The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
Discover the best professional documents and content resources in AnyFlip Document Base.
Search
Published by Enhelion, 2019-12-02 15:13:04

Mod 1 (Part I)

Mod 1 (Part I)

MODULE 1 - ETHICAL HACKING

The world is winding up to be increasingly more digitalized. This also implies that data or
information need to be secured along with the computer networks and other critical infrastructure.
By this course you will gather knowledge regarding hacking. One should know about what hacking
is and the various types of hackers that are present in the world. Let’s start with knowing about the
concept of hacking.

Hacking is the craft of discovering flaws in digital assets and abusing those flaws to steal sensitive
information, records or systems. Hackers are typically talented hackers who have great knowledge
of the security domain, and who exploit vulnerabilities for their personal advantage. Hackers are
grouped by the method of their working. The accompanying rundown orders hackers as indicated
by their intension.

1. White Hat hackers: these are hackers who hack into systems in order to help an
organisation improve its security posture. They perform security testing for specific
organizations by lawful methods.

2. Black Hat hackers: hackers who hack into computer networks and systems to perform
malicious activities or for other personal gains. Their purpose is as a rule to steal
corporate information, abuse privacy rights, steal money and so on.

3. Grey Hat hackers: hackers who fall in the middle of white and black hat hackers.
These people hack into networks and systems without the permission of the owners,
but they do so just to inform the owners of the weaknesses present in their IT assets.

4. Script Kiddies: these are hackers who use pre-made tools to hack into networks and
do not possess any computer skills of their own. These hackers are uninformed about
the reason and consequences of utilising those tools.

5. Hacktivist: these are hackers who have political or individual intensions behind their
hacking activities. They usually try to send a political, social or religious message out
by hacking into a target’s systems.

6. Phreaker: a hacker who discovers and misuses vulnerabilities in phones rather than
computer systems.

7. State Sponsored: these are hackers who are upheld by governments and who perform
hacking activities according to the government’s orders. Various nations purportedly

have multitudes of hacker groups who perform various cyber-attacks on several
different organisations.
8. Corporate Sponsored: these are hackers who are enlisted to hack into the networks of
an organisation’s competitors and steal sensitive information, such as proprietary
recipes for a certain food product, etc. They are given money by the enlisting company
or a person working as a middleman between the two parties for performing their
activities.
9. Cyber Terrorists: these hackers create fear among the society by hacking into
networks and systems of various institutions. They are ideologically or religiously
propelled to perform malicious activities.

Let’s now learn about ethical hacking and why is called so. Ethical hacking involves finding
vulnerabilities present in computer networks and the various IT assets attached to it by performing
the same activities as cyber-criminals perform. Since hacking can involve numerous
disadvantages, all these aspects should be given lawful protection. Hacking as well as pretty much
every other type of crime may have no less than one connection to technology in light of the fact
that the world is by and large increasingly becoming more digitalized.

To comprehend the significance of cyber laws we need to recognize what cybercrime is and the
sorts of cybercrime that exist in the world. A cybercrime is an activity that involves the utilization
of computers and networks to perform illicit tasks, for example, spreading malware, cyberbullying,
performing online money transfers without the owner knowing about it, and so forth. Below are
discussed the different sorts of cybercrime:

1. Online Identity Theft: this type of crime usually occurs when somebody steals a
victim’s personal data, such as Aadhaar card information, bank account information,
or credit card data, through online techniques. This can be accomplished in various
ways, for example, phishing, using malware and various other types of hacking
activities. It can cause significant losses to the victims, such as financial loss, reputation
loss, etc.

2. Hacking: it is gaining unapproved access to another person's gadgets or networks.
Hacking isn't unlawful, it's an expertise that people have. When this skill is utilized for
nefarious activities it leads to cybercrime.

3. Online scam: in this type of cybercrime the main motive of an attacker is to steal
money from the victims. They use fake accounts, fake identities and other malicious
methods to achieve this task. An example of an online scam could be a user buying an
online service from a fake website that is setup by an attacker. The unsuspecting user
would buy that service either thinking that it is cheaper on that website or for any other
reason, and the attacker would get the payment from the victim and transfer the money
into their own bank account. Obviously, the attacker does not provide the online service
to the victim and gets away with their money.

4. Cyber stalking: it is the utilisation of the web, different online stages or other
electronic gadgets to blackmail or badger individuals. Cyber stalking may raise
physical savagery, assault or loss of life.

5. Ransomware attacks: this type of cybercrime involves the injection of a specific type
of malware that cyber-criminals use to block their victim from accessing their computer
systems or the files and folders stored on those systems. Attackers request huge amount
of money from the victims and unless the assailant’s requests are satisfied the victims
don’t get back access to their files or computer. However, regardless of whether the
victims pay to get back access their own data, it is not necessary that the victims will
surely gain access to their information.

To maintain a strategic distance from every single such kind of cybercrime there should be some
law. To protect ourselves from cybercrime, we require standards and guidelines. Every nation has
different types of cyber laws to protect themselves from cybercrimes. However, essential purpose
of having cyber law is to secure individuals, companies and IT assets from cyber-attacks, and on
the off chance that they become victims of a cyber-attack, they can request for justice.


Click to View FlipBook Version