Advanced Cyber Security:

Techniques & Concepts

– Comp Sci 7308

Introduction & Overview

Why get into Cybersecurity?
1. There is demand
• Increased reliance on digital
• Systems/people are complex and remain vulnerable (opportunity)
• Cybercrime remains profitable and low risk (attribution and prosecution are
hard)

2. The jobs pay well

3. It’s interesting, challenging, exciting and FUN … mostly

9
Why does Cybercrime Exist?
12

Motivation

• Profit$$$$
• Political
• Fun and fame
• Bragging rights

Opportunity
Ability
• Heavy dependence
on IT • Free tools readily
• Insecure software available
• Trusting people • Google anything
• Irrational people
• Tor markets
• Everything is
interconnected
Motivation Ability Opportunity
Threat Actors Exploits Vulnerabilities

• Organised crime • Hacking tools • Trusting humans

• Hacktivist • Social engineering • Vulnerable software
• Industrial spies • Malware • Misconfigured systems
• Nation state • etc • etc
• Hobbyist

Risk = Likelihood x Impact of Threats Exploiting Vulnerabilities 13

“Celebrity” Vulnerabilities

Heartbleed (2014)
2017
Shellshock (2014)

2022
2015

Ghost (2015)

2018

2019 20
Bad guys are winning.
Why?

1. Asymmetric Forces

2. Insecure Software

3. Humans Remain Vulnerable

28
Asymmetric Forces at Play
Good Guys (you) Bad Guys (them)

Time Limited (it’s your day job) Unconstrained

Money Limited Nation states or big crim groups can

provide $$

Laws and Regulations Must abide by laws and Happy to break any laws…
regulations

Success Factor Must prevent every incident all Only need to find one weakness and
the time successfully exploit it.

30
Insecure Software

https://blog.eset.ie/2018/02/05/vulnerabilities-reached-a-historic-peak-in-2017/
31
To Err is Human

“If you think technology can solve

your security problems, then you
don't understand the problems and
you don't understand the
technology.”

Bruce Schneier, Secrets & Lies

32
Common Definitions of Hacking
Def: Hack /hak/ (noun) –
1. A clever, unintended exploitation of a system which: a)subverts
the rules or norms of that system, b) at the expense of some
part of that system.
2. Something that a system allows, but that is unintended and
unanticipated by its designers
Bruce Schneier, The Coming AI Hackers, 2022

“Hacking is an attempt to exploit a computer system or a private network

inside a computer. Simply put, it is the unauthorised access to or control over
computer network security systems for some illicit purpose.”
The Economic Times
https://economictimes.indiatimes.com/definition/hacking
35
What is Hacking?

To Hack (verb) Require

“Use of a device in a creating and often Lateral thinking
unintended way to achieve unexpected or and creativity
interesting results”

Hacker

Someone who is very skilled at hacking Advanced

computers and programs computer skills

36
Different Hats

Black Hat Hacker = Crackers / Criminals

Engages in illegal activities for personal gains

White Hat Hacker = “Ethical” Hackers

Stays within the limit of the laws to fight cybercrime

Grey Hat Hacker = Somewhere in between

Engages in illegal activities, but not with
malicious intent

37
VERY Broad knowledge
Operating Systems Programming Languages
Hacker Methods
TCP/IP Networking CPU Architecture
Security Tools
Cryptography Computer Hardware

Security Standards
Information Security Management
Software Development
Risk Management
Security Engineering/Architecture
Auditing
Laws and Regulations
Algorithms
Behavioural Psychology Identity and Access Management
39
Lateral Thinking

Box of tacks, matches, a candle

Affix the candle to the wall and light it, but don’t let any wax drip on floor
41
Autodidactic

http://sandeepspeaksnowhere.blogspot.jp/2013/03/autodidactism-or-unconventional-life.html
42
Communication Skills

