Cyber Attacks

Question 1

What are 4 possible victims of Money Theft?

Answer 1

End Users, Enterprises, Financial Institutions, New Trends

Question 2

What sort of virus is Zeus?

Answer 2

Banking Trojan Horse

Question 3

Which of the possibe victims is Zeus used on?

Answer 3

End Users

Question 4

What OS does Zeus target?

Answer 4

Windows

Question 5

What is Zeus’ attack method?

Answer 5

Man-in-the-browser attack

Question 6

What does Zeus infect in Man-in-the-browser attack?

Answer 6

Infected browser with Malware

Question 7

Zeus infects browser with Malware. What does it gain from doing this?

Answer 7

You type in unencrypted information into your browser. Infecting the browser means Zeus can now access this information.

Question 8

What do attackers want to achieve via Zeus attack?

Answer 8

Capture Credentials

Question 9

Having done Man-in-the-browser, what 2 things do attackers use to gather credentials?

Answer 9

Keylogging, Form Grabbing

Question 10

What does BEC stand for?

Answer 10

Business Email Compromise

Question 11

What happens in a BEC attack?

Answer 11

Pretend to be a CEO/Senior Manager, request large sum of money

Question 12

What is BEC reliant on?

Answer 12

That the vicitm (employee) and the person being impersonated are not together

Question 13

What two things can be created in BEC?

Answer 13

Spoofed emails, hijacked legitimate invoices with scammer’s account number

Question 14

What 2 aspects of cryptocurrency can be hacked for money?

Answer 14

Wallets, Exchanges

Question 15

What happens in Personal Document Ransom?

Answer 15

Ransomware encrypts specific files

Question 16

What are 2 ways ransomeware can be spread?

Answer 16

Phishing email (macro on attachment downloads and executes payload)

Question 17

How does decryption happen after a Personal Document Ransom attack?

Answer 17

Victim pays the ransom or a security firms releases a decryptor

Question 18

How did WannaCry spread?

Answer 18

As a worm, infects local network and random machines on the Internet

Question 19

What allowed WannaCry to execute ransomware?

Answer 19

EternalBlue exploit

Question 20

What is are the three levels of Personal Document Ransom?

Answer 20

Original, Double Extortion, Triple Extortion

Question 21

What happens in the Original Extortion?

Answer 21

Enrypt the data

Question 22

What happens in Double Extortion?

Answer 22

Exfiltrate data and threaten to disclose in ransom not paid quickly

Question 23

What happens in Triple Extortion?

Answer 23

Threaten to leak data unless paid

Question 24

What may randomware groups also search for?

Answer 24

Local servers that contain data backups, and delete/encrypt these

Question 25

What is Cryptojacking?

Answer 25

Malicious Cryptomining, using someone else's processing power

Question 26

How does Cryptojacking stay hidden?

Answer 26

Mine data while computer is idle

Question 27

In dat breaches, what 3 things may happen to stolen data?

Answer 27

Public Disclosure, Private Intelligence, Sold on Black Market

Question 28

What is the aim of an DoS attack?

Answer 28

Make service unavilable to users

Question 29

How does DoS usually accomplish its aim?

Answer 29

Overload service's resources

Question 30

How does DoS overloading occur?

Answer 30

Service request flooding

Question 31

What makes DoS a DDoS attack?

Answer 31

Flooding traffic generated by many different sources

Question 32

Describe what botnets are in DDoS attacks?

Answer 32

Groups of computers networked together to cause DDoS attack

Question 33

What are botnet groups built from?

Answer 33

Vulnerable systems, with no concern for who owners are

Question 34

How are botnets controlled?

Answer 34

Command and Control Infrastructure

Question 35

What is botnet as a service?

Answer 35

Owners of botnets may rent them to other attacks to make money

Question 36

What are 3 reasons why IoT devices are being used for botnets?

Answer 36

IoTs have poor practices, like using open ports. IoTs have no built in auto-firmware update system, so vulnerabilites left unpatches. IoT devices are not looked at much once installed, so owners don't know when devices are used maliciously.

Question 37

What does Mirai do?

Answer 37

Scans internet for vulnerable IoT devices

Question 38

What are Influence Campaigns?

Answer 38

Attacks and releasing info, aimed to influence people's opinions

Question 39

How are botnets used on social media platforms?

Answer 39

Each bot is an account taking actions to spread information

Question 40

What is web defacement?

Answer 40

Changing the appearance of a website

Question 41

What are 2 criteria that are used to choose targets for web defacement?

Answer 41

How easy the target is to hack, Expected media attention

Question 42

What happens in a supply chain attack?

Answer 42

The attakcer compromises the weakest link in the supply chain, and reaches the target from there