Add to collection(s) Add to saved
  1. Business
  2. Finance
Uploaded by Elgun Huseynov

Security 101 Challenge

advertisement 
Cybersecurity Boot Camp
Security 101 Challenge
Cybersecurity Threat Landscape
Part 1: Crowdstrike 2021 Global Threat Report
For Part 1 of your homework assignment, use the Crowdstrike 2021 Global Threat
Report, along with independent research, to answer the following questions (remember
to make a copy of this document to work on):
1. What was the dominant ransomware family that impacted the healthcare industry
in 2020?
Ryuk
2. Describe three different pandemic-related eCrime Phishing themes.
1.
COVID19 financial relief scams: Phishing emails pretend to be from
government agencies or financial institutions offering financial assistance related to
the pandemic.
2.
Remote work scams. Cybercriminals send emails posing as a company’s IT
department or a remote work platform, requesting employees to provide sensitive
information or download malicious software.
3. COVID-19 vaccine scams. Scammers send emails or messages claiming to offer
early access to the vaccine or asking for personal information to sign up for a vaccine
waiting list.
3. Which industry was targeted with the highest number of ransomware-associated
data extortion operations?
Healthcare industry is one of the most targeted industries for ransomware attacks and
data extortion operations
4. What is WICKED PANDA? Where do they originate from?
Prolific cyber threat group that carries out Chinese state-sponsored espionage activity
5. Which ransomware actor was the first observed using data extortion in a
ransomware campaign?
CryptoLocker
6. What is an access broker?
An access broker is a software component or service that facilitates access to other
software components or services.
7. Explain a credential-based attack.
A credential-based attack is a type of cyber attack in which the attacker obtains or
tries to obtain a valid username and password combination to gain unauthorized
access to a system or network
8. Who is credited for the heavy adoption of data extortion in ransomware
campaigns?
Magecart group
9. What is a DLS?
Data Leak site. A host site where Threat actors post their captured data
10. According to Crowdstrike Falcon OverWatch, what percentage of intrusions
came from eCrime intrusions in 2020?
79%
11. Who was the most reported criminal adversary of 2020?
WIZARD SPIDER
12. Explain how SPRITE SPIDER and CARBON SPIDER impacted virtualization
infrastructures.
SPRITE SPIDER is a piece of malware that targets virtualized environments,
specifically VMware ESXi hypervisors. It was discovered in 2020 and is known to be
used in targeted attacks against high-value targets, such as government agencies and
corporations. Once it infects a virtualized environment, SPRITE SPIDER can be used
to exfiltrate data, execute malicious code, and compromise the security of the
underlying infrastructure. CARBON SPIDER is a similar piece of malware that is also
known to target virtualized environments, specifically Microsoft Hyper-V. Like SPRITE
SPIDER, it is used in targeted attacks against high-value targets and is designed to
evade detection and compromise the security of the underlying infrastructure
13. What role does an Enabler play in an eCrime ecosystem?
An enabler in an eCrime ecosystem refers to individuals or organizations that provide
the necessary tools, services, or infrastructure to support the operations of eCrime
actors. Enablers play a crucial role in enabling eCrime actors to carry out their illegal
activities, such as stealing data, compromising systems, and extorting organizations
and individuals
14. What are the three parts of the eCrime ecosystem that CrowdStrike highlighted in
their report?
Services, Distribution, Monetization.
15. What is the name of the malicious code used to exploit a vulnerability in the
SolarWinds Orion IT management software?
Sunburst
Part 2: Akamai Security Year in Review 2020
In this part, you should primarily use the Akamai Security Year in Review 2020 and
Akamai State of the Internet / Security, along with independent research, to answer the
following questions.
1. What was the most vulnerable and targeted element of the gaming industry
between October 2019 and September 2020?
The popularity of online gaming and the increasing number of gamers worldwide have
made the gaming industry an attractive target for cybercriminals, who can potentially
reach millions of users with a single attack
2. From October 2019 to September 2020, in which month did the financial services
industry have the most daily web application attacks?
December
3. What percentage of phishing kits monitored by Akamai were active for only 20
days or less?
60%
4. What is credential stuffing?
Credential stuffing is the automated injection of stolen usernames and password pairs
in to website login forms, in order to fraudulently gain access to user accounts
5. Approximately how many of the gaming industry players have experienced their
accounts being compromised? How many of them are worried about it?
20%
6. What is a three-question quiz phishing attack?
It’s a phishing attack designed for end users to fill out a quiz for a “prize” which leads
to stolen information from the victims.
7. Explain how Prolexic Routed defends organizations against Distributed Denial of
Service (DDoS) attacks.
Prolexic Routed is designed to stop DDoS attacks in the cloud before they reach your
applications, data centers, and infrastructure. Network traffic is redirected through
Akamai scrubbing centers by making a simple border gateway protocol (BGP) route
advertisement change
8. Which day between October 2019 to September 2020 had the highest Daily
Logins associated with Daily Credential Abuse Attempts?
August 17, 2020
9. Which day between October 2019 to September 2020 had the highest gaming
attacks associated with Daily Web Application Attacks?
July 11 2020
10. Which day between October 2019 to September 2020 had the highest media
attacks associated with Daily Web Application Attacks?
August 20 2020
Part 3: Verizon Data Breaches Investigation Report
In this part, use the Verizon Data Breaches Investigation Report plus independent
research to answer the following questions.
______________________________________________________________________
1. What is the difference between an incident and a breach?
incident is a security event that compromises the integrity, confidentiality or availability
of an information asset. Breach is an incident that results in the confirmed disclosure
not just potential the exposure of data to an unauthorized party.
2. What percentage of breaches were perpetrated by outside actors? What
percentage were perpetrated by internal actors?
80% external 20% internal
3. What percentage of breaches were perpetrated by organized crime?
80%
4. What percentage of breaches were financially motivated?
95%
5. Define the following (additional research may be required outside of the report):
Denial of service: A denial of service attack is when legitimate users are unable to
access systems, devices, or other network resources due to an attack on the system.
Command control: A computer controlled by an attacker or
cybercriminal which is used to send commands to systems
compromised by malware and receive stolen data from a target
network.
Backdoor: Its an undocumented way of gaining access to a
computer system.
Keylogger: A device designed to copy all key strokes a user
inputs into a computer and sends them a cybercriminal.
6. What remains one of the most sought-after data types for hackers?
Credentials
7. What was the percentage of breaches that involved phishing?
36%
© 2023 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.
Related documents
TOMAS MATEJKA Security 101 Challenge .docx
TOMAS MATEJKA Security 101 Challenge .docx
idme-recovery-code-2020-06-15
idme-recovery-code-2020-06-15
doms mail
doms mail
Jeffrey yaw OWUSU RESUME
Jeffrey yaw OWUSU RESUME
SUST POSTER GROUP 6
SUST POSTER GROUP 6
6-periodic table
6-periodic table
101 Challege
101 Challege
BSBWOR301 Task 1
BSBWOR301 Task 1
christine-navarrete-security-101-challenge
christine-navarrete-security-101-challenge
ASSIGNMENT 1
ASSIGNMENT 1
Confirmation of Course Completion
Confirmation of Course Completion
Jumlah Uang Elektronik Beredar 2021 en
Jumlah Uang Elektronik Beredar 2021 en
ACCOUNTING 1
ACCOUNTING 1
Download
advertisement