Cyber Attacks #2

Question 1

What happens in Personal Document Ransom?

Answer 1

Ransomware encrypts specific files

Question 2

What are 2 ways ransomeware can be spread?

Answer 2

Phishing email (macro on attachment downloads and executes payload)

Question 3

How does decryption happen after a Personal Document Ransom attack?

Answer 3

Victim pays the ransom or a security firms releases a decryptor

Question 4

How did WannaCry spread?

Answer 4

As a worm, infects local network and random machines on the Internet

Question 5

What allowed WannaCry to execute ransomware?

Answer 5

EternalBlue exploit

Question 6

What is are the three levels of Personal Document Ransom?

Answer 6

Original, Double Extortion, Triple Extortion

Question 7

What happens in the Original Extortion?

Answer 7

Enrypt the data

Question 8

What happens in Double Extortion?

Answer 8

Exfiltrate data and threaten to disclose in ransom not paid quickly

Question 9

What happens in Triple Extortion?

Answer 9

Threaten to leak data unless paid

Question 10

What may randomware groups also search for?

Answer 10

Local servers that contain data backups, and delete/encrypt these

Question 11

What is Cryptojacking?

Answer 11

Malicious Cryptomining, using someone else’s processing power

Question 12

How does Cryptojacking stay hidden?

Answer 12

Mine data while computer is idle

Question 13

In dat breaches, what 3 things may happen to stolen data?

Answer 13

Public Disclosure, Private Intelligence, Sold on Black Market