Raul Calcamo

UWRT 1104
Justin Cary
12/06/2016
Cyber Security
Cyber security is a term that refers to the ability to control access to a system, network
and information. It is important to note that this is not limited to just the cyberspace, but to the
physical world as well. Threats to cyber security might take different shapes, therefore it is
important for any country, company, organization, and even individual to be aware of how their
information might be endangered. In order to make this paper easier to assimilate, I will start by
using comparing security to the security of a, since this is a very popular example used in the
field. A house has many possible access points such as windows, a chimney and, of course, a
front and backdoor. Any of those could be used by an unintended guest to enter the house and
steal property inside the house, or even the house itself. It is up to the owner of the house to
establish the necessary security measures, maybe even going as far as hiring professionals to try
and enter the house and find possible ways to get in. The world of cyber security works in a
similar manner.
Those who perform penetration tests are commonly known as hackers. According to
Dr, Patrick Engebretson in The basics of hacking and penetration testing: ethical hacking and
penetration testing made easy, there is two different types of hackers: black hat and white
hat hackers. On one hand, White hat hackers are professionals hired to perform penetration
testing and provide evidence of vulnerability and potential threats. Their intentions are not to use
the knowledge gained to extort or benefit in some way from the vulnerabilities found, but to help
keep the system and information protected and secure. On the other hand, black hat hackers

are those who perform similar, if not the same, operations as white hat hackers without the
explicit consent of the owner of the system, with the of extorting or benefiting in some other way
of the compromised information in ways such as selling it at the black market.
First of all, it is important to understand how attacks are performed and what steps these
professionals take in order to test the vulnerability of a system or network, find possible ways to
endanger the information, and, ultimately, take complete control of the system. This is known as
penetration testing. According to to Dr, Patrick Engebretson in The basics of hacking and
penetration testing: ethical hacking and penetration testing made easy, most penetration tests are
conducted in 5 well-differentiated steps. Note that too much detail wont be given as to how each
step is performed, since it takes years of practice, learning, and experience to fully understand
the processes undergoing on most of the steps.
The first step in any penetration test is known as reconnaissance.

During

reconnaissance, information on the target is gathered, and all the preparations needed to perform
the penetration test are made. The more you prepare for a task, the more likely you are to
succeed (The basics of hacking and penetration testing: ethical hacking and penetration testing
made easy pg. 21). Despite the fact that there are several techniques used during this step, some
of them do not require advanced technical skills. Some examples of the latest are google
hacking, which consists in gathering information of the target by performing hard to track
google searches, and social engineering, which consists on manipulating unsuspecting
employees into revealing crucial information for the attack. Nonetheless, this doesnt mean that
this step requires no knowledge of computing whatsoever; one of the most used steps in this
process is known as HTTracking, which consists of the deep exploration of the targets website
in order to find exploitable links or information leaks. Regardless of the techniques used, it is

vital that, by the end of this step, there is a good understanding of the target and a collection of
Internet Protocol (IP) addresses of interest.
The second step, according to the source, is called Scanning. In this step, the IP
addresses gathered during reconnaissance are mapped to open ports and services. This consists of
two different parts; port scanning and vulnerability scanning. Port scanning is the search or scan
for open ports in the targets system. Most networks, including most internet connections,
perform a similar task in order to allow communication between systems. Vulnerability scanning
is the further interrogation of the active ports that hackers perform to find vulnerabilities of the
system and network. According to Dr, Patrick Engebretson in The basics of hacking and
penetration testing: ethical hacking and penetration testing made easy, hackers will usually split
scanning into 4 separate steps: determining whether the system is alive or not, identifying all
open ports and running services, since every one of them is a possible door into the system;
further interrogating the findings in order to create a map of the network, and scanning for
exploitable vulnerabilities using custom or premade tools such as Nessus.
The step that follows after scanning and finding the targets vulnerabilities is known as
Exploitation. This is the process that most people associate with hacking, since this is where
attacks on systems and networks, such as password cracking or email phishing, are conducted. In
a few words, and quoting Dr. Engebretson; Exploitation is the process of gaining control over a
system. This is accomplished through the use of exploits, which are realizations of a
vulnerability of a system. More experienced hackers will make use of custom made exploits,
while those new to penetration testing will rely on generic exploitation tools such as metasploits.
It is important to take into account that exploitation is the broadest step in penetration testing due
to the large arrangement of tools, options, and activities that may take place in it.

Contrary to popular belief, penetration testing does not end at exploitation; there are still
two final steps that any competent hacker, according to Dr. Engebretson, will perform before
disconnecting from the system they just exploited. In his book, he groups them up as post
exploitation steps. The first part of post exploitation is known as maintaining access. Just as it
sounds, this steps consists in performing the necessary procedures to be able to access the system
or the desired information from it in an easy manner at any given time, since exploits will only
work as long as the service is still operational. Going back to the house example, this step would
be similar to creating your own backdoor to the house; a gate you can easily make use of any
time you want. Note that if a hacker was hired for a company to test their security, they will
usually ask them specifically not to perform this step, since future attacker could possibly find
and make use of this backdoor with a malicious intent. Once this step has been completed, the
final task for a hacker to perform is simply known as hiding. In this final part of the post
exploitation step, the hacker will attempt to erase all possible evidence of his or her actions in the
system, in a similar way as to how a thief might attempt to take any evidence with them before
leaving the house. This is considered by Dr. Engebretson to be one of the most complicated
steps, and it is barely talked about in The basics of hacking and penetration testing: ethical
hacking and penetration testing made easy, since it requires a much deeper general
understanding.
Recall that at the beginning of the paper I mentioned that cyber security relates to a lot
more than just software and computer scientists; every person within an organization is
responsible for protecting information. Usually companies, governments, and other organizations
will create a cyber security policy in order to ensure that information is managed in appropriate
ways by the designated people. According to Bayuk and Wiley in Cyber Security policy

guidebook, cyber security policy is the ability of a company, institution, or government to

control access to systems, networks, and the information within them. The cyber security policy
needs to be stated with very specific goals in mind; it has to estate how to prevent, detect and
respond to possible attacks, establish routines for operators to follow in order to keep technology
working at optimal performance, while also ensuring the authorization, authenticity and
precision of information and protecting it from threats such as social engineering. All of these
goals must be accomplished while also reaching the maximum possible productivity. For
example, a company could secure every single word document and spread sheet behind an
encrypted password that only trustworthy employees have access to, but because of that access to
that information becomes almost impossible for most employees, resulting in a huge loss of
productivity.
As mentioned previously, each company, institution, and even state establishes its own
cyber security policy, therefore there might be huge differences in the ways the rules and
regulations regarding information access and privacy are applied. According to Bayuk and Wiley,
companies and institutions must additionally take into account the states cyber security policy,
and create their own based on it. For example, certain actions regarding information might be
considered offensive by the USAs cyber security policy, but not by Chinas; therefore companies
will have to adapt their policies to the country theyre in.
As individuals, we must also implement our own personal cyber security policy if we
want to keep our information safe. It doesnt have to be as strict as that of a company or a
government, simply taking measures such as having long passwords with multiple characters and
not sharing, watching what kind of information we post online, or not having different passwords
are good steps to take when implementing our personal cyber security policy.

In conclusion, cyber security is one of the most important aspects of todays world.
Understanding how attackers operate from surveillance to hiding is essential for anyone that
wants to work on the field like myself, while also useful for anyone else whos concerned about
the security of their information. This basic understanding should be the basis for companies,
governments, and even individuals at the time of establishing and implementing a cyber security
policy to keep their information safe.