Podcast
Questions and Answers
When did the GitHub DDoS attack of 2018 occur?
When did the GitHub DDoS attack of 2018 occur?
- March 15, 2018
- February 28, 2018 (correct)
- January 28, 2018
- February 1, 2018
How long were the server services unavailable during the GitHub DDoS attack?
How long were the server services unavailable during the GitHub DDoS attack?
- About 3 hours
- About 1 hour
- About 5 minutes (correct)
- About 30 minutes
What method was used to direct the memcached response to the targeted server during the GitHub DDoS attack?
What method was used to direct the memcached response to the targeted server during the GitHub DDoS attack?
- Firewall blocking
- Data encryption
- MAC address filtering
- IP spoofing (correct)
What was the amplification factor of memcached during the GitHub DDoS attack?
What was the amplification factor of memcached during the GitHub DDoS attack?
Which protocol was used for conducting the GitHub DDoS attack with memcached amplification?
Which protocol was used for conducting the GitHub DDoS attack with memcached amplification?
What was the total data rate sent to the target at the peak time of the GitHub DDoS attack?
What was the total data rate sent to the target at the peak time of the GitHub DDoS attack?
When was the first version of Petya ransomware detected?
When was the first version of Petya ransomware detected?
Which country suffered the most impact from the Petya cyberattack?
Which country suffered the most impact from the Petya cyberattack?
How did the second version of Petya propagate to compromise systems?
How did the second version of Petya propagate to compromise systems?
Which company suffered a revenue loss of about US$300 million due to the Petya attack?
Which company suffered a revenue loss of about US$300 million due to the Petya attack?
What was the estimated total damage caused by the Petya ransomware attack?
What was the estimated total damage caused by the Petya ransomware attack?
When did the major Petya attack surface?
When did the major Petya attack surface?
What was the total estimated impact of the WannaCry ransomware attack?
What was the total estimated impact of the WannaCry ransomware attack?
Which term is NOT a known alias for WannaCry?
Which term is NOT a known alias for WannaCry?
What range of money was demanded as ransom or extortion by the hackers behind WannaCry?
What range of money was demanded as ransom or extortion by the hackers behind WannaCry?
Which specific type of computers were the main targets of the WannaCry attack?
Which specific type of computers were the main targets of the WannaCry attack?
What exploit was utilized by WannaCry to propagate the code to other computers?
What exploit was utilized by WannaCry to propagate the code to other computers?
When was the Petya cyberattack unleashed in the computer world?
When was the Petya cyberattack unleashed in the computer world?
What technique did the hackers use to gather information about the users in the power grid hacking incident?
What technique did the hackers use to gather information about the users in the power grid hacking incident?
How did the hackers trick users in the energy sector to collect critical information?
How did the hackers trick users in the energy sector to collect critical information?
What is the potential impact of a hacker attack on sewerage infrastructure according to the text?
What is the potential impact of a hacker attack on sewerage infrastructure according to the text?
Which sector other than the power grid can hackers target with serious impacts according to the text?
Which sector other than the power grid can hackers target with serious impacts according to the text?
What is the purpose of using the 'waterholing' technique by hackers in the power grid hacking incident?
What is the purpose of using the 'waterholing' technique by hackers in the power grid hacking incident?
How did hackers gain important information about user accounts and credentials in the US grid cyberattack?
How did hackers gain important information about user accounts and credentials in the US grid cyberattack?
How long did the attack on the MyFitnessPal application database last?
How long did the attack on the MyFitnessPal application database last?
What company helped GitHub route traffic to block malicious traffic during the attack?
What company helped GitHub route traffic to block malicious traffic during the attack?
How many packets per second were sent to the target during the attack?
How many packets per second were sent to the target during the attack?
Which month did the attack on MyFitnessPal's application database take place?
Which month did the attack on MyFitnessPal's application database take place?
What type of company is Under Armour?
What type of company is Under Armour?
Which popular mobile application under Under Armour has millions of users for fitness maintenance?
Which popular mobile application under Under Armour has millions of users for fitness maintenance?
Study Notes
WannaCry Ransomware Attack
- Also known as WannaCryptor, WannaCrypt0r, WannaCrypt0r 2.0, Wanna Decryptor, and Wanna Decryptor 2.0
- Total impact estimated to be around $4 billion due to lost productivity, extortion, and ransom demands
- Affected between 200,000 and 300,000 computers worldwide
- Hackers would encrypt data files and demand ransom payments ranging from $300 to $600 to decrypt them
- Mainly targeted computers with Windows operating systems
- Used the EternalBlue exploit to propagate the code to other computers
Petya/Petya Cyberattack
- Unleashed on May 27, 2017, targeting major businesses, including power grids, gas stations, energy production companies, banks, airports, bus stations, and communication-based systems
- Mainly targeted Ukraine, with over 80% impact felt in the country
- Also affected Russia and Germany
- First version noticed in March 2016, which propagated through infected email attachments
- Second version, more dangerous and powerful, surfaced on May 27, 2017, using the EternalBlue exploit
- Estimated total damage: around $10 billion
- Notable companies affected: Maersk SeaLand Inc. (revenue loss: $300 million), Cadbury (Australia), JNPT Container (India), Mondelez International (USA), and DHL Logistics (Germany)
Power Grid Hacking
- Hackers used "spearphishing" and "waterholing" techniques to gain access to user accounts and credentials
- Techniques enabled hackers to collect critical information and disrupt power supply infrastructure
- Such attacks can have devastating impacts on the country, including flooding cities with sewer water, stopping utilities, and compromising infrastructure
GitHub DDoS Attack 2018
- Largest DDoS attack in history, suspected to have originated from the PRC
- Occurred on February 28, 2018, causing service outage for around 5 minutes
- Attack was conducted through memcached over UDP, amplifying the attack by 51,000 times
- Peak data rate sent to the target was around 1.35 Tbps, with 126.9 packets sent per second
- Akamai Prolexic helped GitHub mitigate the attack by routing traffic through its scrubbing centers
Under Armour Account Hacking
- MyFitnessPal, a popular mobile application, was hacked in February 2018
- Application has millions of users, hosting over 2 million different types of healthy foods with their nutrition values
- Hack took place in late February 2018, but was only discovered in late March 2018
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge about power grid hacking and cyberattacks with this quiz. Explore the techniques used by hackers to disrupt power generation systems and gain unauthorized access to user accounts and credentials.
