Katie Avalo
Professor Duvall
Cybersecurity Internship
06 August 2025
Cybersecurity Internship
During these fifty hours, numerous obstacles were faced. But with each obstacle faced, I
was presented with a lesson to be learned. I was able to see cyber threats in real-time and observe
how quickly they can occur. It opened my eyes to the reality of it. So far, I knew in theory but
not in practice. In class, I was always told that there was no way a system could be 100% secure
and I was able to know how when I secured my instance so much, I locked myself out of it!

For starters, the company website had been compromised. At first, I wasn’t sure if it had
been the link that was sent to me or if there was something wrong. When I would look up the
website online and click on the website, it would redirect me to suspicious websites such as
“Facebook”, a fake Facebook login page. This was a phishing scam, and I suspected the website
could have been compromised by malware injection or cross-site scripting. This was obviously
not good for the company.

One of the issues was that the website really had not been looked at or used much. An
important thing to fix to avoid this from happening is to monitor the website and even enable a
web application firewall. It is important to maintain client trust. Even if it did not have a lot of
traffic, a customer seeing that they are being redirected to suspicious websites while trying to
access their account might not feel secure that their data is safe.

While I was trying to SSH into my instance, I could not access my key. To help me
access the key, it was being shared with me using a local host. Before I was able to access itsomeone else had accessed it, or at least tried to. This showed me just how quickly these sorts of
things can happen.

Lastly, as I was editing configurations to harden my instance, I ended up making too
strict password management rules. The SSH was still enabled, but I had somehow stopped being
the superuser, with no way of changing my password. My instance ended up crashing. My new
task was to recover the instance and reconfigure the password management. This way I would
be able to become the superuser again.

I did this by copying the instance volume and mounting it onto another instance. Once I
was in, I reconfigured the password rules and changed the rules for sudo. At the beginning, it
was not working because I kept confusing the original with the recovery instance. Once I
reconfigured, I remounted the volume back on the original and was able to log in.

This internship has provided me with opportunities to learn and to apply my theoretical
knowledge in a real work environment. I was able to understand the seriousness of securing
websites and the importance of constant monitoring. I had never had to recover a broken instance
before, it was nice to get experience in doing that as I heard it can be common.