Lab 1: Hacks, Security Reports, and Frameworks
Which were the 2 most recent attacks due to poor security?
1. Facebook (Sept. 2019)- Several unprotected databases were found online. 2. OxyData- Almost a complete scrape on LinkedIn Data was found on their database.
What two reasons do hackers use IoT devices for botnets?
1. IoT devices contain several vulnerabilities that allow hackers to easily gain remote access of these devices from the Internet. 2. Attackers can quickly build large botnets with IoT devices.
1. Email, an essential business communication tool often contains attachments that contain malicious files. Cisco identified which top 3 file extensions as the most common transport mechanism?
1. Office 2. Archive 3. PDF
Which 2 were recent attacks against a US government organization?
1. Bulgarian National Revenue Agency (July 2019)- A hacker stole the personal details of millions of Bulgarians and sent them to local news publications. 2. US Customs and Border Protections (June 2019)- Photos of travelers' faces and license plates were compromised.
Self-propagating ransomware is now a desired method of delivering this threat. What are the other three methods that are still common to deploy malware?
1. Exploit kits on compromised websites 2. Social Engineering Attacks 3. Trojan Botnets
What two concerns did Verizon spotlight regarding breaches in general?
1. The number of both social and data breaches compromising C-level executives were rising comparatively to the past. 2. Payment card web application compromises were extending beyond physical terminal compromises.
According to Verizon's 2019 DIBR, what are the primary attack vectors facing educational institutions?
Denial of Service (DoS) Attacks
What was EternalBlue?
EternalBlue was a software program developed by the NSA designed to exploit software vulnerabilities in Window's OS Server Message Block Protocol. (This protocol allowed access to files on a remote servers and potential exploits, which compromised an entire network and all devices connected to it.)
1. Google has an initiative to flag or identify websites that use no encryption on sites that contain potentially private or sensitive information. If a company chooses not to comply, how does Google respond?
If a company's website does not have an SSL certificate, Google will not establish a secure connection through a cryptographic key.
According to Verizon's 2019 DIBR, the financial sector experienced a new type of threat other than skimmers. Name the threat and explain its intent.
Phishing- Adversaries are sending phishing emails in order in to deploy social engineering tactics and convince users to give up their web-based credentials.
In 2019, which hack released the most sensitive data?
Suprema (Aug. 2019) - Fingerprints, facial recognition, unencrypted usernames/passwords, and personal information of employees were discovered on a publicly accessible database.
According to Verizon's 2019 DIBR, which sector experienced the majority of insider attacks?
The Public Sector
What was the resulting cyber-attack from Eternal Blue's vulnerabilities?
WannaCry was one of the first malware/ransomware attacks to utilize EternalBlue to multiply across networks. WannaCry encrypted thousands of computers in more than 150 countries in a matter of hours. (The use of EternalBlue increased WannaCry's persistance and damage in a short amount of time.)