1
00:00:07,010 --> 00:00:11,900
Let's begin the course with an important question what is ethical hacking?

2
00:00:12,560 --> 00:00:18,520
Well, it just means we're testing systems for weaknesses with the explicit permission of the owner.

3
00:00:18,530 --> 00:00:25,010
That means the person who controls or owns that computer, that network, that system has given us explicit

4
00:00:25,010 --> 00:00:28,720
permission to test using ethical hacking techniques.

5
00:00:29,120 --> 00:00:33,830
These are the same techniques and tools that an attacker might use to find vulnerabilities, will learn

6
00:00:33,830 --> 00:00:42,590
about Linux, Métis, Boyte, and we'll use lots of platforms from Linux to PC Windows desktops to Mac

7
00:00:42,590 --> 00:00:44,570
and even Android devices.

8
00:00:45,080 --> 00:00:49,850
And depending on the type of ethical hacking you're doing, you can either recommend and sometimes if

9
00:00:49,850 --> 00:00:54,230
you're working for the same company, apply the fixes and improvements to secure systems and networks.

10
00:00:54,800 --> 00:00:59,930
Above all, ethical hacking is practical, useful and it's hands on.

11
00:01:00,230 --> 00:01:04,880
We'll actually perform the hacks and then we'll learn how to secure against them.

12
00:01:05,450 --> 00:01:12,230
What we're trying to do in security is protect what we call the CIA triad or the security triad confidentiality.

13
00:01:12,230 --> 00:01:18,230
That means that we protect information from unauthorized access that can be insiders or outsiders who

14
00:01:18,230 --> 00:01:23,240
just don't have the permission to access certain materials integrity.

15
00:01:23,270 --> 00:01:30,650
That means that we're trying to protect our data or our systems from unauthorised modification and then

16
00:01:30,650 --> 00:01:31,460
availability.

17
00:01:31,460 --> 00:01:35,900
That means that we have timely access to the information by the right people.

18
00:01:36,500 --> 00:01:42,140
That means, well, an example of the loss of availability might be a denial of service attack where

19
00:01:42,140 --> 00:01:44,750
all the Internet is shut down because of heavy traffic.

20
00:01:45,170 --> 00:01:51,170
A problem with integrity could be someone who's gone in and modified files, changed data and a record

21
00:01:51,410 --> 00:01:55,880
or deleted log files to delete signs of hacking.

22
00:01:56,270 --> 00:02:01,430
And any loss of confidentiality just means that someone else can see data that they're not supposed

23
00:02:01,430 --> 00:02:01,890
to see.

24
00:02:02,540 --> 00:02:04,490
There are lots of different types of attackers.

25
00:02:04,940 --> 00:02:08,660
You have outsiders and insiders as threats.

26
00:02:08,690 --> 00:02:10,910
So outsiders can be your competitors.

27
00:02:11,210 --> 00:02:13,760
They can be black hat and grey hat hackers.

28
00:02:14,330 --> 00:02:21,020
White hacker is what we're learning to be that someone who uses ethical tools and means to test systems,

29
00:02:21,020 --> 00:02:24,050
a great hacker sits sort of in-between.

30
00:02:24,050 --> 00:02:30,590
They they usually state a positive purpose, but they can use some of the techniques that they shouldn't

31
00:02:30,590 --> 00:02:31,250
be using.

32
00:02:32,540 --> 00:02:37,790
That just means that they're trying something and don't have full authorization or using illegal techniques

33
00:02:38,150 --> 00:02:40,670
as part of their trade and black hat.

34
00:02:41,090 --> 00:02:43,010
It's no holds, no holds barred.

35
00:02:43,400 --> 00:02:50,330
They can use any techniques, any means to get into a system, organized crime, terrorists, foreign

36
00:02:50,330 --> 00:02:52,250
governments, military, law enforcement.

37
00:02:52,610 --> 00:02:58,190
There are lots of outsiders that might want to peek into your network or worse than insider threats

38
00:02:58,190 --> 00:03:02,570
come in the form of customers, suppliers, vendors, business partners.

