ADMAS UNIVERSITY

DPT. COMPUTER SCIENCE

COURSE. SELECTED TOPICS

CYBERSECURITY

GROUP ASSIGNMENT
NAME OF STUDENT GROUP MEMBER ID NO

Kindeye Mebre 1038/21

Gizachew Atalay 0629/21

Seble Tadele 1469/21

SUBMITTED TO Mr Kebrom
 SUBMISSION DATE

CYBER SECURITY
Introduction
The introduction to cybersecurity should broadly cover these
points, adapting the specifics to your target audience and
context:
• The increasing reliance on technology: Start by highlighting
our ever-growing dependence on interconnected digital
systems in all aspects of life – personal, business, government,
and infrastructure. This sets the stage for the importance of
cybersecurity.
• The nature of cyber threats: Briefly describe the types of
threats that exist, such as malware, phishing, denial-of-service
attacks, data breaches, and insider threats. This establishes the
problem cybersecurity aims to solve. Avoid getting too
technical here; keep it high-level.
• The impact of cyberattacks: Discuss the potential
consequences of successful cyberattacks, including financial
losses, reputational damage, legal repercussions, operational
disruption, and even physical harm. This emphasizes the
severity of the issue.
• The role of cybersecurity: Explain that cybersecurity is a
multifaceted field dedicated to protecting digital assets and
systems from these threats. It's not just about technology but
also about policies, procedures, and human awareness.
• Overview of key concepts (optional): Depending on the length
and target audience, you might briefly mention core concepts
like the CIA triad (Confidentiality, Integrity, Availability), risk
management, and different types of security controls
(technical, administrative, physical).
• Thesis statement (optional): If it's a formal paper or
presentation, end the introduction with a clear thesis
statement outlining the main focus or argument of your
discussion on cybersecurity.

What is Cyber Security

Cybersecurity is the practice of protecting computer

systems, networks, and data from unauthorized access,
use, disclosure, disruption, modification, or destruction.
It involves a wide range of technologies, processes, and
practices designed to mitigate or eliminate the risks
associated with the use of computer systems and
networks. The goal of cybersecurity is to ensure
confidentiality, integrity, and availability (CIA triad) of
information and systems.
Cyber security refers to every aspect of protecting an
organization and its employees and assets against cyber
threats. As cyberattacks become more common and
sophisticated and corporate networks grow more
complex, a variety of cyber security solutions are
required to mitigate corporate cyber risk.

Elements of Cybersecurity
1. Application Security:
Application security is the principal key component of
cyber security which adds security highlights inside
applications during the improvement time frame to
defend against cyberattacks. It shields sites and online
applications from various sorts of cyber security dangers
which exploit weaknesses in source code. Application
security is tied in with keeping software applications
away from dangers. The general focus of application
security is on cloud service-based organizations.

vuinerabilities(ተጎጅነት)
Vulnerabilities of Application: Denial-of-service (DoS) and
Distributed denial-of-service(DDoS) attacks are used by
some isolated attackers to flood a designated server or
the framework that upholds it with different sorts of
traffic. This traffic in the end keeps real users from
getting to the server, making it shut down. A strategy
called SQL injection (SQLi) is used by hackers to take
advantage of database flaws. These hackers, specifically,
can uncover user personalities and passwords and can
also create, modify and delete data without taking
permission of the user

threats (ስጋት)
Cyber threats can originate from a variety of sources, from
hostile nation states and terrorist groups, to individual hackers,
to trusted individuals like employees or contractors, who abuse
their privileges to perform malicious acts.
An Attacker is person, group or entity that attempts to access,
extract, insert, reveal, influence, delete, or disclose another
party’s data without prior authorization or permission.

Attackers
target individual users and organizations including online
services, platforms, enterprises and governments. Often, an
attacker may not be detected until there unauthorized activity
is well underway and the damage done.

2. Information Security:
Information Security is the component of cyber security that
denotes the methods for defending unapproved access, use,
revelation, interruption, modification, or deletion of
information. The protection of the companies data, code, and
information that is collected by the company from their clients
and users is protected by Information security. The primary
standards and principles of Information security are
Confidentiality, Integrity, and Availability. Together it is called
as CIA.

