Hearing how scammers preyed on people who fell victims to their hacks through phishing links during the lockdown, Bob was inquisitive to learn about hacking and its ethics. He enrolled in a Cybersecurity training in Abuja and went through the programme that included Cybersecurity and ethical hacking. In diligence and consistency, he advanced in Ethical hacking and Cybersecurity.
XYZ Company Ltd. encountered a cyber attack where the company’s security system was compromised giving the hackers access to confidential information. The hackers demanded a ransom also in order not to top secret information. Bob as a computer security specialist was contracted to help sabotage the hackers effort and retrieve the data. On acceptance of the job, he signed a contract granting him the permission to handle the company’s information.
He got in, retrieved it and created a protection establishing a higher security patch which kept attacks from backdoor access.
HACKING AND ETHICAL HACKING TRAINING IN ABUJA NIGERIA
Hacking is that process of discovering vulnerabilities in a system through cracking codes and exploiting them which many illegal hackers do. In Bob’s case, the practice of obtaining consent from an organization to gain access into the system to guard its security is known as Ethical hacking. Legal and illegal hackers are all hackers because they do similar things except the concept called Consent. Consent makes this activity legal through permission. Also, the intent for which a hacker penetrates into a system determines its legality. An ethical hacker is a certified computer security specialist who signs a contract to improve the security of the company. An ethical hacker is not only responsible for penetration and testing, they can do what illegal hackers do such as cracking codes with algorithm crackers.
Illegal hacking exposes victims to damage therefore, the remedy put in place to defend or repair damage caused is Cybersecurity. Cybersecurity is the protection of computer networks, hardware and software from unauthorized illegal attacks and cyber threats. Cyber threat is simply what the illegal hacker did by threatening to expose the company’s resources. The stage where Bob augmented the security patch level against cyber threats/perils of the company’s system is called Cybersecurity. Hackers can steal identity, password, bank, account as seen with many social media platforms, username, or even spy on the target system and its users for many reasons which include intimidation and blackmail.
The skills and methods of curbing cyber attacks define cybersecurity. Cybersecurity tools and measures include anti-virus, password protection/authentication, anti-malware among many other measures to stay safe on the net. For more knowledge tricks on staying safe and keeping others too, a Cybersecurity course is available at Abuja Data School.
A situation where the hacker demands ransom in exchange for stolen information is Ransomware. This is not just a virus corrupting the system now but the hacker hijacks online resources for personal gains. The biggest ransomware attack that has ever happened is the WannaCry ransomware attack in Asia which occurred in May 2017. The hackers demanded a large sum of money in payment form of the cryptocurrency, Bitcoin. It was estimated to be over 300 million dollars equivalent in Bitcoin that year. The targets were systems operating on Microsoft Windows. This attack encrypted users’ data locking them out of their system.
Hackers manipulate recipients to release identity deets, bank details, accounts and other information that are confidential. Social engineering takes different forms which are scareware, phishing, spear phishing, baiting, pretexting. All points to using recipients’ weaknesses against them by seeming genuine and helpful.
TYPES OF HACKERS
- Black hat hacker is a villain who forces his way into a system to corrupt files with malicious contents. Most times, this hacker’s intent is for monetary gains.
- Grey hat hackers discover vulnerabilities on a system, report susceptibilities without permission but also ask for money.
- White hat hackers break into the system with permission to defend the organization. A white hat hacker is an ethical hacker authorized to detect and solve cybersecurity problems.
TECHNIQUES OF HACKING
Not limited to the list are famous ways of hacking systems:
- Cookie theft.
- Virus and Trojans.
- Bait and switch attack.
- Denial of service (DOS) attack.
- Insecure wireless connection etc.
ROLES OF AN ETHICAL HACKER
Protect: Examine patches, parse/track/crack encryption, protect the organization the ethical hacker works for.
Report: Inform software and hardware purveyor concerning any sort of vulnerabilities found in products that engineers illegally access.
Prevent: Create Intrusion Prevention System(IPS), Set up defense protocol to ward off future attacks.
PHASES OF ETHICAL HACKING
- Reconnaissance: First step by gathering information through observations and research to continue the process of ethical hacking efficiently. Tools used for this phase are Hping and Nmap. These tools detect networks and internet protocol addresses.
- Scanning: Step two here inspect to spot vulnerabilities in the system. Nexpose software manages the vulnerability detection and prevention process. Nmap is also another security software useful for this phase.
- Exploiting: In a more noble way, exploiting refers to gaining access by the ethical hacker writing and rewriting some codes, blocking and granting relevant access to intensify the security of the system. In this phase, he is likely to retrieve data stolen with rigorous activities.
- Maintaining: This phase fixes the attack, secures the system, installs firewall to keep out backdoor access using Metasploit penetration testing software.
- Clearing access: The ethical hacker clears his tracks of the process.
- Documentation and Reporting: As the name implies, reports to the organization the vulnerabilities discovered and security put in place.
ETHICAL HACKING TOOLS
- Burp Suit.
- Nexpose etc.
SKILLS FOR ETHICAL HACKING
- Operating environment Knowledge of the working environment is necessary as cyber attack protections are peculiar to operating systems such as Windows, Linux/Unix, Macintosh.
- Networking skills in packet tracing, packet sniffing, intrusion detection/prevention and scanning cannot be overlooked.
² Programming skills necessary for ethical hacking are HTML, PHP, Python, SQL, JS.
PLANS IN ETHICAL HACKING
- Creative thinking to predict activities I.e, Think like a hacker.
- Proficient about communicating risks and results found.
- Ability to work under pressure.
CERTIFICATIONS IN ETHICAL HACKING AND CYBERSECURITY IN ABUJA
Certified Ethical Hacker(CEH) certification.
Linux Professional Institute(LPI) certification.
Cybersecurity and Ethical Hacking certification from Abuja Data School.