Lecture 1: Course introduction Flashcards
Comment on the Dark Hotel attack in 2012.
What sort of attack?
How was the attack carried out?
What security characteristic was lost?
- Targeted phishing attacks using spyware
- Infiltrating guests’ computers through Wi-Fi networks in hotels
- Loss of confidentiality
Comment on the Ashley Madison data breach in 2015.
What sort of attack?
How was the attack carried out?
What security characteristic was lost?
• Exposing over 30 GB of user data (real names, banking data, credit card transactions) • Hacktivism • Loss of confidentiality
What is hacktivism?
hacking group decided to “punish” the company
Comment on the Hello Barbie attacked in 2016.
What sort of attack?
How was the attack carried out?
What security characteristic was lost?
- POODLE attack (man-in-the-middle exploit)
- Communications intercepted and decrypted between Barbie and servers
- Loss of confidentiality
Comment on EncroChat used by criminals in 2020.
What security characteristic was lost?
• A communications network and service provider
allegedly used by gang members to plan a number
of criminal activities
• Infiltrated by police in June and July 2020 during a
Europe-wide investigation
• Operations were ceased due to the police operation
• Loss of confidentiality
Comment on the attack on Sony’s PlayStation network in 2011.
What security characteristic was lost?
- Attackers inject characters or lines of code into attacked website
- Structure Query Language (SQL) injection attack
- Loss of integrity
Comment on the WannaCry ransomware in 2017.
What security characteristic was lost?
- Unpatched Windows systems
- Stolen government hacking tools
- Worm encrypting files on computers’ hard drive, then demanding a payment in bitcoin to decrypt them
- Loss of availability
Comment on Mirai botnet in 2016.
What security characteristic was lost?
• Botnet attacking IoT devices with default admin
credentials
• Distributed Denial of Service (DDoS) attack
• Loss of availability