Cia traind
Confidentiality:
The protection of information of authorized clients which
allows them to access sensitive information is known as
Confidentiality. For example, assuming we say X has a password
for my Facebook account yet somebody saw while X was doing
a login into the Facebook account. All things considered, my
password has been compromised and Confidentiality has been
penetrated.

Integrity:
The maintaining of consistency, accuracy, and completeness of
the information is known as Integrity. Information cannot be
modified in an unapproved way. For example, in an information
break that compromises the integrity, a programmer might
hold onto information and adjust it prior to sending it on to the
planned beneficiary. Some security controls intended to keep
up with the integrity of information include Encryption,
Controls of Client access, Records Control, Reinforcement,
recovery methodology, and Detecting the error.

Availability:
The information which can be accessed any time whenever
authorized users want. There are primarily two dangers to the
accessibility of the system which are as per the following:
Denial of Service
Loss of Data Processing Capabilities

3. Network Security
: Network security is the security given to a network from
unapproved access and dangers. It is the obligation of network
heads to embrace preventive measures to safeguard their
networks from potential security dangers. Network security is
one more element of IT security which is a method of
defending and preventing unapproved access into computer
networks.

Network Security Strategies: There are numerous strategies to

further develop network security and the most well-known
network security parts are as per following: Firewalls, Antivirus,
Email Security, Web Security, Wireless Security.
Network Security Software: There are different types of tools
that can shield a computer network like Network firewall, Cloud
application firewall, Web application firewall, etc.

4. Disaster Recovery Planning/Business

Continuity Planning:
The planning that describes the continuity of work in a fast and
efficient way after a disaster is known as Disaster Recovery
Planning or Business Continuity Planning. A disaster recovery
technique should begin at the business level and figure out
which applications are generally vital to run the activities of the
association. Business continuity planning (BCP) is tied in with
being ready for cyber danger by distinguishing dangers to the
association on schedule and examining how activities might be
impacted and how to conquer that.

5. Operational Security:
The process that encourages the managers to see the activities
according to the viewpoint of a hacker to protect sensitive data
from various threats is known as Operational Security (OPSEC)n
or Procedural security. Operations security (OPSEC) is utilized to
defend the functions of an association. It tracks basic data and
resources to distinguish weaknesses that exist in the useful
technique.

6. End User Education

: End-user training is most the significant element of computer
security. End users are turning into the biggest security threat
in any association since it can happen whenever. One of the
primary errors that lead to information breaks is human
mistakes. An association should prepare its workers about
cybersecurity. Each representative should know about phishing
attacks through messages and interfaces and can possibly
manage cyber dangers

Types of Cybersecurity

1. Network Security

Most attacks occur over the network, and network security

solutions are designed to identify and block these attacks.
These solutions include data and access controls such as Data
Loss Prevention (DLP), IAM (Identity Access Management), NAC
(Network Access Control), and NGFW (Next-Generation
Firewall) application controls to enforce safe web use policies.

Advanced and multi-layered network threat prevention

technologies include IPS (Intrusion Prevention System), NGAV
(Next-Gen Antivirus), Sandboxing, and CDR (Content Disarm
and Reconstruction). Also important are network analytics,
threat hunting, and automated SOAR (Security Orchestration
and Response) technologies.

2. Cloud Security

As organizations increasingly adopt cloud computing, securing

the cloud becomes a major priority. A cloud security strategy
includes cyber security solutions, controls, policies, and services
that help to protect an organization’s entire cloud deployment
(applications, data, infrastructure, etc.) against attack.
While many cloud providers offer security solutions, these are
often inadequate to the task of achieving enterprise-grade
security in the cloud. Supplementary third-party solutions are
necessary to protect against data breaches and targeted attacks
in cloud environments.

3. Endpoint Security

The zero-trust security model prescribes creating micro-

segments around data wherever it may be. One way to do that
with a mobile workforce is using endpoint security. With
endpoint security, companies can secure end-user devices such
as desktops and laptops with data and network security
controls, advanced threat prevention such as anti-phishing and
anti-ransomware, and technologies that provide forensics such
as endpoint detection and response (EDR) solutions.

