Cybersecurity
Essentials
, Chapter 1:
Cybersecurity - A World of Experts and Criminals
Many of the world’s original hackers were computer hobbyists, programmers and
students during the 60’s. Originally, the term hacker described individuals with
advanced programming skills. Hackers used these programming skills to test the
limits and capabilities of early systems. These early hackers were also involved in
the development of early computer games. Many of these games included wizards
and wizardry.
As the hacking culture evolved, it incorporated the lexicon of these games into the
culture itself. Even the outside world began to project the image of powerful wizards
upon this misunderstood hacking culture. Books such as Where Wizards Stay up
Late: The Origins of The Internet published in 1996 added to the mystique of the
hacking culture. The image and lexicon stuck. Many hacking groups today embrace
this imagery. One of the most infamous hacker groups goes by the name Legion of
Doom. It is important to understand the cyber culture in order to understand the
criminals of the cyber world and their motivations.
Sun Tzu was a Chinese philosopher and warrior in the sixth century BC. Sun Tzu
wrote the book titled, The Art of War, which is a classic work about the strategies
available to defeat the enemy. His book has given guidance to tacticians throughout
the ages. One of Sun Tzu’s guiding principles was to know your opponent. While he
was specifically referring to war, much of his advice translates to other aspects of
life, including the challenges of cybersecurity. This chapter begins by explaining the
structure of the cybersecurity world and the reason it continues to grow.
This chapter discusses the role of cyber criminals and their motivations. Finally, the
chapter explains how to become a cybersecurity specialist. These cybersecurity
specialists help defeat the cyber criminals that threaten the cyber world.
,1.1 Overview of the Cybersecurity Domains:
There are many data groups that make up the different domains of the “cyber world”.
When groups are able to collect and utilize massive amounts of data, they begin to
amass power and influence. This data can be in the form of numbers, pictures,
video, audio, or any type of data that can be digitized. These groups could become
so powerful that they operate as though they are separate powers, creating separate
cybersecurity domains.
Companies such as Google, Facebook, and LinkedIn, could be considered to be
data domains in our cyber world. Extending the analogy further, the people who work
at these digital companies could be considered cybersecurity experts.
The word ‘domain’ has many meanings. Wherever there is control, authority, or
protection, you might consider that 'area' to be a domain. Think of how a wild animal
will protect its own declared domain. In this course, consider a domain to be an area
to be protected. It may be limited by a logical or physical boundary. This will depend
on the size of the system involved. In many respects, cybersecurity experts have to
protect their domains according the laws of their own country.
1.1.1 Examples of Cybersecurity Domains:
The experts at Google created one of the first and most powerful domains within the
broader cyber world of the Internet. Billions of people use Google to search the web
every day. Google has arguably created the world’s largest data collection
infrastructure. Google developed Android, the operating system installed on over
80% of all mobile devices connected to the Internet. Each device requires users to
create Google accounts that can save bookmarks and account information, store
search results, and even locate the device. Click here to see some of the many
services Google currently offers.
Facebook is another powerful domain within the broader Internet. The experts at
Facebook recognized that people create personal accounts every day to
communicate with family and friends. In doing so, you are volunteering a great deal
of personal data. These Facebook experts built a massive data domain to enable
people to connect in ways that were unimaginable in the past. Facebook affects
millions of lives on a daily basis and empowers companies and organizations to
communicate with people in a more personal and focused manner.
LinkedIn is yet another data domain on the Internet. The experts at LinkedIn
recognized that their members would share information in the pursuit of building a
professional network. LinkedIn users upload this information to create online profiles
and connect with other members. LinkedIn connects employees with employers and
companies to other companies worldwide. There are broad similarities between
LinkedIn and Facebook.
A look inside these domains reveals how they are constructed. At a fundamental
level, these domains are strong because of the ability to collect user data contributed
by the users themselves. This data often includes users’ backgrounds, discussions,
, likes, locations, travels, interests, friends and family members, professions, hobbies,
and work and personal schedules. Experts create great value for organizations
interested in using this data to better understand and communicate with their
customers and employees.
