ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

Donald Hoxhaj

US charges three Chinese nationals over hacking

by 1 Comment

https://www.ft.com/content/d23cc752-d3b0-11e7-8c9a-d9c0a5c8d5c9

US charges three Chinese nationals over hacking

This article talks about the following: It is well known that Russia and China have been growing threats in the cybercrime space. In the latest update, the United State has accused 3 Chinese nationals of stealing critical information of Moody’s Analytics, Siemens and GPS maker Trimble. The hacking took place through network hacking and sending phishing emails to steal information.

It will be interesting to see how things unfold in the future. How can such frauds, especially data theft of some of the most critical information, be protected in the future? How can governments work together in curbing or ensuring that ethical hacking is practiced and preached across students and people who are interested in this field?

How UK cops are becoming ethical hackers

by 3 Comments

https://www.cisomag.com/uk-cops-becoming-ethical-hackers/

How UK cops are becoming ethical hackers

This article talks about the following: Cyber Crime is a growing threat and its knowledge in the security forces is limited because of lack of training systems. Because of this, the police officers in UK are getting trained on cybercrime. 80% of the police in UK is being trained on hacking, cybersecurity training, penetration testing, etc. This will enable the police officers to nab the accused at the right time

It will be interesting to see how things unfold in the future. This is an interesting move by the police departments and should be implemented by all police forces. However, will the cybersecurity systems be regularly maintained and upgraded for new threats? Will the training imparted be effective to new AI threats? This is a question that needs answers, especially in government forces

NHS turns to ethical hackers to defend it from malicious attacks

by Leave a Comment

https://www.newscientist.com/article/2154779-nhs-turns-to-ethical-hackers-to-defend-it-from-malicious-attacks/

NHS turns to ethical hackers to defend it from malicious attacks

This article talks about the following: The growing threat of cyber-attacks has prompted the UK National Health Service to invest £20m on cyber security. In order to check the safety of its systems, the institute will use ethical hacking procedures to check the strength and weakness of its systems.

It will be interesting to see how things unfold in the future. Will the investment offset any new threats or able to predict new black hat techniques used by hackers? It is interesting to see these investments, provided that the system has AI capabilities to detect future threats and that it can warn the authorities at the right time.

Obsolete, outdated software puts Victorian hospitals and police at risk of cyber attacks

by 1 Comment

http://www.theage.com.au/victoria/obsolete-outdated-software-puts-victorian-hospitals-and-police-at-risk-of-cyber-attacks-20171129-gzv9ov.html

Obsolete, outdated software puts Victorian hospitals and police at risk of cyber attacks

This article talks about the following: Cyber-Attacks have been threatening the hospital industry too. The recent case of Victoria’s critical services such as Police, Hospitals, and Child protection have been victims of these attacks and this has been attributed primarily to outdated computer systems. These outdated systems were never updated with security patches for a long time by the developers and this has led to huge losses in terms of data, financial, and patient records from hospitals.

It will be interesting to see how things unfold in the future. Is this a problem of negligence, lack of government control, or lack of financial resources? In either of the case, it has ultimately become a disaster and until this is taken care now, it would only aggravate over the next couple of years. How can the Victorian government ensure safety of critical care services? Will they be ready to make capital investments in these areas and at the earliest?

Nato warns of WW3 ‘hyper war’ after constant cyber-attacks from North Korea, China and Russia

by Leave a Comment

https://www.thesun.co.uk/news/5035127/north-korea-china-russia-cyber-attack-threat-hyper-war/

Nato warns of WW3 ‘hyper war’ after constant cyber-attacks from North Korea, China and Russia

This article talks about the following: The increasing threat from North Korea and China, especially cyber-attacks, has caused fear across the world. There is a feeling that Machine Learning and Artificial Intelligence will do more harm than good and in the coming years will cause Hyper-war.

It will be interesting to see how things unfold in the future. Will Machine Learning and Artificial Intelligence be a good thing for the society going ahead or will transform into a giant ball of fire? Will countries co-operate with each other to secure networking lines and create Cyber Security Procedures to prevent leaks? We just hope that this doesn’t turn out to be another Russian cyber-attack on US presidential elections.

