Botnets, Ghostware, and Malware oh my?
Perhaps on Friday morning, October 21st you woke up to find that some of your favorite websites were down. When you went to Twitter to tell the world about yourself, you discovered that was down too. Netflix, Spotify, Reddit. All down, what could have caused this? The Firehose Effect At 7 am, October 21st, Dyn DNS Company was hit with a massive distributed denial-of-service attack (DDoS). A DDos occurs when hackers flood the servers that run a target’s site with internet traffic until it slows or collapses under the load. Dyn’s servers monitor and reroute internet traffic, without its services many of the company’s east coast clients began to go offline. Throughout the day the attack started to spread westward in waves. By 8:30 that evening services began to return to normal as Dyn’s cyber security worked to mitigate any further disruptions. This attack was much different than past DDoS attacks due to a number of websites affected. The Internet of Things One troubling aspect of this attack is the method the hackers used. A botnet called Mirai used ten’s of millions of IP addresses to send traffic to Dyn’s servers. Connected devices ranged from baby monitors, printers, home routers and cameras. Why is this important to MIS professionals? With increasing amounts of internet connected devices, a strong understanding in cyber security is a must. One way to get up to speed is through CompTIA Security+ certification (https://certification.comptia.org/certifications/security). Security + is an entry-level security certification used by companies and governments around the world as the basic prerequisite for IT security professionals. In addition to Security +, (ISC)²’s Certified Information Systems Security Professional (CISSP) certification is highly recommended (https://www.isc2.org/cissp/default.aspx). The program is described on (ISC)²’s website as “drawing from a comprehensive, up-to-date, global common body of knowledge that ensures security leaders have a deep knowledge and understanding of new threats, technologies, regulations, standards, and practices”. Fire with Fire Being busy college students we can't always make time for extra-curricular training, however, there are a few interesting things you can do in your free time. In order to learn how to mitigate cyber attacks sometimes, it helps to know what tools hacker groups use to infiltrate networks. Kali is a free variant of Linux that is packed with programs and tools used for penetration testing and security investigation (and lots of less wholesome activities). It is worthwhile to download Kali and get into trouble, but make sure you only test in your own home lab and not your local college’s network. Speak the language Unfortunately, cyber security is a broad field so there is no specific programming language to stress over another in regards to security. That being said, here are popular languages used widely in today’s technology fields. Python is one of the most popular programming languages and can be used to build just about anything. Python is a high-level language, meaning that it is very similar to English. This makes it easier to learn as it takes the syntax learning stress off of beginners. Database technologies such as MySQL run off of a language called SQL. iPhones and Androids have access to an SQL database called SQLite and many mobile apps developed Google, Skype and DropBox use it as well. There are many other languages out there; these are just a few to get you started.
How to get into cyber security:
Learn:
JavaScript will help you in understanding:
DOM based XSS(Cross site scripting)
Finding and Modifying Elements
Stealing cookies
Manipulating Event handlers to perform malicious actions
Form manipulation
You can learn java-script here:
Python
Will help you in writing scripts to automate tasks and tools to enhance your arsenal.
You can learn Python at the following portal:
Certification to get:
CompTIA Security+ is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career.
Jobs to get into to eventually go into cyber security:
Exchange administrator → Email security
Network administrator → Network security, forensics, etc.
System administrator → Security administrator, forensics, etc.
Web developer → Web security, security software developer, etc.
