Assignment on Identify and discuss the security benefits of ethical hacking

By reading the article “Hacking the pentagon” some very important information is obtained. There is a lot of information on the security benefits of ethical hacking that are identified which are discussed in this section. The article is showing that the success of hacking the pentagon did result in two follow-on activities. The first follow on activity is the vulnerability Disclosure Policy which is established by DoD. Furthermore, it is also established a secure, safe as well as the legal avenue for citizens to report about vulnerabilities on the DoD website. Secondly, two indefinite Delivery is awarded by DoD. The security benefits of ethical hacking are identified which are: the department of the defense continues to run both private and public sectors compared to resources that are complex to the global operations. Another benefit was that the researchers have submitted almost 400+ new types of vulnerabilities. The landmark vulnerability disclosure policy of DoD has also determined complex vulnerabilities successfully. In short, during hacking the pentagon, there were nine bug bounties held to date, almost 3600+ vulnerabilities identified. Furthermore, the ethical assisted military family move and provide security to the citizens (usds, 2017).

Topic 2: Social engineering is the psychological manipulation of people to give up on the confidentiality of the information. The term social engineering is used mostly for a wider range of malicious activities when they are performed by the interaction of humans. Social engineering uses psychological tricks on internet users to make some important mistakes related to their security and they mistakenly give sensitive information to attackers. Social engineering is playing a significant role in hacking in which the system or the computer user is manipulated to give his personal information to the attacker or hacker with his permission. It is a very effective trick in which the user permits to use the information at any time. By having the permission to use the confidential information, no one can claim on this activity (Krombholz, et al., 2015). The social engineering attacks can fool the people or the employees in the company to get their detail. Some significant examples are given below.

Phishing, Whaling and Spear Phishing

The phishing attack is simple and performed on the surface in which the public is asked to give detail of their emails and some banking information. Spear phishing is performed by sending an email. While Whaling is completely a dangerous attack to get unauthorized access to the system.

Making a Watering hole

The hackers do not attack the systems but they attack the particular website and embed malicious scripts.

Pretexting Attacks setting

The attackers create some social media accounts as well as digital identities to build trust.

Article 3:

IoT is the abbreviation of the internet of things which is the system of interrelated devices or the mixture of the different engineering areas like mechanical, electrical, networking as well as computer. In this technology, there is no need for the human to human or human to computer interaction to transfer the data (Gubbi, et al., 2013).

The IoT devices can be hacked and the attacker always tries to damage the security of the embedded system to get unauthorized access. The attackers can hack the network where they can easily handle the cameras. The smart door locks are hacked by the use of the wireless network to come into the house. Nowadays, the new trend is smart homes and people like to make their houses automated. But the attackers use tricks to hack the wireless network and they can easily break the security of smart homes (Lee & Lee, 2015).

Article 4:

There are several kinds of vulnerabilities in the network and they all can be very dangerous for the wireless networks. The professional hacker or attackers can easily attack the wireless networks as well as a hack those wireless networks (Hu & Evans, 2003).  In this document, some very serious vulnerabilities are discussed. There are some significant serious vulnerabilities are listed in the document which is a very serious threat for security.

Default Wifi routers: In this vulnerability, the wireless routers are dispatched into that state which is not completely secure. In this vulnerability, the IP address will be static.

Wireless zero configuration: In this vulnerability, the computer will be connected to the access point which will generally store the information of the local connection.

WEP weaknesses: The WEP is the encryption that encrypts the password and makes the network secure but the weaknesses in the WEP encryption will cause low security and attacks.

References of Identify and discuss the security benefits of ethical hacking

Gubbi, J., Buyya, R., Marusic, S. & Palaniswami, M., 2013. Internet of Things (IoT): A vision, architectural elements, and future directions.. Future generation computer systems,, 29(7), pp. 1645-1660.

Hu, L. & Evans, D., 2003. Secure aggregation for wireless networks. In 2003 Symposium on Applications and the Internet Workshops, 2003, Proceedings, pp. 384-391.

Krombholz, K., Hobel, H., Huber, M. & Weippl, E., 2015. Advanced social engineering attacks.. Journal of Information Security and applications, Volume 22, pp. 113-122.

Lee, I. & Lee, K., 2015. The Internet of Things (IoT): Applications, investments, and challenges for enterprises.. Business Horizons, , 58(4), pp. 431-440..

usds, 2017. Hacking the Pentagon. [Online]
Available at: https://www.usds.gov/report-to-congress/2017/fall/hack-the-pentagon/