4. Mobile Security

Often overlooked, mobile devices such as tablets and

smartphones have access to corporate data, exposing
businesses to threats from malicious apps, zero-day, phishing,
and IM (Instant Messaging) attacks. Mobile security prevents
these attacks and secures the operating systems and devices
from rooting and jailbreaking. When included with an MDM
(Mobile Device Management) solution, this enables enterprises
to ensure only compliant mobile devices have access to
corporate assets.

5. IoT Security
While using Internet of Things (IoT) devices certainly delivers
productivity benefits, it also exposes organizations to new
cyber threats. Threat actors seek out vulnerable devices
inadvertently connected to the Internet for nefarious uses such
as a pathway into a corporate network or for another bot in a
global bot network.

IoT security protects these devices with discovery and

classification of the connected devices, auto-segmentation to
control network activities, and using IPS as a virtual patch to
prevent exploits against vulnerable IoT devices. In some cases,
the firmware of the device can also be augmented with small
agents to prevent exploits and runtime attacks.

6. Application Security

Web applications, like anything else directly connected to the

Internet, are targets for threat actors. Since 2007, OWASP has
tracked the top 10 threats to critical web application security
flaws such as injection, broken authentication,
misconfiguration, and cross-site scripting to name a few.
With application security, the OWASP Top 10 attacks can be
stopped. Application security also prevents bot attacks and
stops any malicious interaction with applications and APIs. With
continuous learning, apps will remain protected even as
DevOps releases new content.

7. Zero Trust

The traditional security model is perimeter-focused, building

walls around an organization’s valuable assets like a castle.
However, this approach has several issues, such as the potential
for insider threats and the rapid dissolution of the network
perimeter.

As corporate assets move off-premises as part of cloud

adoption and remote work, a new approach to security is
needed. Zero trust takes a more granular approach to security,
protecting individual resources through a combination of
micro-segmentation, monitoring, and enforcement of role-
based access controls.
Most Common Types Of
Cybersecurity Attacks

Gen V Attacks
The cyber security threat landscape is continually evolving, and,
occasionally, these advancements represent a new generation
of cyber threats. To date, we have experienced five generations
of cyber threats and solutions designed to mitigate them,
including:

Gen I (Virus): In the late 1980s, virus attacks against

standalone computers inspired the creation of the first antivirus
solutions.

Gen II (Network): As cyberattacks began to come over the

Internet, the firewall was developed to identify and block them.
Gen III (Applications): Exploitation of vulnerabilities within
applications caused the mass adoption of intrusion prevention
systems (IPS)

Gen IV (Payload): As malware became more targeted and

able to evade signature-based defenses, anti-bot and
sandboxing solutions were necessary to detect novel threats.

Gen V (Mega): The latest generation of cyber threats uses

large-scale, multi-vectors attacks, making advanced threat
prevention solutions a priority.
Each generation of cyber threats made previous cyber security
solutions less effective or essentially obsolete. Protecting
against the modern cyber threat landscape requires Gen V
cyber security solutions.

Supply Chain Attacks

Historically, many organizations’ security efforts have been

focused on their own applications and systems. By hardening
the perimeter and only permitting access to authorized users
and applications, they try to prevent cyber threat actors from
breaching their networks.
Recently, a surge in supply chain attacks has demonstrated the
limitations of this approach and cybercriminals’ willingness and
ability to exploit them. Incidents like the SolarWinds, Microsoft
Exchange Server, and Kaseya hacks demonstrated that trust
relationships with other organizations can be a weakness in a
corporate cyber security strategy. By exploiting one
organization and leveraging these trust relationships, a cyber
threat actor can gain access to the networks of all of their
customers.

Protecting against supply chain attacks requires a zero trust

approach to security. While partnerships and vendor
relationships are good for business, third-party users and
software should have access limited to the minimum necessary
to do their jobs and should be continually monitored.

Malware
The different generations of cyberattacks have been defined
mainly by the evolution of malware. Malware authors and
cyber defenders are playing a continual cat and mouse game,
where attackers try to develop techniques that overcome or
bypass the latest in security technology. Often, when they
succeed, a new generation of cyberattacks is created.

Modern malware is swift, stealthy, and sophisticated. The

detection techniques used by legacy security solutions (such as
signature-based detection) are no longer effective, and, often,
by the time security analysts have detected and responded to a
threat, the damage is already done.

Detection is no longer “good enough” to protect against

malware attacks. Mitigating the threat of Gen V malware
requires cyber security solutions focused on prevention,
stopping the attack before it begins and before any damage is
done.

