ABOUT
The Cyber Academy Solution
Interactive training and lessons from ethical hackers are what ensure deep understanding and long-term Cyber Academy course retention. Our multi-media approach clearly educates attendees on the do’s and don’ts of using business IT infrastructure. Detailed booklets ensure nothing is forgotten and good habits are fostered company wide. Our team of experts combines extensive knowledge in information security and technological expertise, and has first-hand experience in developing educational awareness sessions and delivering interactive and memorable awareness workshops, tailored to your organisation’s needs, sector and environment.
The Cyber Academy presents 'MEET THE HACKER', a guided tour from an attacker’s perspective on how we use staff to bypass security controls and gain access to unauthorised resources. We will also tackle the most fundamental areas to gain access through social engineering. When you complete the course you will receive a Cyber Academy Certificate from the renowned white hat hacker, Rudi Dicks. This certificate makes you a Cyber Catalyst.
CONTENT
KNOW THE HACKER
Hackers come in all shapes and sizes. From kids trying to gain infamy on the Internet to political groups trying to send a message, the motives for a cyber-attack vary widely. The term “hacker” carries a rather negative connotation for most people. Gone are the days where we view hackers as the iconic nerds sitting in a shabby basement with ski masks on. Hacking skills have become more and more advanced and in-demand as both companies and countries strive to protect their information software and networks. So how can you protect yourself? It all starts with getting to know your enemy a little better. In this module we profile three different kinds of hackers: the black hat, white hat and grey hat hackers.`
SOCIAL ENGINEERING
In the context of information security, social engineering refers to the psychological manipulation of a person to perform an action or divulge confidential material. It is a fraudulent means to gather information or access a system and is often one of the many steps taken in a more complex fraud scheme. Social engineering tactics sometimes rely on an individual’s kindness and empathy, as well as their weaknesses, or can be blatantly deceitful and dishonest. This module aims to provide a good understanding of what social engineering is and provides several contexts of where and how it can be detected. It arms the participants with vigilance against social manipulation, whether it be physical or digital
PHISHING
Phishing is a cyber-attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment. What really distinguishes phishing is the form the message takes: the attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with. It is the most widespread and malicious, with phishing messages and techniques becoming increasingly sophisticated. This module trains the participants to spot techniques used by hackers and to guide them to do several procedural checks before opening links or attachments.
PHARMING, SPEAR PHISHING AND WHALING
Pharming attacks are typically widespread, where a hacker sends the same email to a multitude of recipients and waits to see which recipients take the bait.) Spear phishing attacks are onslaughts that are cleverly researched and that target an individuals’ weaknesses or Achilles heel (so to speak). With the advent of social media, people’s interests are publicly available to everyone for consumption. This makes the hacker’s task extremely easy when engineering a crafty spear-phishing attack. Whaling is a specific form of phishing that’s targeted at high-profile business executives, manager, and the like. It’s different from ordinary phishing in that with whaling, the emails or web pages serving the scam take on a more official or serious look and are usually targeting someone in particular. Examples of each attack are thoroughly explained in this module.
RANSOMWARE
The greatest risk that individuals pose to organisations, is falling prey to ransomware attacks. These can be executed by hackers, physically or via attachments by email. Hackers will typically leave USB sticks, containing a few viral executable files, lying around the organization. Once launched and executed, the virus takes all the system files and encrypts them to the point that they are no longer recognizable, as shown in the image alongside. The hacker then requests payment in a currency (bitcoins) to receive a code to restore the files. This module explains the travesties that many organisations have suffered by falling victim to this kind of social engineering attack and also provides advice on how to protect against it.
PHYSICAL SECURITY
Paying attention to physical security is extremely important in keeping your organisation secure. This module covers topics such as a clean board and desk policy, dumpster diving and upholding physical security controls within the organisation.
DIRECTIONS
The Cyber Academy - Cyber Warfare is the battleground of now: Creating Vigilance through Education - Cape Town - 7 Nov 19
SISSA Conference Centre
Boundary Rd, Newlands, Cape Town, 7700
Get Directions