisements, often bundled with spyware.

2.Phishing and Social Engineering Attacks

 Phishing: Fraudulent attempts to obtain sensitive information by disguising as a

trustworthy entity.
 Spear Phishing: Targeted phishing attacks at specific individuals or organizations.
 Whaling: Phishing attacks targeting high-profile individuals like executives.
 Vishing: Voice phishing using phone calls to obtain information.
 Pretexting: Creating a fabricated scenario to steal information.

3.Denial of Service (DoS) and Distributed Denial of Service (DDoS)

 DoS Attacks: Overloading a system with requests to make it unavailable.

 DDoS Attacks: Using multiple systems to launch a large-scale attack on a target.

4.Man-in-the-Middle (MitM) Attacks

 Eavesdropping: Intercepting communication between two parties.

 Session Hijacking: Taking over a user session to gain unauthorized access.
 SSL Stripping: Downgrading a secure connection to an unencrypted one.

5.SQL Injection Attacks

 Classic SQL Injection: Inserting malicious SQL queries via input fields to manipulate
databases.
 Blind SQL Injection: Extracting data by sending payloads and observing the responses.

6.Supply Chain Attacks

 Third-Party Exploits: Targeting suppliers or partners to compromise a primary

target.

7. Advanced Persistent Threats (APTs)

 Long-term Targeted Attacks: Sustained, stealthy attacks aimed at specific targets,

often involving multiple phases and sophisticated techniques.
8. Credential Attacks

 Brute Force: Trying all possible combinations to crack passwords.

 Credential Stuffing: Using stolen username/password combinations from one breach
to access other accounts.
 Keyloggers: Recording keystrokes to capture login credentials.

9. Insider Attacks

 Malicious Insiders: Employees or contractors who intentionally cause harm.

 Accidental Insiders: Employees who unintentionally cause security breaches through
negligence or mistakes.

10. IoT Attacks

 Device Hijacking: Taking control of IoT devices to use them for malicious purposes.
 Botnets: Networks of compromised IoT devices used for large-scale attacks like
DDoS.

What is Hacking?

Hacking is the activity of identifying weaknesses in a computer system or a network to

exploit the security to gain access to personal data or business data. An example of computer
hacking can be: using a password cracking algorithm to gain access to a computer system.

Types of Hacking:

1. Ethical Hacking (White Hat)

o Purpose: Identifying and fixing security vulnerabilities to improve system
security.
o Practitioners: Security professionals hired by organizations to perform
penetration testing and vulnerability assessments.
2. Malicious Hacking (Black Hat)
o Purpose: Gaining unauthorized access to systems for malicious purposes such
as theft, disruption, or destruction.
o Practitioners: Criminal hackers who exploit vulnerabilities for personal gain,
revenge, or other harmful motives.
3. Gray Hat Hacking
o Purpose: Finding and exploiting vulnerabilities without malicious intent but
without permission from the target.
o Practitioners: Hackers who may reveal vulnerabilities publicly or report them
to the organization after exploiting them.
There are five Hacking phases:
 Reconnaissance
 Scanning
 Gaining Access
 Maintaining Access
 Clearing Tracks

1. Phase 1: Reconnaissance

This is the first phase of ethical hacking, where hackers actively

accumulate a bunch of important information about the target system.
This includes identifying IP addresses, domain particulars, network
services and potential entry points. Reconnaissance works in two forms:

 Passive: A process of gathering data without interacting with the

target directly.
 Active: A method where direct engagement with the system is
employed to collect intelligence.

2. Phase 2: Scanning

In the scanning phase, ethical hackers actively employ an array of tools to

scrutinise the target’s networks and systems for vulnerabilities. They
utilise automated instruments specifically to identify open ports, live
systems, as well as services operational on servers. This evaluation
enables ethical hackers to gain insights into the overall security stance of
the target infrastructure.

Ethical hacking methodology states that the scanning phase contains

different types of networking scanning practices, which you can find in
our quick guide to network scanning!

3. Phase 3: Gaining Access

Engaging in this critical phase of ethical hacking requires the exploitation

of identified vulnerabilities for unauthorised systems or network access.
Simply put, in this phase of hacking, ethical hackers attempt to trespass
on target infrastructures and attempt to exploit the system, using
methods usually followed by black hat hackers.

Methods may range from SQL injection to cross-site scripting and other
techniques. An ethical hacker’s objective is to understand the potential
damage a malicious hacker could inflict by exploiting such a vulnerability.

4. Phase 4: Maintaining Access

After gaining access, the ethical hacker crucially secures a backdoor into
the system to maintain this entrance. Understanding how attackers
persist within a compromised system hinges on this step. This phase also
aids penetration testers in assessing vulnerabilities and developing
strategies for mitigating such risks across organisations.

5. Phase 5: Covering Tracks

In the final phase, the ethical hacker meticulously covers their tracks to
evade security system detection without leaving any evidence of the
hacking process. Understanding potential methods that attackers may
employ to avoid detection is crucial during this stage. This process aids in
enhancing a target system’s capabilities for identifying intrusions.

What is Ethical Hacking?

Ethical Hacking is identifying weakness in computer systems and/or computer

networks and coming with countermeasures that protect the weaknesses. Ethical
hackers must abide by the following rules.

Key Concepts:

1. Authorization:
o Ethical hackers must have explicit permission from the system owner to
perform hacking activities. This authorization distinguishes ethical hacking
from illegal hacking.

2. Legitimacy:
o Ethical hacking is conducted in a lawful and legitimate manner, following a
code of conduct and ethical guidelines.

3. Scope Definition:
o Ethical hacking activities are confined to the defined scope set by the system
owner. This includes specifying which systems, networks, and applications
are to be tested.

4. Confidentiality:
o Ethical hackers must maintain the confidentiality of any sensitive information
they access during their activities. This includes not disclosing vulnerabilities
to unauthorized parties.

5. Reporting:
o Ethical hackers provide detailed reports on their findings, including identified
vulnerabilities, potential impacts, and recommendations for remediation.

6. Non-disruption:
o Ethical hackers aim to minimize disruption to systems and services while
conducting their tests.

Scope of Ethical Hacking:

 Network Security:

 Penetration Testing: Simulating attacks on network infrastructure.

 Vulnerability Scanning: Automated checks for known vulnerabilities.
 Wireless Security: Assessing Wi-Fi network defenses.

 Application Security:

 Web Applications: Testing for issues like SQL injection and XSS.
 Mobile Applications: Securing apps on platforms like iOS and Android.
 API Security: Ensuring secure API interactions.

 System Security:

 Operating Systems: Identifying configuration and operational vulnerabilities.

 Endpoints: Securing devices like desktops, laptops, and mobile devices.

 Physical Security:

 Social Engineering: Testing human susceptibility to deception.

 Physical Penetration: Assessing security of physical premises.

 Cloud Security:

 Infrastructure Testing: Evaluating cloud services and configurations.

 Configuration Review: Ensuring secure setup of cloud resources.

 IoT Security:

 Device Testing: Securing Internet of Things devices.

 Network Integration: Ensuring IoT devices are securely connected.