39
00:03:02,840 --> 00:03:09,200
Think about contractors that come on your web, on your company's premises, temps, consultants, and

40
00:03:09,200 --> 00:03:14,900
then, of course, your employees, disgruntled current employees, former employees or even employees

41
00:03:14,900 --> 00:03:16,400
who don't mean to do something wrong.

42
00:03:16,400 --> 00:03:19,430
Just human error can be an example of an insider threat.

43
00:03:19,430 --> 00:03:23,970
That's why the training that we'll talk about an ethical hacking is very important.

44
00:03:23,990 --> 00:03:27,710
It keeps our good people from accidentally doing something bad.

45
00:03:28,220 --> 00:03:31,550
There are lots of good reasons not to become an attacker.

46
00:03:31,820 --> 00:03:35,900
You're going to learn about ethical hacking and hacking is not necessarily a bad term.

47
00:03:36,170 --> 00:03:41,240
We just associate it with bad hackers and attackers because of the media.

48
00:03:41,630 --> 00:03:46,490
But being an attacker is illegal in most countries here in the United States.

49
00:03:46,580 --> 00:03:53,900
U.S. Code Title 18, Section 10, 30 and others contain the Computer Fraud and Computer Abuse Act.

50
00:03:54,230 --> 00:03:59,810
We've got the USA Patriot Act that determines who can see what information, Homeland Security Act,

51
00:04:00,080 --> 00:04:03,980
if there's any suspicion of terrorism, the Protect Act.

52
00:04:04,130 --> 00:04:09,740
You can go to the Department of Justice's website, Cyber Crime Dot gov, and see lots of good resources

53
00:04:09,740 --> 00:04:14,030
and information on what's legal and what's illegal when it comes to cyber crime.

54
00:04:14,870 --> 00:04:22,100
Just to give a short version, unauthorized access or use of any computer or network or system is illegal.

55
00:04:22,440 --> 00:04:26,300
A good example in the real world would be finding a key on the sidewalk.

56
00:04:26,300 --> 00:04:30,890
That's the same as finding a vulnerability, like somebody left a password in plain text out on the

57
00:04:30,890 --> 00:04:31,370
Internet.

58
00:04:31,760 --> 00:04:35,810
That's a vulnerability finding that is not illegal.

59
00:04:35,810 --> 00:04:40,370
If you just see a key on the sidewalk, even sometimes if you pick the key up, it may not be illegal.

60
00:04:40,700 --> 00:04:46,610
But if you try that key on a door and walk into a house or walk into a business, you've committed unlawful

61
00:04:46,610 --> 00:04:51,260
entry lets the same spirit with all of the computer laws.

62
00:04:51,590 --> 00:04:56,330
When we try to exploit a vulnerability that's like opening the door and walking into the premises,

63
00:04:56,660 --> 00:05:00,050
that is an unauthorized access or an unlawful entry.

64
00:05:00,290 --> 00:05:01,670
You didn't have to break anything.

65
00:05:01,670 --> 00:05:06,410
It's not breaking and entering, but it's still an unlawful entry, unauthorized access.

66
00:05:06,740 --> 00:05:12,230
And remember that even unintentional attacks are illegal, too, if you try some of the techniques that

67
00:05:12,230 --> 00:05:17,630
can create a network flood, for example, on a network that you don't have explicit permission to test,

68
00:05:18,260 --> 00:05:24,650
like a coffee shop, a library, your work, your school, if you take down the network, that is illegal

69
00:05:24,650 --> 00:05:25,220
as well.

70
00:05:25,220 --> 00:05:28,470
Even an unintentional attack can break the law.

71
00:05:29,060 --> 00:05:34,730
There are reasons that we study the ethical hacking using the tools that actual hackers or bad attackers

72
00:05:34,910 --> 00:05:35,430
use.

73
00:05:35,450 --> 00:05:41,120
And that's because we want to evaluate the systems that we're defending, just like an attacker would.

