Preface

Look at any major news source and you’re bound to find a story or two about recent cyberattacks. Whether it’s a new scam spreading across the internet, hospitals or other organizations targeted with ransomware, or even elections disrupted by other countries, adversaries try to circumvent cybersecurity in many ways. You might find these attacks of interest but think they don’t have much to do with you. However, as cyberattacks become increasingly common, attackers no longer focus exclusively on big corporations. They’ve begun to target everyday individuals. As a result, you can no longer afford to just read about cybersecurity; it’s a daily skill you need to learn and practice.

If you’ve struggled and searched to learn about cybersecurity without first cultivating a deep technical background, look no further: this book is perfect for those who have no background in security, or even computers for that matter.

I created this book to fill a gap. Few resources exist for those who want to understand more than just the basics of computer engineering or administration but aren’t trying to become full-fledged cybersecurity professionals. It’s designed to cover a wide range of topics across the core cybersecurity concepts. Cybersecurity is a vast field with lots of deep valleys that you can easily get lost in. Think of this book as a helicopter tour; you’ll fly over those valleys to get an idea of where you might explore next.

To provide this overview, this book focuses on how black hats operate and the sorts of attacks that exist. At its core, cybersecurity is about defending against threats, both physical and logical, to technical assets. By focusing on what black hats attempt to do, we’ll link threats to the vulnerabilities that cause them and controls that protect against them.

A Note on the Book’s Exercises

The only way to learn cybersecurity concepts is to practice them. To that end, every chapter ends with an exercise that helps you apply the concepts you just learned. These exercises are designed to be completed at home and provide some insight into what you can do to make sure your systems are secure every day. They focus on the core concepts while providing practical knowledge you can use when implementing cybersecurity.

The exercises in this book assume you’re using the Windows or macOS operating system, because of their widespread use by people and organizations worldwide. To follow along, you’ll need at least a Windows 10 or macOS X system.

Many cybersecurity professionals and tools use Linux-based operating systems instead. Although this book doesn’t cover Linux, with a little research you can easily translate many of the concepts explained in the exercises to a Linux system. If you want to pursue cybersecurity further after reading this book, I encourage you to learn about Linux by using resources like Linux Basics for Hackers by OccupyTheWeb (No Starch Press, 2019).

Who This Book Is For

This book is for anyone who’s interested in cybersecurity but isn’t entirely sure what cybersecurity means. That includes people without technical backgrounds, although if you’re just beginning your technical career or are a new computer science student interested in cybersecurity, this book is definitely a great place to start. The intended audience also includes business leaders, account managers, sales and marketing professionals, or any hobbyist who might want to understand why cybersecurity is so important and what it encompasses.

Readers of any age will benefit from reading this book. Although knowledge of some basic concepts about how computers or networking works is helpful, it’s not required to understand the topics in this book. Most of all, this book is for anyone who has ever been curious about how hacking or cybersecurity works in the real world, far beyond what you see in movies or on TV.

What’s in the Book?

The following breakdown of each chapter gives you an idea of the topics we’ll explore:

  1. Chapter 1: An Introduction to Cybersecurity This chapter explains what cybersecurity is and isn’t, the different roles and responsibilities of cybersecurity professionals, and various types of adversaries who attack computer systems. In the chapter’s exercise, you’ll set up threat feeds to learn more about attackers’ activities globally.
  2. Chapter 2: Attack Targets on the Internet This chapter covers how adversaries find you on the internet and includes a primer on how the internet works. You’ll learn what attackers do to find your computer or network using basic information, what attack methodology they often follow, and what you can do to hide from them online. It ends with an exercise that shows you how to use command line tools to discover information about your computer and network.
  3. Chapter 3: Phishing Tactics This chapter focuses on social engineering attacks that exploit human behavior. It covers different types of phishing, how black hats attempt to trick you into thinking they’re someone else, and how you can recognize these types of attacks. As an exercise, you’ll analyze emails to determine whether they’re black hat tricks.
  4. Chapter 4: Malware Infections This chapter describes malware and other kinds of nasty software that black hats use to gain access to your system. I’ll describe different types of malware and what you can do to prevent malware infections. In this chapter’s exercise, you’ll safely analyze files to see whether they contain malware.
  5. Chapter 5: Password Thefts and Other Account Access Tricks This chapter covers authentication: in other words, how you log in to a computer or accounts online. We’ll explore the types of authentication and the kinds of attacks adversaries use to break it. Then we’ll discuss what you can do to make sure your account security remains strong. The chapter’s exercise teaches you how to set up secure authentication for Windows and macOS systems.
  6. Chapter 6: Network Tapping This chapter explores how adversaries attack your network to find data or stop you from using the internet. It explains how wired networks work, how attackers use that knowledge to their advantage, and what you can do to stop these attacks. In the exercise, you’ll set up the default firewall installed on Windows and macOS devices.
  7. Chapter 7: Attacks in the Cloud This chapter discusses what cloud computing means. It then looks at ways that adversaries attack the cloud, including ways that they attack web applications. It also provides methods you can use to secure your cloud accounts against attacks. As an exercise, you’ll practice performing a SQL injection attack to better understand how attackers use these.
  8. Chapter 8: Wireless Network Pirating This chapter covers everything wireless-related: what wireless is, how it works, how adversaries attack the wireless internet, and the best ways to stay safe. It ends with an exercise on how to secure a wireless router from attacks.
  9. Chapter 9: Encryption Cracking This chapter explains encryption, how we use it, and what attackers do to break it. We’ll cover different types of encryption and attacks used to break each. We’ll also discuss how you can ensure your systems use encryption correctly. In the chapter’s exercise, you’ll learn how to encrypt and hash files.
  10. Chapter 10: How to Defeat Black Hats This chapter summarizes the concepts discussed throughout the book in the context of risk management practices. You’ll learn how to manage all the controls and defense measures covered in the book to make sure you have a comprehensive security program. As an exercise, you’ll create a risk management plan to guarantee you have the proper security in place to try to prevent attacks.

By the end of this book, you’ll have a solid idea of what cybersecurity includes, what the core concepts are, how specific attacks work (and what controls you can use to defend your system against them), and how you can implement cybersecurity in practice. You’ll be ready to move on to more advanced topics based on your interests, whether they involve learning how to implement an Active Directory server, create your own encryption cipher, manage vulnerabilities, or run penetration tests. The best part is that you’ll understand how cybersecurity can affect your everyday life and what you can do to secure your devices against increasingly common black hat attacks.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
35.170.64.185