Session Activities: Cybersecurity

Cybersecurity

Cybersecurity requires a broad range of skills including operating systems, networking, and programming.  If you are determined, a good problem solver, creative, and like challenges, then you’ve come to the right place!  Sharpen your deduction and research skills here!  Cybersecurity involves securing or protecting technology and data assets of a person or organization against illegal and malicious intrusion.  It involves protecting or “hardening” desktop computers and servers and the communications between the two.  Learning to secure these assets requires skills from both a defensive and offensive perspective, both defending against attacks, and understanding the offensive techniques and strategies that will be used against you to better guard against them.  At all times, your responsibility is to use the knowledge you gain ethically and to comply with the ten commandments:

Ten Commandments of Computer Ethics

  1. Thou shalt not use a computer to harm other people.
  2. Thou shalt not interfere with other people’s computer work.
  3. Thou shalt not snoop around in other people’s files.
  4. Thou shalt not use a computer to steal.
  5. Thou shalt not use a computer to bear false witness.
  6. Thou shalt not copy or use proprietary software for which you have not paid.
  7. Thou shalt not use other people’s computer resources without authorization or proper compensation.
  8. Thou shalt not appropriate other people’s intellectual output.
  9. Thou shalt think about the social consequences of the program you write or the system you design.
  10. Thou shalt use a computer in ways that show consideration of and respect for your fellow humans.

For a basic definition of cybersecurity and what it entails, read here. For even more information about the field of cybersecurity and it’s importance today, read here.Cybersecurity activities.

Capture the Flag (CTF) and courses:

What is CTF?  In computer security, Capture the Flag (CTF) is a type of computer security competition. … There are two main styles of capture the flag competitions: attack/defense and jeopardy. In an attack/defense style competition, each team is given a machine (or a small network) to defend on an isolated network.

To learn more about CTFs, you can watch this video.

Below are Capture the Flag type of activities in use at TriV.  If you are new to CTF, start here and ask other TriV members if you need help!

www.hackertest.net – test your ability to read source code and crack passwords to get into these simulated systems

www.picoctf.org – a past CTF activity that is still open and suitable for beginners

www.challengeland.co – a more difficult CTF activity that requires you to solve a password challenge just to get into the site!

If you’d like to learn more about CTFs and need more websites:

CTF Field Guide: https://trailofbits.github.io/ctf/ctf.html, for cybersecurity activities that are ongoing (not finite period CTF competitions, read about wargames here).

CTF Time: https://ctftime.org/ctf-wtf/

If you’d like to explore some online cybersecurity courses, try these:

Pivot Project – a challenge driven course where you pick the type of challenge: http://pivotproject.org/

Cyber Aces – learn cybersecurity fundamentals in operating systems, networking, and systems administration: http://www.cyberaces.org/courses/