By reading the article “Hacking the pentagon” some very
important information is obtained. There is a lot of information on the
security benefits of ethical hacking that are identified which are discussed in
this section. The article is showing that the success of hacking the pentagon did
result in two follow-on activities. The first follow on activity is the
vulnerability Disclosure Policy which is established by DoD. Furthermore, it is
also established a secure, safe as well as the legal avenue for citizens to
report about vulnerabilities on the DoD website. Secondly, two indefinite
Delivery is awarded by DoD. The security benefits of ethical hacking are
identified which are: the department of the defense continues to run both
private and public sectors compared to resources that are complex to the global
operations. Another benefit was that the researchers have submitted almost 400+
new types of vulnerabilities. The landmark vulnerability disclosure policy of DoD
has also determined complex vulnerabilities successfully. In short, during
hacking the pentagon, there were nine bug bounties held to date, almost 3600+ vulnerabilities
identified. Furthermore, the ethical assisted military family move and provide
security to the citizens (usds, 2017).
Topic 2: Social engineering is the psychological
manipulation of people to give up on the confidentiality of the information. The
term social engineering is used mostly for a wider range of malicious
activities when they are performed by the interaction of humans. Social
engineering uses psychological tricks on internet users to make some important mistakes
related to their security and they mistakenly give sensitive information to
attackers. Social engineering is playing a significant role in hacking in which
the system or the computer user is manipulated to give his personal information
to the attacker or hacker with his permission. It is a very effective trick in
which the user permits to use the information at any time. By having the
permission to use the confidential information, no one can claim on this
activity (Krombholz, et al., 2015). The social engineering
attacks can fool the people or the employees in the company to get their
detail. Some significant examples are given below.
Phishing, Whaling and Spear Phishing
The phishing attack is simple and performed on the surface
in which the public is asked to give detail of their emails and some banking
information. Spear phishing is performed by sending an email. While Whaling is
completely a dangerous attack to get unauthorized access to the system.
Making a Watering hole
The hackers do not attack the systems but they attack the
particular website and embed malicious scripts.
Pretexting Attacks setting
The attackers create some social media accounts as well as
digital identities to build trust.
Article 3:
IoT is the abbreviation of the internet of things which is
the system of interrelated devices or the mixture of the different engineering areas
like mechanical, electrical, networking as well as computer. In this
technology, there is no need for the human to human or human to computer
interaction to transfer the data (Gubbi, et al., 2013).
The IoT devices can be hacked and the attacker always tries
to damage the security of the embedded system to get unauthorized access. The
attackers can hack the network where they can easily handle the cameras. The
smart door locks are hacked by the use of the wireless network to come into the
house. Nowadays, the new trend is smart homes and people like to make their
houses automated. But the attackers use tricks to hack the wireless network and
they can easily break the security of smart homes (Lee &
Lee, 2015).
Article 4:
There are several kinds of vulnerabilities in the network
and they all can be very dangerous for the wireless networks. The professional
hacker or attackers can easily attack the wireless networks as well as a hack those
wireless networks (Hu & Evans, 2003). In this document, some very serious
vulnerabilities are discussed. There are some significant serious vulnerabilities
are listed in the document which is a very serious threat for security.
Default Wifi routers: In this vulnerability, the wireless
routers are dispatched into that state which is not completely secure. In this
vulnerability, the IP address will be static.
Wireless zero configuration: In this vulnerability,
the computer will be connected to the access point which will generally store the
information of the local connection.
WEP weaknesses: The WEP is the encryption that encrypts
the password and makes the network secure but the weaknesses in the WEP
encryption will cause low security and attacks.
References of Identify and discuss the security
benefits of ethical hacking
Gubbi, J., Buyya, R., Marusic, S. & Palaniswami,
M., 2013. Internet of Things (IoT): A vision, architectural elements, and
future directions.. Future generation computer systems,, 29(7), pp.
1645-1660.
Hu, L. & Evans, D.,
2003. Secure aggregation for wireless networks. In 2003 Symposium on
Applications and the Internet Workshops, 2003, Proceedings, pp. 384-391.
Krombholz, K., Hobel,
H., Huber, M. & Weippl, E., 2015. Advanced social engineering attacks.. Journal
of Information Security and applications, Volume 22, pp. 113-122.
Lee, I. & Lee, K.,
2015. The Internet of Things (IoT): Applications, investments, and challenges
for enterprises.. Business Horizons, , 58(4), pp. 431-440..
usds, 2017. Hacking
the Pentagon. [Online]
Available at: https://www.usds.gov/report-to-congress/2017/fall/hack-the-pentagon/