Introduction to cybersecurity concepts
The term cybersecurity refers to all the practices and tools that can be used to protect people and the tangible and intangible IT assets of States and organizations. Given the financial stakes linked to the vulnerability of Information Systems (IS), each organization must ensure the security of its IS.
What is an Information System?
The information system of an organization is the entirety of the assets used to collect, classify, store, manage and disseminate information within an organization. For all types of data, every information system must comply with 3 essential principles:
Confidentiality :Data confidentiality is the protection of communications or stored data from being intercepted and read by unauthorized people.
Integrity :Data integrity refers to the state of data, which must not be corrupted or destroyed, whether intentionally or accidentally during its processing, storage or transmission
Availability :This is the capacity to make information accessible to authorized people. The infrastructure is used to store this data. But how?
Infrastructure and an easy life
For a long time, our work environment consisted of a hardware infrastructure with on-site servers, which hosted the company's data locally. Now, faced with the imperatives of mobility and accessibility to information, our work environments are becoming dematerialized. Companies are increasingly using solutions stored in the cloud: this is known as virtualization.
Virtualization means having the machine park, network and/or software in a virtual environment: the cloud. The server is now remote. It is accessed online through a secure internet connection.
Three technical arrangements exist to meet different needs:
IaaS (Infrastructure as a Service):allowing the outsourcing of the IT hardware infrastructure. It is therefore now possible for companies to delegate to a provider the installation of file servers, networks and storage of their data through a subscription. Unnecessary costs for equipment purchase and maintenance are thus avoided.
PaaS (Platform as a Service):PaaS consists of outsourcing not only the hardware infrastructure, but also the middleware applications such as operating systems, databases and web servers.
SaaS (Software as a Service):this arrangement enables companies to use multiple applications that are accessible online. In particular, tools are offered by Google (Google Apps) and Microsoft (Office 365) that accelerate the integration of collaborative working. CRM (Salesforce), ERP (Infor, NetSuite, Workday, etc.) and HR solutions (SuccessFactors, Talensoft, Cornerstone) are also available in SaaS mode.
What about security?
The number of companies adopting IaaS, PaaS or SaaS devices to manage their data is growing from year to year. This rapid growth shows that companies are increasingly willing to trust these solutions. These same companies persist in expressing some distrust, given the current environment and the various incidents reported to the media by some large companies, as was the case, for example, of the security flaw written in the development code of Google+ discovered in March 2018. This flaw would have allowed hackers to access nearly 500,000 Google+ accounts in two weeks. And the examples are numerous...
Hacking, but why?
A hacker is any person who takes advantage of the vulnerability of an IS to access private data. It should be noted that there are three types of hackers: Black Hats, Grey Hats and White Hats. I will elaborate on the criteria that distinguish each of these three types of hackers in a second article, but what is important here is to focus on the motives of malicious hackers.
In general, hackers steal your private data for the following four reasons:
Your data is worth its weight in gold :Your credit card number, date of birth, favorite books or most recent foreign destinations are all information items that a hacker can convert to cash.
Corporate espionage :Stealing information about a competitor's products and services gives you an advantage on the market.
Revenge :Some hackers have political or social motives. These activist hackers seek to draw public attention to an issue, either by making public some unflattering information about their target, or by taking down part or all of their target's IS.
Digital warfare :Entire nations engage in state-sponsored hacking to gain commercial or national intelligence to destabilize the infrastructure of their adversaries, or even to sow discord and confusion in the target country.
You can be the vector of a cyberattack without knowing it!
In most cases, the human being is the weakest link in the IS. The lack of vigilance of his victim or a few moments of inattention on a computer equipment item is what hackers rely on to create a flaw in the system.
Below are some examples:
A very harmless act can have very serious consequences: leaving a session open, opening an email from an unknown source, clicking on an unsecured link are all ways to invite a hacker to access your data. Never forget that a hacker is basically a manipulator! Hackers have plenty of imagination for finding ways to contact you, and this is how they will mislead you.
The use of gadgets
- The MalDuino : is a USB device powered by Arduino which has keyboard injection capabilities. Once plugged in, MalDuino acts like a keyboard, typing commands at superhuman speeds. A few minutes face to face with your machine is enough for the hacker to download all your data.
- The WiFi keylogger : Yes, size matters! Because with body dimensions of 10 mm x 10 mm x 15 mm, it is the smallest USB hardware keylogger that has ever been available on the market and is capable of remote data downloading: email reports, FTP backups and live webcasting in Access Point & WiFi client mode and in time stamping mode. Imagine if someone managed to insert this little gadget on your desktop PC, for example?
- The WiFi PINEAPPLE: is a powerful wireless network auditing tool, which leverages powerful hardware and an intuitive web interface to fit into your pentest workflow. Launching very precise attacks is extremely simple using this small device. The management of the current workflow and the accuracy of the information obtained are truly exceptional for such a small device. Placing this small device near your machine is all it takes to get inside
Users are exposed to many dangers whilst connected to the Internet: IS control or data distortion, identity theft, IS blocking or crypto mining ... the only solution is prevention.