I.

Introduction

The term “cybersecurity” is at least somewhat familiar to many people – after all, the news seems to be full of stories about companies and individuals being affected by online threats like viruses, phishing attempts, malicious hacking attempts and more. Most of us use everyday services through mobile apps, and our data is often stored in cloud environments as well hosted by corporations and governments in their data centres. Cybersecurity threats to each of these locations are different, and legislation (for example, for privacy) varies.

But what do all these things mean in practice, and what should you know to help secure your digital life? While cybersecurity is a complex subject that requires years of experience to fully understand, our aim is to teach you the basics of cybersecurity so you can learn essential digital skills for protecting your online presence.

While the course will be presented in easy-to-understand snippets of information, we will also add external links you can refer to for more detailed information. So now, let’s get started by defining what cybersecurity means in the first place.

Defining cybersecurity

According to Merriam-Webster, cybersecurity is: measures taken to protect a computer or computer system (as on the internet) against unauthorised access or attack”.

While that definition only speaks of unauthorised access or attack against computer systems, Wikipedia considers the subject to be a bit broader. Wikipedia's definition is as follows:

“Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.”

So, in essence, cybersecurity is the art of protecting computerised systems against malicious hackers – as well as accidental or non-human threats (like system failure, natural disasters or accidents). This is the definition we will be using on this course.

Here’s how Wikipedia defines a hacker:

“A computer hacker is a computer expert who uses their technical knowledge to achieve a certain goal, or overcome a certain obstacle, within a computerised system. Whilst the term "hacker" can refer to any skilled computer programmer, it has become associated in popular culture with a "security hacker". This is someone who utilises their technical know-how of bugs or exploits to break into computer systems and access data which would otherwise be unavailable to them. Law enforcement agencies sometimes use hacking techniques to collect evidence on criminals and other malicious actors. This could include using anonymity tools (such as a VPN, or the dark web) to mask their identities online, posing as criminals themselves. Hacking and cyber-attacks have also been used by State actors as a means of warfare.”

A short history of hacking

Let’s look more into hacking. The term “hacking” originates from MIT’s Tech Model Railroad Club, where it was used to describe the act of creating an innovative solution to a technological problem. The motivation of Tech Model Railroad Club members was to understand how things worked and to become masters at utilising them. In time, hacking has come to be thought of as a much broader term. Most of the time hacking is assumed to be malicious in intent.

However, it took a while for hacking to be associated with malicious intent. Computer visionaries such as Bill Gates and Steve Jobs were hackers at heart. They began their careers from the hacker circles which at the time were concentrating on home computing (and phone phreaking, but that’s another story). Over time, the companies these hackers started in the 70s have become some of the largest companies ever. Without the hacker spirit, the world would most likely be unrecognisable to us.

Note

For decades, hacking has had a stigma of nerdiness. Hackers have been thought of as lone teenagers in their basements with their computers. Hollywood's depiction of hackers in movies certainly hasn’t helped. The truth is much more complicated than that though, and nowadays anyone can be a hacker. It is also worth noting that hacking is a tool that is even used by intelligence agencies across the world as well as organised crime groups. All major players in the global political scene use hacking as a tool to either gain more knowledge of their opponents’ capabilities or to bolster their own position.

Some of the most notable hacks during 2020 have been made by nation state actors. They usually have the backing of a country and have access of the country’s resources. While most of the malicious hacks are still done by lone criminals or smaller groups, the most impactful ones are usually done by criminal organisations or these APT (advanced persistent threat) groups.

A great source on the history of hacking and hackers is Hackers: Heroes of the computer revolution by Steven Levy.

Stack of black, grey and white hats

The types of hackers

Usually, hackers are split into three groups: white hats, grey hats and black hats. The colour of the hat is used to describe their intentions.

  • White hat hackers are thought of as ethical hackers who are interested in finding security vulnerabilities with the intention of fixing computer system security. They are usually responsible in their disclosure of findings and do not try to misuse the bugs they find. Some white hat hackers can actually earn quite a bit of money by participating in programs called bug bounties, where companies behind services pay for the disclosure of security issues.

  • Black hat hackers are seen as criminals with malicious intentions. Black hat hackers’ motivation is personal gain. These kinds of hackers are the hackers behind attacks such as ransomware. They might use their findings for their own gain, or they might sell the vulnerabilities to willing buyers. We will call black hat hackers criminals to separate them from the likes of security researchers and hobbyists.

  • Grey hat hackers include those who aim to troll others or who describe hacking as just for fun or to gain reputation. They might describe themselves doing the attacks “for the lulz” and usually they let everyone know about their findings as a sign of showing their skills. They might or might not try to profit of their hacks but generally they’re in it for the reputation.

Confidentiality, integrity, and availability

A classification that is often used for the concept of cybersecurity is what is known as the CIA triad of software security. The terms confidentiality, integrity and availability are often considered to be the three fundamental aspects of security. As with all kinds of classifications, the CIA triad is sometimes thought to be lacking, and missing some integral aspects of software security such as non-repudiation. Lacking or not, the CIA triad is still a very useful tool for thinking about different aspects of security.

The terms are generally described as:

  • Confidentiality – data and resources are kept protected from unauthorised access.

  • Integrity – data is protected from unauthorised changes, i.e, its completeness and accuracy is assured.

  • Availability – authorised users have access to the data or resources.

Confidentiality can be protected by encryption, or by protecting access to the data when it’s stored unencrypted. A stolen laptop is a threat to the confidentiality of the data stored within.

Integrity means that the legitimate users need to be able to trust that the data is accurate. No unauthorised users should be able to modify the data, nor should the data be modified by accident, even by authorised users (such as protecting against the forging of bank transactions to withdraw funds from an account and remove all ways to trace the withdrawal).

Availability is an aspect that is often not thought of enough. If legitimate users are not able to access the data, then that data is practically useless. If a database storing the only copy of the data is deleted or encrypted by malware, this is an availability problem. A denial of service (DOS, or DDOS for distributed denial of service) attack against a service that blocks legitimate users from accessing the data is another aspect of availability. For personal devices, backing up the data is essential for availability. Most phone vendors provide a paid service for keeping an encrypted backup of your data in the cloud. Personal computers can use online services, a networked backup device or a USB drive for backup purposes.

Next section
II. Evaluating risk