hf archives: Cybersecurity 101
"Welcome to day 1 of the worst course of your life, so far. You are here because you are looking to become a sysadmin of some big shot corp, or perhaps because you hate yourself. You probably think you are good at coding, that you know your way around a computer.
You are not, and you do not.
Since the advent of widespread quantum computing in 2053, most processes performed on a computer are entirely human incomprehensible. While plenty of simpler, surface level of code remains, typically for consumer applications, low-level operations require tools to use your tools. From a cybersecurity standpoint, this is fantastic. From a you standpoint, this is the worst.
As a result, most advanced computer work requires a user to be connected to a seamless neural mesh - in layman's terms, "jacked in." With specialized hardware, much of the needed information is processed and reprocessed several times and wired directly to your brain, far more efficiently than you could hope to get off of reading a screen. I will not lie to you, because you must understand the exact importance of your work and its true nature - this is unbelievably dangerous. You should really only be doing this when you're certain your network is secure, and you're not dealing with any dangerous code. To be absolutely clear: if you fuck up, or worse, the unthinkable happens and you get attacked: this can KILL you. I say this not to dissuade you; after all, practically any job has the potential - did you know ride service drivers are one of the highest mortality jobs? - but so you do not take this lightly.
Page 102, everyone.
Standard systems, nowadays, are multi layered. Some people are baffled by this; after all, isn't the first layer enough?
No.
In an age where anything and everything is stored online, failure is not an option. You cannot be lazy. You cannot loosen your grip.
That brings me, of course, to the first layer: RBS-08, AKA "The Wall."
Practically standard issue and yet nigh impenetrable, this is your first line of defense, and against a standard attack, is completely unbeatable. The creation of the Realtime Bounceback System didn't just revolutionize cybersecurity, it defined it. An ever shifting layer of hopelessly complex, self-modifying encryption, that nevertheless is weak to the oldest security flaw known to man: human error. While a wall completely and utterly defends against unauthorized external attacks, it by nature cannot defend from the inside, and it really only takes one employee to be a tad gullible (or worse, just poor in his password choice) to render your magic wonder-wall about as secure as a wet tissue.
This leaves us to the other layers. I tackle them at the same time, because they are fundamentally reached at the same time. Once past the wall, an attacker is already inside your system. In the old days, this is usually where we'd shrug and say oh well. We can't afford that. Computers run every part of our lives; and failure means so, so much more.
This isn't a game, or a skirmish. This is war. Make them pay for every step they take.
File storage and sorting has gotten quite complex. Use this to your advantage. Your next layer is the labyrinth. While on consumer grade machines, this is practically nonexistent as a form of defense, most of you will not be working on consumer grade machines, but machines few should have access to. Turn this into an advantage. An average corporate hub server at this point is littered with traps and shifting passageways, threatening to boot-or worse-anyone who doesn't know their way around. This, ultimately, is passive defense, and one not deterred by the wall is unlikely to be deterred here.
Which brings us, of course, to active defense. A watchful eye can personally deal with intruders as they come, but there are two issues with this. One, of course, is that it is dangerous, as I said earlier. The other is that you cannot personally watch a system 24/7. A defense is only so good as its weakest point.
This, of course, is why specially trained neural networks have become mainstream in the standard suite of cybersecurity. Most networks tend to have a watcher - yes?
Great question. It actually is possible to have multiple watchers, but given their volatile nature, this takes a lot of work to make sure they won't end up recognizing the other as a threat. Watchers have to be trained to match their network - their "labyrinth" - which is why most are unique, and why they cannot be practically transferred between networks or cloned. You can make a backup of one, of course, but they won't really function elsewhere.
Those, of course, consist of the standard set of layers, but by no means are they the only possible ones. Throughout my course I will teach you every damn trick in the book, and then some. You will learn to train a watcher, you will learn to attack and defend a system, you will learn to tango with the best of them. You will learn exactly how goddamn important your job is, and take it in stride.
Any questions?"