Encryption is a process of encoding messages to keep them secret
Caesar cipher/ shift cipher/ Caesar shift: one of the simplest and most known encryption techniques.
The Caesar Cipher works by shifting every letter in the plaintext message a certain number of positions down the alphabet
Caesar cipher is a substitution cipher
The best technique for cracking a random substitution cipher is known as frequency analysis
Frequency analysis is based on how frequently certain letters appear in English versus others
Good encryption algorithms are public, but use secret keys as an input to the algorithm
Encryption algorithms are evaluated based upon the amount of time it would take a computer to crack the key
Vigenere cipher is an encryption technique that uses a key and cannot be cracked using frequency analysis; it applies a series of Caesar ciphers based on the letters of a key
packet sniffing occurs when the contents of a packet is analyzed by a third party
Hypertext Transfer Protocol Secure was developed as a secure alternative to HTTP
In HTTPS, the communication protocol is encrypted by using SSL(Secure Sockets Layer, formerly)/TLS (Transport Layer Security)
SSL/TLS provides authentication between client and server
Authentication is the process of verifying that you are the person who has the right to access a particular computer or service
Passwords stored in databased are encrypted, usually with one-way function known as cryptographic hash function
A one-way function is an algorithm that is easy to apply and hard to undo
Passwords are hashed before being stored, when a user tries to login, the password entered is put through the same hash function
types of encryption: symmetric and asymmetric
A symmetric encryption algorithm requires the use of a secret key known to both the sender and receiver
In an asymmetric/ public key encryption algorithm, the key for encryption and for decryption are quite different, although related
Cybercriminals commits cybercrimes by exploiting vulnerabilities in hardware/ software or taking advantage of unintentional decisions made by people using software
A computer virus is a type of malicious software program (malware) that, when executed, replicates itself by modifying other computer programs and inserting its own code
Virus writers use social engineering deceptions and exploit detailed knowledge of securityvulnerabilities to initially infect systems and to spread the virus
Computer viruses currently cause billions of dollars' worth of economic damage each year
An industry of antivirus software has cropped up, selling or freely distributing virus protection to users of various operating systems
Viruses can potentially gain control of computers and form a botnet then attack other machines connected to the internet (distributeddenial-of-serviceattack/ DDoS attack)
a network of infected computers that work together to carry out an attacker's goals
botnet
denial of service is typically accomplished by flooding the targeted machine or resource with superfluous request
DDoS attacks tend to be more successful than their basic DoS counterparts as the amount of data required to overload the system is relatively high
DDoS attacks are harder to detect, prevent, and prosecute than DoS attacks as there are several machines involved
most common cybercrime
phishing
The attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity
phishing
Phishing is typically carried out by email spoofing (a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they know or trust)
2/3 of malware was installed via email attachments in 2016
Historically, popular operating systems and software applications have been the most vulnerable to viruses
The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures
a threat intelligence firm that gathers information on attacks happening to its infrastructure, visualized via Norse Attack Map