Cyber Security

Introduction to cyber

1
About The Lecturer
Name:

Title: Specialty:

Email: ***@ecomschool.co.il

how did I get started with Cyber?

This is not about how you started, this is

about what you have been doing ever since

2
 Expectations
• It is impossible to learn the entire cyber field in a year. But you can learn and understand the
basics.

• The Cyber Security field is always evolving, and new threats are constantly being discovered.

• Students are required to invest time and effort after each lesson! Otherwise, you will easily
forget what you have learned.

• Start thinking, ask questions and don’t be afraid to make mistakes - this is how you learn!

• The goal of this course is to teach you how to learn and explore
To Give you a hook and not a fish.

3
 Don’t be afraid to use your brain
0 to 20 – The first one that reaches the number 20, wins!

The rules are – Each player can “jump” forward by 1 or 2.

The mission is to find a logic that will always get you a win.

4
 Legal Disclaimer
Any use of what you learn in the course and what the lecturer explains /
presents during or after the lesson - is for educational purposes only.

Any use of the studied material without explicit approval is illegal and at
your own risk.

5
So…what is Cyber?
“Cyber security is the practice of defending
computers, servers, mobile devices,
electronic systems, networks, and data
from malicious attacks…”

6
 What changed the game?

On average, organizations Processing capabilities In 2009, the first Bitcoin New players in the
pay a ransom of $233,217. In increase at a rapid rate. transaction was made. cyber arena bring new
Which allows attackers to Since then 95% of internet motives for carrying
2021, ransomware attacks
exploit mechanisms that do ransom payments have out attacks, are
against businesses will occur sponsored by
not keep up with the been made through
every 11 seconds. The global technological pace. cryptocurrencies. They countries and change
cost of ransomware recovery Passwords .. DDos. Spam.. provide anonymity and the ecosystem in the
exceed $20 billion in 2021 cyber world
convenience for payment
7
Hacker Types

8
 Black hat hackers
Motivation: Money.

Skills: Extensive knowledge about

breaking into computer networks and
bypassing security protocols. Some can
also write malwares.

Overall risk: Medium\high, depends on

their experience and scope of operations.

Means of Execution: Data Exfiltration,

Ransomware, phishing, Recon and
different types of malwares.

9
 White hat hackers
Motivation: Career, paid employees.

Skills: Same as black hat hackers.

Overall risk: No risk, they always seek

approval to hack (as long as you pay
them).

Means of Execution: All kinds of

penetration testing techniques an tools.

10
 “Hacktivists”
Motivation: Ideology or socially.

Skills: same as black hat hackers.

Overall risk: High, they usually work as

groups to cause damage to specific
targets based on their political and social
believes.

Means of Execution: DDOS & Data

Exfiltration, Exposing secrets.

11
 Script Kiddies
Motivation: Curiosity.

Skills: No real programming skills or

deep level of understanding.

Overall risk: Low / medium, they don’t

fully understand what they are doing and
thus could cause damage due to lack of
experience and understanding.

Means of Execution: DDOS, Exploiting

Unpatched Vulnerabilities.

12
 APT Hacking groups
Motivation: Money.

Skills: Highly skilled and organized.

Overall risk: very high, they usually

target vulnerable organizations in order
to gain large amounts of money.

Means of Execution: “Zero day”

exploits, Ransomware, Defense
evasion TTPs.

13
State-Sponsored
Hackers
Motivation: Promote a nation’s interest.

Skills: Very highly skilled with access to

a lot of resources.

Overall risk: Very high, they usually

target other states critical facilities as a
new field of war - the cyber field.

Means of Execution: Supply chain

attacks, spywares and data exfiltration.

14
 C2 Trojan Ransomware

Phishing Cryptojacker Worm

Hacker’s Arsenal 15
 Why Learning Cybersecurity as a Profession?
• High Demand: Escalating cyber threats create a global demand for skilled cybersecurity
professionals.
• Career Growth: Rapidly evolving field offers continuous learning, skill development, and
advancement opportunities.
• Impactful Work: Defend against cybercrime, protect data, and contribute to digital trust in
society.
• Varied Roles: Diverse roles include ethical hacking, incident response, risk management, and
more.
• Lucrative Salaries: Competitive salaries and benefits reflect the critical importance of
cybersecurity expertise.

16
Cyber , IT & Communication
roles

17
So many roles…

IT Information Technology:
Help-Desk, Technical Support, Sys admin,
Integrator, NOC, Cloud Specialist, etc.
D Security Operations:
SOC, Threat hunter, forensics
investigations, incident response,
Malware Analysis blue team.

O Offensive Security:
Attack systems in order to test their
resistance to attacks:
Industrial Spyware, Penetration Tester, Red
RD Research & Development:
vulnerabilities researcher,
AppSec, Security Architect
Team.
Choosing cybersecurity as a profession empowers you to
make a difference in the digital world while enjoying a
fulfilling and rewarding career journey.

18
Degree. Needed or not?
Open Debate. Feel free to ask whatever
you want.

19
Future trends in cyber

1 More and more companies are

becoming aware of cyber and its
effects on the economy - more jobs
2 With the development of artificial
intelligence (AI) Technology,
sophisticated attacks as well as Security
mechanisms will become easier to
develop and at larger scale.

3 It can be noticed that there are more and more Black hat Hacking groups who are
known to targeting at civilians and exfiltrate personal data at scale – the digital life is
starting to get dangerous for the regular people as well.

20
Stay Updated
DigitalWhisper
digitalwhisper.co.il/

TheHackerNews
thehackernews.com/

21
 The Computer
Defined as any machine that executes
predefined commands.

Built to simplify daily operations as well as to

perform fast calculations required for every use.

Computers today are an integral part of our

lives and are needed for almost every field and
industry

22
 Computer component
It is very common to divide every computer part
into two categories:

• Hardware

• Software

23
 Hardware
Hardware is defined as the physical
components that make up the computer

Computers are built according to the

customer's requirement for capabilities
defined by a certain hardware.

24
 Hardware Types Example
Computer Level
Input-Output Devices Mother Board NIC RAM CPU GPU

Network Level
Hub Switch Router Modem CAT cable & RJ45 AP Optic Fibber

25
 Software Kernel
A piece of code written in a programming language
that undergoes a certain processing (called
compilation) to be translated to the CPU.

Code is written in a language similar to English

(but completely different syntax) to make the
computer perform operations.

26
Software Types Example
User Level
Office Suite Browser Whatsapp Terminal

Hacker Level
Worm Virus Ransomware Trojan

27
Recent Known Attacks
• Shirbit - Black Shadow

• SolarWinds - Sunburst

• Facebook - Data leak

• Los Angeles Times - Ryuk Ransomware

28
Software Code
{example}

29
The Software and Hardware connection
While a programmer writes code, the
hardware is usually behind the scenes.

To connect to the computer hardware,

the software runs over the Operating
System that provides the connection to
underlaying hardware.

The specific component in the OS that

connects between hardware and
software is called Kernel.

30
 Home assignment
• Send to the lecturer a short paragraph about yourself and why you
chose to learn Cybersecurity at Ecom School.

• Choose one out of these cyber attacks, read about them and
summaries them for next lesson:
1. Stuxnet (you could also watch the movie zer0days about that attack)
2. Eternalblue – The NSA hack
3. MafiaBoy – DDOS attacks

31
 The End
Introduction to cyber

32