1.1.2 The Growth of the Cyber Domains:
The data collected within the Internet is considerably more than just the data that the
users contribute voluntarily. Cyber domains continue to grow as science and
technology evolve, enabling the experts and their employers (Google, Facebook,
LinkedIn, etc.) to collect many other forms of data. Cyber experts now have the
technology to track worldwide weather trends, monitor the oceans, as well as the
movement and behaviour of people, animals and objects in real time.
New technologies, such as Geospatial Information Systems (GIS) and the Internet of
Things (IoT), have emerged. These new technologies can track the health of trees in
a neighbourhood. They can provide up-to-date locations of vehicles, devices,
individuals and materials. This type of information can save energy, improve
efficiencies, and reduce safety risks. Each of these technologies will also result in
exponentially expanding the amount of data collected, analysed and used to
understand the world. The data collected by GIS and IoE poses a tremendous
challenge for cybersecurity professionals in the future. The type of data generated by
these devices has the potential to enable cyber criminals to gain access to very
intimate aspects of daily life.
1.2 Cybersecurity Criminals Versus Cybersecurity
Specialists:
1.2.1 Who Are the Cyber Criminals?
In the early years of the cybersecurity world, the typical cyber criminals were
teenagers or hobbyists operating from a home PC, with attacks mostly limited to
pranks and vandalism. Today, the world of the cyber criminals has become more
dangerous. Attackers are individuals or groups who attempt to exploit vulnerabilities
for personal or financial gain. Cyber criminals are interested in everything from credit
cards to product designs, and anything with value.
Amateurs:
Amateurs, or script kiddies, have little or no skill, often using existing tools or
instructions found on the Internet to launch attacks. Some are just curious, while
others try to demonstrate their skills and cause harm. They may be using basic tools,
but the results can still be devastating.
Hackers:
This group of criminals breaks into computers or networks to gain access for various
reasons. The intent of the break-in determines the classification of these attackers as
Essentials
, Chapter 1:
Cybersecurity - A World of Experts and Criminals
Many of the world’s original hackers were computer hobbyists, programmers and
students during the 60’s. Originally, the term hacker described individuals with
advanced programming skills. Hackers used these programming skills to test the
limits and capabilities of early systems. These early hackers were also involved in
the development of early computer games. Many of these games included wizards
and wizardry.
As the hacking culture evolved, it incorporated the lexicon of these games into the
culture itself. Even the outside world began to project the image of powerful wizards
upon this misunderstood hacking culture. Books such as Where Wizards Stay up
Late: The Origins of The Internet published in 1996 added to the mystique of the
hacking culture. The image and lexicon stuck. Many hacking groups today embrace
this imagery. One of the most infamous hacker groups goes by the name Legion of
Doom. It is important to understand the cyber culture in order to understand the
criminals of the cyber world and their motivations.
Sun Tzu was a Chinese philosopher and warrior in the sixth century BC. Sun Tzu
wrote the book titled, The Art of War, which is a classic work about the strategies
available to defeat the enemy. His book has given guidance to tacticians throughout
the ages. One of Sun Tzu’s guiding principles was to know your opponent. While he
was specifically referring to war, much of his advice translates to other aspects of
life, including the challenges of cybersecurity. This chapter begins by explaining the
structure of the cybersecurity world and the reason it continues to grow.
This chapter discusses the role of cyber criminals and their motivations. Finally, the
chapter explains how to become a cybersecurity specialist. These cybersecurity
specialists help defeat the cyber criminals that threaten the cyber world.
,1.1 Overview of the Cybersecurity Domains:
There are many data groups that make up the different domains of the “cyber world”.
When groups are able to collect and utilize massive amounts of data, they begin to
amass power and influence. This data can be in the form of numbers, pictures,
video, audio, or any type of data that can be digitized. These groups could become
so powerful that they operate as though they are separate powers, creating separate
cybersecurity domains.
