Question 1 Typical cyber-attack process
In hacking, there exist two types of hackers, a white-hat hacker, and a black hat hacker. A white-hat hacker is a hacker to secure vulnerabilities in networks, hardware, and software. White hackers are also known as ethical hackers and are known for their nature of exploiting vulnerabilities only when given legal permission to do so. A black hat hacker is a hacker who gets into networks, hardware, and software intending to cause harm. Black hat hackers engage in the exploitation of vulnerabilities to gain money or destruction of data and machines. It is, therefore, necessary for one to be an excellent white-hat hacker, he or she must understand how a black hat works.
A black hat hacker typically follows a typical method that involves specific steps with the aim of hacking and acquiring what he or she wants. The first step is reconnaissance, where the hacker identifies a vulnerable target and explores the best way to exploit it, and at this point, anyone is a target. Scanning is the second step, and it is at this step that the hacker scans for vulnerabilities to exploit. Access and escalation are the third steps, and it is at this point the hacker having identified the vulnerability accesses what he wants. It starts to rise by gaining credentials necessary to escalate his privileges to the admin level. Exfiltration is the fourth step where the hacker can now access sensitive data and change or erase files at his own will.
Sustainment is the fifth step where a hacker makes sure they are anonymous and can come and go as they please. Assault is the sixth step where the hacker may choose to bring down the hardware or network they hacked into, causing significant damage. The last step is obfuscation, which is the hiding of their hacking tracks to avoid being caught though most leave a signature so they can boast about the hack. For a white hat hacker to deal with a black hat hacker, he must be very familiar with these typical methods to make sure one does not fall victim to such attacks.