30 Questions
When did the GitHub DDoS attack of 2018 occur?
February 28, 2018
How long were the server services unavailable during the GitHub DDoS attack?
About 5 minutes
What method was used to direct the memcached response to the targeted server during the GitHub DDoS attack?
IP spoofing
What was the amplification factor of memcached during the GitHub DDoS attack?
51 thousand times
Which protocol was used for conducting the GitHub DDoS attack with memcached amplification?
UDP (User Datagram Protocol)
What was the total data rate sent to the target at the peak time of the GitHub DDoS attack?
About 1.35 Tbps
When was the first version of Petya ransomware detected?
March 2016
Which country suffered the most impact from the Petya cyberattack?
Ukraine
How did the second version of Petya propagate to compromise systems?
Utilizing the EternalBlue exploit
Which company suffered a revenue loss of about US$300 million due to the Petya attack?
Maersk SeaLand Inc
What was the estimated total damage caused by the Petya ransomware attack?
$10 billion
When did the major Petya attack surface?
May 27, 2017
What was the total estimated impact of the WannaCry ransomware attack?
US$4 billion
Which term is NOT a known alias for WannaCry?
WannaCrypt0r 3.0
What range of money was demanded as ransom or extortion by the hackers behind WannaCry?
US$300 to US$600
Which specific type of computers were the main targets of the WannaCry attack?
Computers with Windows operating systems
What exploit was utilized by WannaCry to propagate the code to other computers?
EternalBlue exploit
When was the Petya cyberattack unleashed in the computer world?
May 27, 2017
What technique did the hackers use to gather information about the users in the power grid hacking incident?
Spearphishing
How did the hackers trick users in the energy sector to collect critical information?
Altering websites to look similar to genuine ones
What is the potential impact of a hacker attack on sewerage infrastructure according to the text?
Flooding US cities with sewer water
Which sector other than the power grid can hackers target with serious impacts according to the text?
Water supply
What is the purpose of using the 'waterholing' technique by hackers in the power grid hacking incident?
To make altered websites look like genuine ones
How did hackers gain important information about user accounts and credentials in the US grid cyberattack?
Using traditional techniques
How long did the attack on the MyFitnessPal application database last?
8 days
What company helped GitHub route traffic to block malicious traffic during the attack?
Akamai Prolexic
How many packets per second were sent to the target during the attack?
126.9
Which month did the attack on MyFitnessPal's application database take place?
February 2018
What type of company is Under Armour?
Manufacturer of sports equipment
Which popular mobile application under Under Armour has millions of users for fitness maintenance?
MyFitnessPal
Study Notes
WannaCry Ransomware Attack
- Also known as WannaCryptor, WannaCrypt0r, WannaCrypt0r 2.0, Wanna Decryptor, and Wanna Decryptor 2.0
- Total impact estimated to be around $4 billion due to lost productivity, extortion, and ransom demands
- Affected between 200,000 and 300,000 computers worldwide
- Hackers would encrypt data files and demand ransom payments ranging from $300 to $600 to decrypt them
- Mainly targeted computers with Windows operating systems
- Used the EternalBlue exploit to propagate the code to other computers
Petya/Petya Cyberattack
- Unleashed on May 27, 2017, targeting major businesses, including power grids, gas stations, energy production companies, banks, airports, bus stations, and communication-based systems
- Mainly targeted Ukraine, with over 80% impact felt in the country
- Also affected Russia and Germany
- First version noticed in March 2016, which propagated through infected email attachments
- Second version, more dangerous and powerful, surfaced on May 27, 2017, using the EternalBlue exploit
- Estimated total damage: around $10 billion
- Notable companies affected: Maersk SeaLand Inc. (revenue loss: $300 million), Cadbury (Australia), JNPT Container (India), Mondelez International (USA), and DHL Logistics (Germany)
Power Grid Hacking
- Hackers used "spearphishing" and "waterholing" techniques to gain access to user accounts and credentials
- Techniques enabled hackers to collect critical information and disrupt power supply infrastructure
- Such attacks can have devastating impacts on the country, including flooding cities with sewer water, stopping utilities, and compromising infrastructure
GitHub DDoS Attack 2018
- Largest DDoS attack in history, suspected to have originated from the PRC
- Occurred on February 28, 2018, causing service outage for around 5 minutes
- Attack was conducted through memcached over UDP, amplifying the attack by 51,000 times
- Peak data rate sent to the target was around 1.35 Tbps, with 126.9 packets sent per second
- Akamai Prolexic helped GitHub mitigate the attack by routing traffic through its scrubbing centers
Under Armour Account Hacking
- MyFitnessPal, a popular mobile application, was hacked in February 2018
- Application has millions of users, hosting over 2 million different types of healthy foods with their nutrition values
- Hack took place in late February 2018, but was only discovered in late March 2018
Test your knowledge about power grid hacking and cyberattacks with this quiz. Explore the techniques used by hackers to disrupt power generation systems and gain unauthorized access to user accounts and credentials.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free