Companies such as Google, Facebook, and LinkedIn, could be considered to be
data domains in our cyber world. Extending the analogy further, the people who work
at these digital companies could be considered cybersecurity experts.
The word ‘domain’ has many meanings. Wherever there is control, authority, or
protection, you might consider that 'area' to be a domain. Think of how a wild animal
will protect its own declared domain. In this course, consider a domain to be an area
to be protected. It may be limited by a logical or physical boundary. This will depend
on the size of the system involved. In many respects, cybersecurity experts have to
protect their domains according the laws of their own country.
1.1.1 Examples of Cybersecurity Domains:
The experts at Google created one of the first and most powerful domains within the
broader cyber world of the Internet. Billions of people use Google to search the web
every day. Google has arguably created the world’s largest data collection
infrastructure. Google developed Android, the operating system installed on over
80% of all mobile devices connected to the Internet. Each device requires users to
create Google accounts that can save bookmarks and account information, store
search results, and even locate the device. Click here to see some of the many
services Google currently offers.
Facebook is another powerful domain within the broader Internet. The experts at
Facebook recognized that people create personal accounts every day to
communicate with family and friends. In doing so, you are volunteering a great deal
of personal data. These Facebook experts built a massive data domain to enable
people to connect in ways that were unimaginable in the past. Facebook affects
millions of lives on a daily basis and empowers companies and organizations to
communicate with people in a more personal and focused manner.
LinkedIn is yet another data domain on the Internet. The experts at LinkedIn
recognized that their members would share information in the pursuit of building a
professional network. LinkedIn users upload this information to create online profiles
and connect with other members. LinkedIn connects employees with employers and
companies to other companies worldwide. There are broad similarities between
LinkedIn and Facebook.
A look inside these domains reveals how they are constructed. At a fundamental
level, these domains are strong because of the ability to collect user data contributed
by the users themselves. This data often includes users’ backgrounds, discussions,
, likes, locations, travels, interests, friends and family members, professions, hobbies,
and work and personal schedules. Experts create great value for organizations
interested in using this data to better understand and communicate with their
customers and employees.
1.1.2 The Growth of the Cyber Domains:
The data collected within the Internet is considerably more than just the data that the
users contribute voluntarily. Cyber domains continue to grow as science and
technology evolve, enabling the experts and their employers (Google, Facebook,
LinkedIn, etc.) to collect many other forms of data. Cyber experts now have the
technology to track worldwide weather trends, monitor the oceans, as well as the
movement and behaviour of people, animals and objects in real time.
New technologies, such as Geospatial Information Systems (GIS) and the Internet of
Things (IoT), have emerged. These new technologies can track the health of trees in
a neighbourhood. They can provide up-to-date locations of vehicles, devices,
individuals and materials. This type of information can save energy, improve
efficiencies, and reduce safety risks. Each of these technologies will also result in
exponentially expanding the amount of data collected, analysed and used to
understand the world. The data collected by GIS and IoE poses a tremendous
challenge for cybersecurity professionals in the future. The type of data generated by
these devices has the potential to enable cyber criminals to gain access to very
intimate aspects of daily life.
1.2 Cybersecurity Criminals Versus Cybersecurity
Specialists:
1.2.1 Who Are the Cyber Criminals?
In the early years of the cybersecurity world, the typical cyber criminals were
teenagers or hobbyists operating from a home PC, with attacks mostly limited to
pranks and vandalism. Today, the world of the cyber criminals has become more
dangerous. Attackers are individuals or groups who attempt to exploit vulnerabilities
for personal or financial gain. Cyber criminals are interested in everything from credit
cards to product designs, and anything with value.
Amateurs:
Amateurs, or script kiddies, have little or no skill, often using existing tools or
instructions found on the Internet to launch attacks. Some are just curious, while
others try to demonstrate their skills and cause harm. They may be using basic tools,
but the results can still be devastating.
Hackers:
This group of criminals breaks into computers or networks to gain access for various
reasons. The intent of the break-in determines the classification of these attackers as
