Cyber Primer - Learn by Doing

Modern organisations are able to reap a raft of benefits from today's agile interconnected world. That world brings new risks and users must understand their role in reducing those risks.

The Cyber Primer course aims to educate users about the vulnerabilities that they could introduce into the business and the cyber threats that they are subject to on a daily basis. Users will learn about the techniques threat actors employ, not as outsiders, but from the adversaries perspective. Users will learn about some of the tools and techniques that malicious actors employ against in a safe environment against real targets. Delegates will compromise machines using phishing email attacks, Experience first-hand the damage mobile malware can cause and learn how to react to social engineering attacks in an immersive way.

Prerequisites

There are no specific pre-requisites for this course. However a general understanding of development practices and a broad understanding of current threats would be desired. There are group exercises, and instructor led ‘hands-on’ labs within each module of this course. Delegates can observe the instructor demonstrations or engage fully with each hands-on lab, subject to experience.

This course is suitable for individuals looking to understand more about cyber security ‘above the hygiene bar’, but is also a good introductory course for those from a non-technical background who need to understand more about the protection of corporate systems and data.

Learning Outcomes

At the end of this course you will be able to:

List the core factors when evaluating cyber risk
List the main categories of Cyber Threat Actor, Their motivations and methods to achieve their aims
Understand and apply the Cyber Kill Chain in order to understand and mitigate Cyber Risk
Practice the same Recon techniques that threat actors carry out while preparing for an attack and look at methods to mitigate this threat
Practice the same Weaponisation techniques that threat actors employ when they are preparing their exploits against Windows, Linux and Android devices
Understand reverse encoding and encryption techniques that is used to hide the true purpose of malware
Experience Social Engineering from the first person perspective

Course Outline

This course is instructor led with a heavy emphasis on practical lab elements which allow users of all levels to carry out cyber-attacks through ‘hands-on’ labs, competitive challenges, Interactive based quizzes.

Module 1 - Introduction to Cyber

This module aims to introduce the idea that their organisations can be reduced into an attack surface of three primary domains. We also introduce the concept of the Cyber Kill Chain which allows us to see breach as a series of events that each offer opportunity, as a business, to break that chain and prevent a breach.

This module also introduces the various threat actors that might target our information assets, their methods and motivations. We also look at how businesses can appraise cyber risk in a meaningful way that will allow the appropriate allocation of resources to mitigation.

Module 2 - Recon

In this module we will understand and use some of the same recon techniques and tools that threat actors will use in the initial stages of the attack. We will use Twitter geolocation to identify employees of your own organisation and map their movements over a week. We will also use Facebook to uncover information on our own profiles that we thought was private. We will also use Maltego, Nmap and Shodan to discover vast swathes of our own infrastructure and produce target maps and uncover vulnerabilities.

Module 3 - Weaponisation

In this module we will look at how threat actors can create a range of exploits for Windows, Linux and Android devices. We will also look at how these breaches establish command and control back to the attacker and how this traffic can be hard for our NIDS systems to spot unless we properly train them. We will also look at the ways malware can disguise its true purpose using encoding and encryption.

Module 4 - Delivery

In this module we will look at how MITM techniques can be used to undermine SSL/TLS in order to retrieve sensitive information. We will also look at how modern Mani in the Middle (MITM) tools can be used to inject, in real time, A backdoor into any downloaded executable that passes over the target network. We will also use network mapping tools to uncover and attack vulnerable services, Utilising information captured from one compromised service to allow us to attack another. We will also look at how SS7 can be abused to allow us to spoof text messages, An overlooked vector for social engineering attacks.

Module 4 – Social Engineering

This short module introduces the concept of social engineering and uses ‘first person engagement’ to allow you to experience a social engineering attack first hand and see the results of decisions you make.