Criminals look to machine-learning to mount cyber attacks

by Leave a Comment

https://www.scmagazineuk.com/criminals-look-to-machine-learning-to-mount-cyber-attacks/article/710215/

Criminals look to machine-learning to mount cyber attacks

This article talks about the following: Machine learning, as per McAfee, will be used extensively by cyber attackers in the coming years because of the nature of the system to do multi-fold combinations. In the coming days, the attackers would use ML so easily that they would be able to talk in their native language and still carry out phishing attacks, making it far more difficult to recognize these attacks.

It will be interesting to see how things unfold in the future. With this, most companies have started adopting serverless apps i.e. apps hosted on virtual systems. How can security professionals be warned of such attacks? Are there systems today that can detect phishing packets easily and warn users?

AI, machine learning new tools to fight cyber-attacks: Internet security firm

by Leave a Comment

http://indianexpress.com/article/technology/ai-machine-learning-new-tools-to-fight-cyber-attacks-internet-security-firm-4956966/

AI, machine learning new tools to fight cyber-attacks: Internet security firm

This article talks about the following: In order to prevent cyber-attacks, the new help for all cyber security companies is Machine Learning and Artificial Intelligence. It is said that the future holds for these new technologies and that they will be automatically able to parse new threats by identifying them at the right time.

It will be interesting to see how things unfold in the future. It is evident that the implementation of ML and AI can only be possible by big companies who can afford. How can small and mid-companies enable themselves against cyber security? Also, ML and AI are still evolving and how will organizations be able to tap into whole set of these system? Will it happen anytime soon? Or will they have to depend on 3rd party companies to protect them against newer forms of Cyber-attacks?

AWS S3 ‘Misconfiguration’ Opens Door to MITM Attacks

by Leave a Comment

https://findbiometrics.com/aws-s3-misconfiguration-opens-door-mitm-attacks-411294/

AWS S3 ‘Misconfiguration’ Opens Door to MITM Attacks

This article talks about the following: According to recent research, one of Amazon’s web service data storage has a security flaw and this has been identified as AWS’s Simple Storage Service or S3. The main reason for this is misconfiguration of the buckets enabling users to have public access. This has ultimately led to malicious attacks by 3rd parties.

It will be interesting to see how things unfold in the future. Amazon has been one of the largest cloud and server providing companies in the world. That being said, how will the company prevent such irresponsible behaviour? Will it compromise by putting critical information across networks or theft of customer information in jeopardy? Or will it scrutinize their internal security server configuration to prevent Man-in-the-middle (MiTM) attacks?

Akamai Finds Web App Attacks Increased in Q3 2017

by Leave a Comment

http://www.eweek.com/security/akamai-finds-web-app-attacks-increased-in-q3-2017

Akamai Finds Web App Attacks Increased in Q3 2017

This article talks about the following: As per Akamai’s Internet Security report, Web application attacks have grown in Q3, 2017 and SQL Injection accounts for 47% of most attacks. Surprisingly, most attacks were aimed at gaming companies. The DDoS attacks happened mostly on gaming industries and accounted for 86% of such attacks.

It will be interesting to see how things unfold in the future. In all these cases, US has been found to be the largest exporter of SQL Injection and Web application attacks. Does it mean that the cyber security measures in the country are weak? How can security professionals in organizations learn constantly from these attacks and know about any forthcoming attacks?

Why web application attacks are a growing threat to the cloud

by 1 Comment

http://searchcloudsecurity.techtarget.com/tip/Why-web-application-attacks-are-a-growing-threat-to-the-cloud

Why web application attacks are a growing threat to the cloud

This article talks about the following: Web application are becoming a growing threat to cloud systems. It is found that 73% of the cloud attacks are directed towards the web applications. These attacks usually comprise SQL Injections or Cross Scripting strategies. These attackers take control of CMS (Control Management Systems) and in fact, most such attacks are automated

It will be interesting to see how things unfold in the future. Will organizations be able to deploy sophisticated defences against SQL Injections in the future and will they be able to leverage cost, quality, and time as key factors in such deployments? The answer to this question will only tell us the applicability and adaptability of these systems in the future