Quiz 7
The costs of malicious cyber attacks in 2016 were estimated to be between $57B and $109B a study by the President's Council of Economic Advisors. Rank the types of costs below in increasing order of magnitude (1 = least costly, 5 = most costly).
1. Regulatory Penalties 2. Cybersecurity Improvements 3. Reputational Damage 4. Court Settlements and Fees 5. Loss of Intellectual Property
The Low Orbit Ion Cannon (LOIC) was:
A simple network stress testing tool, modified to enable manual and semi-automated DDoS attacks
The hacker group "Anonymous" is motivated by:
All of these (just the fun of hacking, counter-terrorist agenda, anti-capitalist ideals, anti-US politics)
The best defense against ransomware is:
Back up your data frequently to a removable drive
Detecting WannaCry by noticing the spike in SMB traffic on port 445 is an example of:
Behavior-based detection
Which of the following were typically offered by the Russian Business Network?
Bulletproof" servers providing anonymity and good quality service, Answer Stolen administrator credentials, Customer services such as "guarantors" who hold money until job is complete, and 24/7 business hours, Money laundering
Which of the following tactics were used by the Dutch police in the takedown of the Dark Web black market site, Hansa? (CHOOSE ALL THAT APPLY)
Cooperation with other law enforcement agencies to drive users to Hansa from other sites Made a 'recovery key' available to users, which was in reality spyware that connected to a police URL Compromised encryption, enabling them to read users messages in plain text - including mailing addresses used for orders
The operator of the Dark Web black market known as the Silk Road was known by the pseudonym:
Dread Pirate Robert
Roughly 95% of the content on the internet is on the "Dark web".
False
The Russian Business Network was eventually forced to cease operation in 2008 when its domain name, estdomain.com (Links to an external site.), was revoked by what authority?
ICANN
The 'WannaCry' ransomware worm was stopped from propagating by:
Invoking a 'kill switch' by establishing a web domain name, which the virus would check for before propagating
Cryptocurrency is disruptive technology because: (CHOOSE ALL THAT APPLY)
It takes production and regulation of currency out of the hands of nation states, It provides a method for making anonymous transactions
Digimine is:
Malware that creates a botnet that uses infected PCs to mine cryptocurrency
'Anonymous' launched Operation Payback to protest
PayPal, Amazon and major credit card companies boycott of Wikileaks
Which of the following is NOT a requirement of effective ransomware?
Symmetric encryption keys tied to a Caesar cipher
Botnets for hire, laundering stolen credit cards, anonymized web services, scamming and phishing attacks at industrial scale, and ransomware, were all activites that were engaged in by:
The Russian Business Network
Which is NOT true of the attack on the Bangledesh bank by the Lazarus group?
The attackers used a zero day exploit to penetrate the bank's firewall (These are true: The attack was thwarted because of a typo, which caused an error message, Attribution to North Korea was based on IP addresses linked to NK, the pattern of NK financial crimes, and other undisclosed information The attackers used a C&C server in Egypt)
How/when did Dutch police arrest the personas behind the Hansa Sting
The personas still have not been found, thus making the longterm effects unclear
The following are true of "Script Kiddies" (select all that apply):
Their attacks are often successful, Correct! They lack depth in cyber skills
The amount (in US dollars) usually demanded from an individual who is a victim of a malware attack is usually:
Under $1000