DoS and DDoS attacks

A denial-of-service (DoS) attack is designed to overwhelm the

resources of a system to the point where it is unable to reply to
legitimate service requests. A distributed denial-of-service
(DDoS) attack is similar in that it also seeks to drain the
resources of a system. A DDoS attack is initiated by a vast array
of malware-infected host machines controlled by the attacker.
These are referred to as “denial of service” attacks because the
victim site is unable to provide service to those who want to
access it.

With a DoS attack, the target site gets flooded with illegitimate
requests. Because the site has to respond to each request, its
resources get consumed by all the responses. This makes it
impossible for the site to serve users as it normally does and
often results in a complete shutdown of the site.

DoS and DDoS attacks are different from other types of cyber
attacks that enable the hacker to either obtain access to a
system or increase the access they currently have. With these
types of attacks, the attacker directly benefits from their
efforts. With DoS and DDoS network attacks, on the other hand,
the objective is simply to interrupt the effectiveness of the
target's service. If the attacker is hired by a business
competitor, they may benefit financially from their efforts.

A DoS attack can also be used to create vulnerability for

another type of attack. With a successful DoS or DDoS attack,
the system often has to come offline, which can leave it
vulnerable to other types of attacks. One common way to
prevent DoS attacks is to use a firewall that detects whether
requests sent to your site are legitimate. Imposter requests can
then be discarded, allowing normal traffic to flow without
interruption. An example of a major internet attack of this kind
occurred in February 2020 to Amazon Web Services (AWS).

MITM attacks

Man-in-the-middle (MITM) types of cyber attacks refer to

breaches in cybersecurity that make it possible for an attacker
to eavesdrop on the data sent back and forth between two
people, networks, or computers. It is called a “man in the
middle” attack because the attacker positions themselves in the
“middle” or between the two parties trying to communicate. In
effect, the attacker is spying on the interaction between the
two parties.

In a MITM attack, the two parties involved feel like they are
communicating as they normally do. What they do not know is
that the person actually sending the message illicitly modifies
or accesses the message before it reaches its destination. Some
ways to protect yourself and your organization from MITM
attacks is by using strong encryption on access points or to use
a virtual private network (VPN).

Phishing attacks

A phishing attack occurs when a malicious actor sends emails

that seem to be coming from trusted, legitimate sources in an
attempt to grab sensitive information from the target. Phishing
attacks combine social engineering and technology and are so-
called because the attacker is, in effect, “fishing” for access to a
forbidden area by using the “bait” of a seemingly trustworthy
sender.

To execute the attack, the bad actor may send a link that brings
you to a website that then fools you into downloading malware
such as viruses, or giving the attacker your private information.
In many cases, the target may not realize they have been
compromised, which allows the attacker to go after others in
the same organization without anyone suspecting malicious
activity.

You can prevent phishing attacks from achieving their

objectives by thinking carefully about the kinds of emails you
open and the links you click on. Pay close attention to email
headers, and do not click on anything that looks suspicious.
Check the parameters for “Reply-to” and “Return-path.” They
need to connect to the same domain presented in the email.

Ransomware

With Ransomware, the victim’s system is held hostage until

they agree to pay a ransom to the attacker. After the payment
has been sent, the attacker then provides instructions regarding
how the target can regain control of their computer. The name
"ransomware” is appropriate because the malware demands a
ransom from the victim.

In a ransomware attack, the target downloads ransomware,

either from a website or from within an email attachment. The
malware is written to exploit vulnerabilities that have not been
addressed by either the system’s manufacturer or the IT team.
The ransomware then encrypts the target's workstation. At
times, ransomware can be used to attack multiple parties by
denying access to either several computers or a central server
essential to business operations.
Affecting multiple computers is often accomplished by not
initiating systems captivation until days or even weeks after the
malware's initial penetration. The malware can send AUTORUN
files that go from one system to another via the internal
network or Universal Serial Bus (USB) drives that connect to
multiple computers. Then, when the attacker initiates the
encryption, it works on all the infected systems simultaneously.