Technical

Communication

Love
Motivation
Learning

43
Exit Jobs
C{T,D,I}O
Cybersecurity Jobs
Journalist Senior Software
Security
Security Engineer
CISO Architect Security
Researcher

Security Digital
Engineer Forensics
Risk
Specialist
Manager
Less Technical

Security

More Technical
Infosec Penetration
Consultant Tester
Manager

Security
Analyst

IT Auditor

Feeder Jobs
SOC
Analyst Server Admin
Network Admin

Junior Developer
45
Cybersecurity Jobs
Senior Software
Security
Security Engineer
CISO
Architect Security
Researcher
Security Digital
Engineer Forensics
Risk Specialist
Manager
Less Technical

More Technical
Infosec Security Penetration
Manager Consultant Tester

Incident
Analyst /
Responder
IT Auditor

Feeder Jobs
SOC
Analyst Server Admin
Network Admin

Junior Developer
46
Cybersecurity Jobs
Senior Software
Security
Engineer
Security
Security Researcher
CISO Architect
Security Digital
Engineer Forensics
Specialist
Risk
Less Technical

Manager

More Technical
Infosec Security Penetration
Manager Consultant Tester

Incident
Analyst /
Responder
IT Auditor

Feeder Jobs
SOC
Analyst Server Admin
Network Admin

Junior CS3308 Developer

47
See Also
http://cyberseek.org/pathway.html

…but not complete, accurate or up-to-date

48
Security Certifications
Architect
Manager Advanced
SABSA OSCE
SABSA Offsec
GSLC CISSP C|CSA CREST CRT
GIAC (ISC)2
EC-Council CREST

CASP OSCP
CompTIA
C|EH Offsec
Less Technical

EC-Council

More Technical
Pentester
ISACA
SSCP GPEN
(ISC)2 GIAC

Analyst

ISACA

CSIA+ GSEC
CompTIA GIAC
Auditor

Beginner 48
https://pauljerimy.com/security-certification-roadmap/
50
Security Certifications
• (ISC)2
• CISSP
• SANS/GIAC
• GSEC, GPEN, + LOTS
• EC-Council
• CEH, ECSS , + LOTS
• Offensive Security
• OSCP, OSCE
• CREST
• CompTIA
• SABSA Foundation

51
Career Advice
1. Define your path early and make a plan.
2. Set milestones to ensure focus on your plan.
3. Assess progress annually and perform gap
assessment.
4. Fill gaps through training and certifications.
5. Find a mentor to catch up on a regular basis.
6. Stay motivated and keep learning!

53
Cyber Security IS getting better
• Better defaults
• Vendors focussed on security
o Bug bounties
o Security teams
o Security part of development process
• Better detection
o Dwell time (400 days → 24 days)
• Better awareness/training
• Better processes and procedures
• Better preventative controls
.. but so are the bad guys
• Hacker organisations
o Organised
o Communicating
o Highly coordinated
• Free/ OS tools
• Wealth of information available
• Crypto-currency
• Exploit kits / Hacking as a service / Specialisations
Important Trend…

• Organisations are becoming more distributed & decentralised.

• Hybrid work model (WFH, Remote work, etc)

• Cloud /SaaS usage
• Interconnected B2B (supply chains)
• Increased digital processes (more to manage)
Other Trends & Issues
• Skills shortage + tool complexity
• DevSecOps
• MFA (Multi-Factor Authentication) common
• IOT (Internet-Of-Things) still problematic
• Increased regulation
• 5G (10Gbps)
• Ransomware is our most prevalent threat
• Phishing is our most prevalent attack vector
• New…
o Identity attacks
o Supply chain attacks (i.e. Solarwinds)
Lecture 0x01 - Summary
1. The world is still full of dangerous cybercriminals and they are winning
2. We need good cyber security talent (and software developers who
can write secure code…)
3. Cybersecurity is a great career option
4. Hackers wear different coloured hats
5. Cyber has many areas of specialisations
6. Start learning early, plan your career and certifications now

Never hack without written

permission
60