74
00:05:41,540 --> 00:05:46,400
We also want to be able to implement countermeasures or put something in place that will keep that attack

75
00:05:46,400 --> 00:05:47,540
from being successful.

76
00:05:47,840 --> 00:05:52,190
And then we also want to better understand the implications of the decisions we make.

77
00:05:52,400 --> 00:05:58,460
If we turn off security in one area or lessen the security so that we make work easier, then we can

78
00:05:58,460 --> 00:06:04,600
unintentionally bring in additional vulnerabilities and allow other threats onto our network.

79
00:06:04,940 --> 00:06:10,700
So we just need to be able to make those decisions between usability and security and find the right

80
00:06:10,700 --> 00:06:12,470
balance for our organization.

81
00:06:12,950 --> 00:06:18,120
What are the things we do to protect a system and a network and our data from access?

82
00:06:18,140 --> 00:06:23,010
First of all, prevention is just putting in place techniques that cause attacks to fail.

83
00:06:23,360 --> 00:06:29,030
So a good firewall will block a portion of attacks, good antivirus will block another portion of attacks.

84
00:06:29,390 --> 00:06:37,060
Training will help block a lot of attacks that employees or or users on your network might fall for.

85
00:06:37,550 --> 00:06:40,300
Then we put in place above prevention detection.

86
00:06:40,430 --> 00:06:46,790
Those are techniques that can determine when someone is attacking your network and detect that something

87
00:06:46,940 --> 00:06:52,730
has occurred and report it so that your security team can begin working on that last stage, which is

88
00:06:52,730 --> 00:06:53,420
recovery.

89
00:06:54,410 --> 00:07:00,620
Recovery just means techniques that stop attacks and then assess and repair any damage that's caused.

90
00:07:00,920 --> 00:07:03,830
Ransomware attacks are pretty prevalent these days.

91
00:07:04,040 --> 00:07:11,300
A good backup can be your first line of defense to making sure that ransomware doesn't affect your network

92
00:07:11,300 --> 00:07:13,240
as badly as it has many in the world.

93
00:07:13,670 --> 00:07:16,330
So we need multiple layers of security.

94
00:07:16,370 --> 00:07:22,910
We call this a layered approach because we we don't rely on just a firewall, just antivirus, just

95
00:07:22,910 --> 00:07:23,300
training.

96
00:07:23,300 --> 00:07:29,350
We put all of those types of things and more in place on our networks, prevention, detection and recovery.

97
00:07:29,870 --> 00:07:33,940
And there's good news and bad news when it comes to the types of threats on our networks.

98
00:07:34,040 --> 00:07:40,670
First of all, a 2015 cyber risk report showed that almost half of those 44 percent of all breaches

99
00:07:40,670 --> 00:07:46,340
in 2015 came from known vulnerabilities that were two to four years old.

100
00:07:46,700 --> 00:07:52,940
That means that there had been patches for most of these problems for over two years and they were still

101
00:07:52,940 --> 00:07:55,580
successful almost half of the time.

102
00:07:55,580 --> 00:08:00,080
44 percent of those breaches came from attacks that a patch had been available for.

103
00:08:00,080 --> 00:08:02,500
And by a patch, we just mean updating your systems.

104
00:08:02,810 --> 00:08:09,260
In fact, the Australian Signals Directorate, that's like the Australian NSA found that 85 percent

105
00:08:09,260 --> 00:08:12,260
of breaches were preventable in a certain year.

106
00:08:12,590 --> 00:08:17,690
And I think this applies almost all the time just by doing four things.

107
00:08:17,990 --> 00:08:19,790
That's application white listing.

108
00:08:19,790 --> 00:08:25,730
So restricting which programs can run on your computer, not installing new software all the time,

109
00:08:25,730 --> 00:08:32,030
and putting in place measures that will keep new software from installing itself, then patching applications.