In some cases, ransomware authors design the code to evade

traditional antivirus software. It is therefore important for users
to remain vigilant regarding which sites they visit and which
links they click. You can also prevent many ransomware attacks
by using a next-generation firewall (NGFW) that can perform
deep data packet inspections using artificial intelligence (AI)
that looks for the characteristics of ransomware.

Password attacks

Passwords are the access verification tool of choice for most

people, so figuring out a target’s password is an attractive
proposition for a hacker. This can be done using a few different
methods. Often, people keep copies of their passwords on
pieces of paper or sticky notes around or on their desks. An
attacker can either find the password themselves or pay
someone on the inside to get it for them.

An attacker may also try to intercept network transmissions to

grab passwords not encrypted by the network. They can also
use social engineering, which convinces the target to input their
password to solve a seemingly “important” problem. In other
cases, the attacker can simply guess the user’s password,
particularly if they use a default password or one that is easy to
remember such as “1234567.”

Attackers also often use brute-force methods to guess

passwords. A brute-force password hack uses basic information
about the individual or their job title to try to guess their
password. For example, their name, birthdate, anniversary, or
other personal but easy-to-discover details can be used in
different combinations to decipher their password. Information
that users put on social media can also be leveraged in a brute-
force password hack. What the individual does for fun, specific
hobbies, names of pets, or names of children are sometimes
used to form passwords, making them relatively easy to guess
for brute-force attackers.
A hacker can also use a dictionary attack to ascertain a user’s
password. A dictionary attack is a technique that uses common
words and phrases, such as those listed in a dictionary, to try
and guess the target's password.

One effective method of preventing brute-force and dictionary

password attacks is to set up a lock-out policy. This locks out
access to devices, websites, or applications automatically after
a certain number of failed attempts. With a lock-out policy, the
attacker only has a few tries before they get banned from
access. If you have a lockout policy in place already and
discover that your account has been locked out because of too
many login attempts, it is wise to change your password.

If an attacker systematically uses a brute-force or dictionary

attack to guess your password, they may take note of the
passwords that did not work. For example, if your password is
your last name followed by your year of birth and the hacker
tries putting your birth year before your last name on the final
attempt, they may get it right on the next try.

SQL injection attacks

Structured Query Language (SQL) injection is a common
method of taking advantage of websites that depend on
databases to serve their users. Clients are computers that get
information from servers, and an SQL attack uses an SQL query
sent from the client to a database on the server. The command
is inserted, or “injected”, into a data plane in place of
something else that normally goes there, such as a password or
login. The server that holds the database then runs the
command and the system is penetrated.

If an SQL injection succeeds, several things can happen,

including the release of sensitive data or the modification or
deletion of important data. Also, an attacker can execute
administrator operations like a shutdown command, which can
interrupt the function of the database.

To shield yourself from an SQL injection attack, take advantage

of the least-privileged model. With least-privileged
architecture, only those who absolutely need to access key
databases are allowed in. Even if a user has power or influence
within the organization, they may not be allowed to access
specific areas of the network if their job does not depend on it.
For example, the CEO can be kept from accessing areas of the
network even if they have the right to know what is inside.
Applying a least-privileged policy can prevent not just bad
actors from accessing sensitive areas but also those who mean
well but accidentally leave their login credentials vulnerable to
attackers or leave their workstations running while away from
their computers.

URL interpretation

With URL interpretation, attackers alter and fabricate certain

URL addresses and use them to gain access to the target’s
personal and professional data. This kind of attack is also
referred to as URL poisoning. The name “URL interpretation”
comes from the fact that the attacker knows the order in which
a web-page’s URL information needs to be entered. The
attacker then “interprets” this syntax, using it to figure out how
to get into areas they do not have access to.

To execute a URL interpretation attack, a hacker may guess

URLs they can use to gain administrator privileges to a site or to
access the site’s back end to get into a user’s account. Once
they get to the page they want, they can manipulate the site
itself or gain access to sensitive information about the people
who use it.

For example, if a hacker attempts to get into the admin section

of a site called GetYourKnowledgeOn.com, they may type in
http://getyourknowledgeon.com/admin, and this will bring
them to an admin login page. In some cases, the admin
username and password may be the default "admin" and
"admin" or very easy to guess. An attacker may also have
already figured out the admin’s password or narrowed it down
to a few possibilities. The attacker then tries each one, gains
access, and can manipulate, steal, or delete data at will.

