Cybersecurity Essentials Quiz

Questions and Answers

What is cybersecurity?

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks.

What are the three primary objectives of cybersecurity?

Confidentiality

Integrity

Availability

All of the above (correct)

Cybersecurity only protects financial data.

False

What does integrity mean in the context of cybersecurity?

Integrity means that only authorized people should have the ability to use or modify systems and data.

Who are the modern cybercriminals typically backed by?

Modern cybercriminals are often well-funded by criminal organizations or nation-states.

Which company was compromised due to an attack in March 2011 that involved theft of digital security certificates?

Comodo

What notable action did Uber take in response to a data breach?

Uber paid hackers $100,000 to delete the stolen data.

Which of the following data breaches involved the exposure of nearly 3 million customer credit card records?

Adobe

Cybercriminals are less organized today than in the past.

False

Study Notes

What is Cybersecurity?

• Cybersecurity involves protecting systems, networks, and programs from digital attacks aimed at accessing, altering, or destroying sensitive information.
• Cyberattacks can also involve ransomware to extort money or disrupt normal business functions.
• Advanced Persistent Threats (APTs) have transformed enterprise security and altered attack strategies.

Scope of Cybersecurity

• Protects three core principles: Confidentiality, Integrity, and Availability (CIA).
• Confidentiality ensures only authorized users can access or modify systems and data.
• Integrity guarantees the accuracy and reliability of data.
• Availability ensures that systems and data are accessible when needed.

State of Today’s Intrusion

• Cybercriminals are often well-funded, motivated professionals linked to organized crime or nation-states.
• Current threats are highly sophisticated, targeting various enterprises and types of information.
• High-profile breaches are increasingly common, indicating a rise in successful cyberattacks.

Notable Cyber Attacks

• Comodo: In March 2011, a reseller's network breach led to the theft of nine digital security certificates, allowing impersonation of major websites.
• Adobe: In October 2013, hackers stole nearly 3 million encrypted credit card records and login data, exposing customer information.
• Canva: In May 2019, a breach exposed personal information, including emails and hashed passwords of 61 million users.
• Uber: The company concealed a 2016 breach where hackers stole data of 57 million users, for which they paid $100,000 to prevent data publication.
• Epsilon: In 2011, a breach of customer databases exposed names and email addresses, facilitating potential spear phishing attacks.

Warning: False Sense of Security

• Many organizations mistakenly believe only financial data needs protection, overlooking the value of other sensitive information.
• High-profile breaches like Epsilon and Comodo emphasize that valuable data held by partners can also be a target.

The Changing Face of Cybercriminals

• Cybercriminals have evolved from hobbyist hackers to organized criminals driven by substantial financial incentives.
• Modern attackers are characterized by:
  • Increased resources for conducting attacks.
  • Greater technical expertise and specialization.
  • Enhanced organizational capabilities.
• Financial backing often stems from nations, criminal organizations, or radical groups, raising the stakes in cybersecurity.

Description

This quiz covers the fundamental aspects of cybersecurity, including its definition, scope, and current challenges posed by cybercriminals. Test your understanding of how to protect systems and networks from digital threats.