Module: CYS6003-20 Cyber Offence

Level: 6

Credit Value: 20

Module Tutor: John Curry

Module Tutor Contact Details: j.curry@bathspa.ac.uk

1. Brief description and aims of module:

Internet users, corporate or individual, are under sustained attack by hackers. Whether receiving a random phishing email or a targeted attack by an advanced persistent threat, a successful defence requires understanding the attacker mindset. Some hackers are individuals, others are part of crime syndicates or nation states, but in all cases being able to view targets from their perspective is an invaluable and essential skill for cyber security practitioners.

This module puts you in the position of the hacker with an array of tools and techniques that expose and exploit vulnerabilities in target systems. You learn by emulating the ‘red team’ attack process, from digital reconnaissance and intelligence gathering through extracting data and covering your tracks. This form of ethical hacking is a valuable method used by all types of organisations to audit their defences and management processes. By understanding how hackers hack, your defensive awareness and skills are developed, enabling you to identify and mitigate weaknesses in enterprise systems.

2. Outline syllabus:

• How ‘threat actors’ identify targets and establish a foothold by compromising servers, endpoints, devices and user accounts.

• The roles of ethical hacking and penetration testing in cyber security, and their rules of engagement

• How to systematically employ open-source security assessment tools to discover vulnerabilities

• Using Red Team offensive tactics to exploit vulnerabilities during simulated attacks

• Techniques of command and control: website shell, outbound web connections, protocol tunnelling, Internet facing accounts

• Techniques of escalating privileges: password capture, session hijacking, exploit vulnerabilities

• Methods of moving laterally: network mapping, remote shell

• Persistence: Methods of maintaining access and avoiding detection

• How hackers steal (confidentiality), modify (integrity) and destroy data (availability)

3. Teaching and learning activities:

Class Hours

This module is delivered through a blend of lectures and workshops that include simulation exercises. Practical sessions develop the mindset and explore the actions required to successfully penetrate system defenses. Discursive sessions examine the consequences of cyber crime to individuals, enterprises and nation states, and the ethical considerations of offensive tactics.

Independent Learning

You are expected to follow up concepts introduced in class, regularly review credible sources that describe instances of cyber attack/defence, and conduct simulation exercises as set by the tutor.

Assessment Item 1:

• Assessment Type: CW

• Description: Cyber offence simulations (5,000 words).

• % Weighting: 100%