To prevent URL interpretation attacks from succeeding, use

secure authentication methods for any sensitive areas of your
site. This may necessitate multi-factor authentication (MFA) or
secure passwords consisting of seemingly random characters.

DNS spoofing

With Domain Name System (DNS) spoofing, a hacker alters DNS

records to send traffic to a fake or “spoofed” website. Once on
the fraudulent site, the victim may enter sensitive information
that can be used or sold by the hacker. The hacker may also
construct a poor-quality site with derogatory or inflammatory
content to make a competitor company look bad.

In a DNS spoofing attack, the attacker takes advantage of the

fact that the user thinks the site they are visiting is legitimate.
This gives the attacker the ability to commit crimes in the name
of an innocent company, at least from the perspective of the
visitor.

To prevent DNS spoofing, make sure your DNS servers are kept
up-to-date. Attackers aim to exploit vulnerabilities in DNS
servers, and the most recent software versions often contain
fixes that close known vulnerabilities.

Session hijacking

Session hijacking is one of multiple types of MITM attacks. The

attacker takes over a session between a client and the server.
The computer being used in the attack substitutes its Internet
Protocol (IP) address for that of the client computer, and the
server continues the session without suspecting it is
communicating with the attacker instead of the client. This kind
of attack is effective because the server uses the client's IP
address to verify its identity. If the attacker's IP address is
inserted partway through the session, the server may not
suspect a breach because it is already engaged in a trusted
connection.

To prevent session hijacking, use a VPN to access business-

critical servers. This way, all communication is encrypted, and
an attacker cannot gain access to the secure tunnel created by
the VPN.

Web attacks

Web attacks refer to threats that target vulnerabilities in web-

based applications. Every time you enter information into a
web application, you are initiating a command that generates a
response. For example, if you are sending money to someone
using an online banking application, the data you enter
instructs the application to go into your account, take money
out, and send it to someone else’s account. Attackers work
within the frameworks of these kinds of requests and use them
to their advantage.

Some common web attacks include SQL injection and cross-site

scripting (XSS), which will be discussed later in this article.
Hackers also use cross-site request forgery (CSRF) attacks and
parameter tampering. In a CSRF attack, the victim is fooled into
performing an action that benefits the attacker. For example,
they may click on something that launches a script designed to
change the login credentials to access a web application. The
hacker, armed with the new login credentials, can then log in as
if they are the legitimate user.

Parameter tampering involves adjusting the parameters that

programmers implement as security measures designed to
protect specific operations. The operation’s execution depends
on what is entered in the parameter. The attacker simply
changes the parameters, and this allows them to bypass the
security measures that depended on those parameters.

To avoid web attacks, inspect your web applications to check

for—and fix—vulnerabilities. One way to patch up
vulnerabilities without impacting the performance of the web
application is to use anti-CSRF tokens. A token is exchanged
between the user’s browser and the web application. Before a
command is executed, the token’s validity is checked. If it
checks out, the command goes through—if not, it is blocked.
You can also use SameSite flags, which only allow requests from
the same site to be processed, rendering any site built by the
attacker powerless.

Cyber Security Trends

The prevailing trends in cybersecurity often stem from a

combination of reactions to prominent cyber threats, emerging
technologies, and enduring security objectives. These represent
some of the key trends and technologies that shape the
landscape of cybersecurity in 2024:

AI Security– The ascent of AI profoundly influences

cybersecurity, encompassing both offensive and defensive
aspects. On the offensive front, cyber threat actors have
already employed tools like ChatGPT to enhance and
streamline cyberattacks, contributing to a notable year-over-
year surge in attacks across the board.
Hybrid Mesh Firewall Platform– Organizations are progressively
adopting hybrid mesh firewall platfrom, integrating diverse
firewall types into a unified, centrally managed security
architecture. This approach allows organizations to implement
firewall solutions tailored to specific environments while
simultaneously ensuring centralized oversight, administration,
and enforcement of policies across their entire infrastructure.
against them.

