How to Think Like a Hacker: an anatomy of cyber attacks
Duration
- One Semester or equivalent
Contact hours
- 36
On-campus unit delivery combines face-to-face and digital learning. For Online unit delivery, learning is conducted exclusively online.
2022 teaching periods
Swinburne Online Teaching Period 2 |
||
---|---|---|
Dates: Results: Last self enrolment: Census: Last withdraw without fail: |
Aims and objectives
Understanding the adversary is a first step to countering cybersecurity threats. This unit introduces the field of cybersecurity by focusing on the mindsets, methods and motivations of the key actors: hackers. Hackers often tap into basic social norms and mores, such as people’s desire to be helpful and friendly, as well as seeing gaps in processes - and having a willingness to exploit them. Their motivations for doing so can be from diverse range of reasons, from simple curiosity and intellectual challenge to financial gain, to political causes, whether it’s state-sponsored attacks and intelligence gathering to “hacktivism
Students who successfully complete this unit will be able to:
1.Critically review different forms of hacking behaviour and explain the mindsets and the motivations behind hacking
2. Identify and differentiate the various tactics that hackers use in breaching communication networks and information system
3. Explain and measure the profit models and value chain behind hackers' activities
4. Critically evaluate standard business security practices from the viewpoint of a hacker
5. Recommend processes and practices to reduce the likelihood of data breaches
2. Identify and differentiate the various tactics that hackers use in breaching communication networks and information system
3. Explain and measure the profit models and value chain behind hackers' activities
4. Critically evaluate standard business security practices from the viewpoint of a hacker
5. Recommend processes and practices to reduce the likelihood of data breaches
Unit information in detail
- Teaching methods, assessment, general skills outcomes and content.
Teaching methods
Face to Face Mode: Class 3 hours per week
Online Mode (SOL):
Engaging with online content and discussions
Student workload:
For all teaching and learning structures (both face to face and online), students are expected to spend an average of 150 hours per unit in total over the duration of the study period
This includes all:
• Scheduled teaching and learning events and activities (contact hours timetabled in a face-to-face teaching space) and scheduled online learning events (contact hours scheduled in an online teaching space), and
To be successful, students should:
• Read all prescribed materials and/or view videos in preparation for each class
• Attend and engage in all scheduled classes (face to face or online)
• Start assessment tasks well ahead of the due date, and submit assessments promptly
• Read / listen to all feedback carefully, and consider it for future assessment
• Engage with fellow students and teaching staff (don’t hesitate to ask questions)
Online Mode (SOL):
Engaging with online content and discussions
Student workload:
For all teaching and learning structures (both face to face and online), students are expected to spend an average of 150 hours per unit in total over the duration of the study period
This includes all:
• Scheduled teaching and learning events and activities (contact hours timetabled in a face-to-face teaching space) and scheduled online learning events (contact hours scheduled in an online teaching space), and
• Non-scheduled learning events and activities (including directed online learning activities, assessments, independent study, student group meetings, and research)
• Read all prescribed materials and/or view videos in preparation for each class
• Attend and engage in all scheduled classes (face to face or online)
• Start assessment tasks well ahead of the due date, and submit assessments promptly
• Read / listen to all feedback carefully, and consider it for future assessment
• Engage with fellow students and teaching staff (don’t hesitate to ask questions)
Assessment
Assignments (Individual) 50-60%
Project (Individual) 40-50%
General skills outcomes
• problem solving skills
• analysis skills
• communication skills
• ability to work independently
• analysis skills
• communication skills
• ability to work independently
Content
• Social history of hackers
• Motivations of hackers: criminal, financial gain, state-sponsored, hacktivism, mischief (“script kiddies”), curiosity and notoriety
• Types of attacks (packet injection, man in the middle, phishing, spear phishing, advanced persistent threats, candy drops etc.)
• Social engineering and the human factors in security
• Physical security and its relation to protecting digital assets (e.g. tailgating staff through security controlled doors)
• The self in cyberspace – identity
• How to source and hunt threat intelligence e.g. Unit 42
• Motivations of hackers: criminal, financial gain, state-sponsored, hacktivism, mischief (“script kiddies”), curiosity and notoriety
• Types of attacks (packet injection, man in the middle, phishing, spear phishing, advanced persistent threats, candy drops etc.)
• Social engineering and the human factors in security
• Physical security and its relation to protecting digital assets (e.g. tailgating staff through security controlled doors)
• The self in cyberspace – identity
• How to source and hunt threat intelligence e.g. Unit 42
Study resources
- References.
References
• Long, J & Mitnick, K 2018, No Tech Hacking : A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing, William Andrew
• Taylor, P 1999, Hackers : Crime and the Digital Sublime by Paul Taylor, Routledge
• Bone, J 2017, Cognitive Hack : The New Battleground in Cybersecurity ... the Human Mind, Auerbach Publications
• Rittinghouse, J & Hancock, W 2003, Cybersecurity Operations Handbook : the definitive reference on operational cybersecurity, Elsevier Science & Technology
https://ebookcentral.proquest.com/lib/swin/detail.action?docID=313612
• Mitnick, K, Simon, W & Wozniak 2002, The Art of Deception : Controlling the Human Element of Security, Wiley
• Mann, I 2017, Hacking the Human : Social Engineering Techniques and Security Countermeasures, Taylor & Francis Group
• Ayala, L 2016, Cybersecurity Lexicon, Apress, Berkeley
• Taylor, P 1999, Hackers : Crime and the Digital Sublime by Paul Taylor, Routledge
• Bone, J 2017, Cognitive Hack : The New Battleground in Cybersecurity ... the Human Mind, Auerbach Publications
• Rittinghouse, J & Hancock, W 2003, Cybersecurity Operations Handbook : the definitive reference on operational cybersecurity, Elsevier Science & Technology
https://ebookcentral.proquest.com/lib/swin/detail.action?docID=313612
• Mitnick, K, Simon, W & Wozniak 2002, The Art of Deception : Controlling the Human Element of Security, Wiley
• Mann, I 2017, Hacking the Human : Social Engineering Techniques and Security Countermeasures, Taylor & Francis Group
• Ayala, L 2016, Cybersecurity Lexicon, Apress, Berkeley