2. The Context of Cybersecurity: Cyberspace 29 in that way—unlike physical machines, they can be easily destroyed and a new one can be created. Another use of sandboxes is to create a safe space for practicing hacking. Gaining unauthorized access to a computer is against the law (see Chapter 10), so hacking exercises must be conducted carefully to avoid accidentally overstepping legal boundaries. Multiple VMs can be networked together and isolated from the Internet in a sandboxed computer network called a VM pod. Attacks within VM pods can be safely launched from one VM to another without risk of breaking any laws. VMs can also be accessed through the cloud and run as browser-based applications. When accessed through the cloud, web browsers provide a window to a VM running on a cloud server. This makes it possible for users to control VMs through their web browsers. Because the VMs are cloud-based, they do not consume computing resources on the user’s computer. Most laptops are not powerful enough to run multiple VMs at the same time, but they can easily run multiple VMs in different browser tabs. Hacking labs are a vital part of a cybersecurity education. VM pods can be created and distributed to students through the cloud via a cyber range infrastructure (see Figure 2.10). A cyber range is a safe online space for practicing cybersecurity, just like a gun range is a safe space for practicing with firearms. Cyber ranges are powered by multiple servers that host several VMs. Students access cyber ranges from their web browsers and work through cyber lab exercises on VMs in the range. The students do not have to install any software locally, avoiding annoying installation issues, and it is not necessary for the students to buy high-powered laptops. Also, since the VMs run on the cyber range servers, students do not have to worry about accidentally releasing malware into the wild or launching attacks inadvertently from their own computers. Making sure the range is isolated is the responsibility of the cyber range administrators, not the students. Repeatability is another nice benefit of this model. Students have access to their own VM pods, and all of the VMs start from the same exact initial state. Therefore, if students follow the same steps, they can fully expect to see the same results. Also, if during the course of an exercise a VM becomes unstable due to miscues, the VM can easily be reverted to a previous snapshot or recreated, and the student can try again.
RkJQdWJsaXNoZXIy MTM4ODY=