110
00:08:32,030 --> 00:08:37,730
That means updating office, updating Java, updating your Adobe Flash or anything else that you may

111
00:08:37,730 --> 00:08:38,330
be using.

112
00:08:39,200 --> 00:08:45,740
Then patching operating systems like your Windows updates, doing software updates on your Mac or your

113
00:08:45,740 --> 00:08:48,950
Linux, and then restricting administrative privileges.

114
00:08:48,950 --> 00:08:52,970
That just means account controls for your everyday computer use.

115
00:08:53,210 --> 00:08:59,600
You probably don't need to be an administrator, so you sign in with a user account and then you reserve

116
00:08:59,600 --> 00:09:06,080
the administrative account level or you elevate your privileges only when you need to do things to administer

117
00:09:06,080 --> 00:09:08,690
or to to maintain the computer.

118
00:09:09,260 --> 00:09:16,940
Just those four things can make an 85 percent impact in the number of attacks that that are successful

119
00:09:16,940 --> 00:09:18,920
or unsuccessful coming into your network.

120
00:09:19,400 --> 00:09:22,840
Let me wrap up this brief introduction with a couple of disclaimers.

121
00:09:23,150 --> 00:09:27,470
While many of the examples that you're going to see in this course came from exercises, we actually

122
00:09:27,470 --> 00:09:33,230
performed with real students in the National Cyber Warrior Academy, this online course is not sponsored

123
00:09:33,230 --> 00:09:36,700
or endorsed by the NSA or the University of North Georgia.

124
00:09:36,920 --> 00:09:42,440
All opinions expressed here are my own, and the techniques and tools demonstrated in this course can

125
00:09:42,440 --> 00:09:47,720
cause serious damage if misused, either intentionally or unintentionally.

126
00:09:48,020 --> 00:09:50,060
So please proceed with caution.

127
00:09:50,060 --> 00:09:52,940
Be careful where you use these techniques and tools.

128
00:09:53,240 --> 00:10:00,470
Do it only on a system that you own or you have your parents or your employers explicit permission to

129
00:10:00,470 --> 00:10:01,010
test.

130
00:10:01,760 --> 00:10:03,860
You need written permission in the case.

131
00:10:03,860 --> 00:10:06,350
Where are you going to run something on a network.

132
00:10:06,480 --> 00:10:10,420
We're on a computer system that you do not personally own or pay for.

133
00:10:10,800 --> 00:10:15,810
You need to practice these tools and techniques in a virtual ised environment like we're going to learn

134
00:10:15,810 --> 00:10:22,860
to do so that these tools don't cause unintentional damage on the network or on the system you're touching

135
00:10:23,580 --> 00:10:29,160
across this course, we're going to learn how to hack everything from Mac, PC, Linux, computers all

136
00:10:29,160 --> 00:10:33,480
the way to Android devices, even car hacking as a part of this course.

137
00:10:34,900 --> 00:10:39,770
So you're going to get exposed to a lot of tools and techniques in a very short period of time.

138
00:10:39,790 --> 00:10:46,810
Take your time, work through each section and feel free to explore each of the tools that we're going

139
00:10:46,810 --> 00:10:47,340
to use.

140
00:10:47,560 --> 00:10:50,780
We'll set up a safe network environment so that you can do that.

141
00:10:51,190 --> 00:10:56,460
But first, we're going to start with a practical example of real world ethical hacking.

142
00:10:56,980 --> 00:11:04,450
We're going to hack into a Windows computer with just two reboots, two commands or two spatial key

143
00:11:04,450 --> 00:11:08,310
combinations and four commands that have to be typed at the command line.

144
00:11:08,620 --> 00:11:13,180
You're going to see how to get into a Windows machine, to retrieve old files, to set up a new user

145
00:11:13,180 --> 00:11:15,080
account when you might have forgotten the password.

146
00:11:15,430 --> 00:11:17,620
It's a very practical, real world.

147
00:11:17,620 --> 00:11:18,670
Hands on example.

148
00:11:18,820 --> 00:11:20,500
And we'll start it next.