Three Main Types of Hackers

White Hat Hackers
White hat hackers are the one who is authorized or certified
hackers who work for the government and organizations by
performing penetration testing and identifying loopholes in
their cybersecurity. They also ensure the protection from the
malicious cyber crimes. They work under the rules and
regulations provided by the government, that’s why they are
called Ethical hackers or Cybersecurity experts.
Black Hat Hackers
They are often called Crackers. Black Hat Hackers can gain
unauthorized access to your system and destroy your vital data.
The method of attack they use common hacking practices they
have learned earlier. They are considered to be criminals and
can be easily identified because of their malicious actions.

Gray Hat Hackers

Gray hat hackers fall somewhere in the category between white
hat and black hat hackers. They are not legally authorized
hackers. They work with both good and bad intentions, they
can use their skills for personal gain. It all depends upon the
hacker. If a gray hat hacker uses his skill for his personal gains,
he/she is considered as black hat hackers.

Penetration testing
Penetration testing is a method for preventing cyberattacks by
performing a simulated attack, where the penetration tester
attempts to find the vulnerabilities that attackers could
potentially exploit. This allows the business or organization to
understand exactly where they can improve their defensive
measures to ensure their information and systems are safe.
Another term for penetration testing is ethical hacking or white
hat hacking.

After finding a system's weaknesses, a penetration tester

continues to further exploit the system like a hacker would if
they were to gain access. By further pursuing the potential
harm of an attack, you can learn more about how an attacker
may work to get to your protected information, giving you
more context to design a better, more specific plan of defense.
This separates pen tests from a vulnerability scan, which solely
identifies vulnerabilities.

Three approaches to performing a

penetration test
You can typically classify penetration testing approaches into
three categories: black box testing, white box testing, and gray
box testing.
Black box testing
Black box tests describe when the penetration tester comes
into the test without prior information about the system they
will hack. This helps to accurately simulate what would occur in
a real-life cyber attack and is the best way to replicate the
process.

White box testing

During a white box test, the pen tester instead has access to
every piece of information relating to the system, including the
architecture, credentials, and source code. This thorough
approach helps ensure the penetration test covers all aspects
of the system.

Gray box testing

Gray box testing helps simulate an attack in which the attacker
has a basic understanding of the system and its various
components. By giving the pen tester minimal information on
certain areas, they can perform tests focused on those areas.
Types of penetration testing
Several types of penetration testing exist, each helping address
specific needs. Here’s a look at nine different penetration
testing methods you can use.

1. Internal pen testing

Internal pen testing is a way to simulate an attack from the
inside, where the attacker has a certain level of access already
granted. This helps simulate situations such as an internal
attack from an employee.

2. External pen testing

External tests occur from the outside, through areas such as the
organization's servers or website. This highlights the threat of a
cyber attack from an outside source and whether or not the
system is accessible externally.

3. Blind pen testing

Blind pen tests are also known as closed box pen tests. In this
scenario, the penetration tester knows nothing about the
system they are attacking, just the name of the company and
any other publicly accessible information.

4. Double-blind pen testing

The difference between a blind and double-blind pen test is
that the employees or team members responsible for handling
attacks are unaware of what’s happening. A benefit of double-
blind pen testing is it allows you to learn how the company will
respond to a real attack.

5. Social engineering pen testing

Social engineering pen tests can include a physical attack on a
building or infrastructure, such as getting past security guards
and through email, a website, or other means. The strategy for
this type of test is to attempt to trick employees into offering
up information that would put the company at risk of an attack,
potentially enabling access to their systems.

6. IoT pen testing

IoT pen tests seek to find security issues in connected IoT
components such as servers, applications, software, and
hardware. This can highlight several vulnerabilities, including
unencrypted data and poor access control.

7. Network pen testing

During a network pen test, the attempted attack occurs
through the network. The pen tester tries to gain access
through areas such as servers, routers, and firewalls. Network
pen tests can happen internally or externally.

8. Web application pen testing

Web-based applications are the target for this type of pen test,
with the pen tester using information they find from operating
systems and web servers. The pen tester can also attempt to
access protected files containing passwords.

9. Physical pen testing

Rather than hacking a system externally, a physical pen test
directly attacks different components they can access. This can
include locks, sensors, access cards, cameras, and alarms that
are in place to provide security
Conclusion:
Cybersecurity is an essential aspect of modern life. It protects
individuals, businesses, and nations from the ever-growing risks
of cyberattacks. By understanding the key concepts, threats,
and practices, we can all play a role in promoting a safer and
more secure digital environment.