Types of Cyberattacks

Questions and Answers

What is the primary characteristic of a phishing email?

• It contains an attachment with malware.
• It is sent from a known contact.
• It asks for login credentials under a false pretense. (correct)
• It is usually encrypted for security.

Which type of attacker is described as using sophisticated techniques linked to government agencies?

• Inexperienced attackers
• Script kiddies
• Political hacktivists
• Cyber espionage actors (correct)

What is an example of social engineering in cybersecurity?

• Using malware to infiltrate a system.
• Collecting data from social media profiles.
• Creating a false scenario to gain trust. (correct)
• Intercepting unsecured public Wi-Fi traffic.

How does a keylogger function?

It logs all local activity, including keystrokes. (A)

What is the purpose of adding random data to a password before hashing?

To create a unique hash for similar passwords. (D)

In what way is DNS spoofing used maliciously?

To redirect users to fake websites. (A)

What distinguishes advanced persistent threats (APTs) from other types of attacks?

They consist of prolonged and targeted intrusions. (D)

Which of the following describes a form of malware that spreads within code without authorization?

Worm (B)

Match the following cyber attack types to their descriptions:

Phishing attack using SMS/text messages = Gathering information before launching an attack Inexperienced attackers using pre-made tools = An employee clicks a malicious link on a social media post Highly sophisticated groups linked to government agencies = Groups or individuals using cyber-attacks for political or social objectives A malicious USB stick left in a public place = An attacker intercepts traffic from unsecured public Wi-Fi

Match the following types of malware to their functions:

Malware that spreads within code = Malware concealed within a legitimate program Logs all local activity on a device = Malware that propagates over network links Allows a user to authenticate once = Method of trying all possible combinations to guess a password A knowledge-based authentication factor = Auditing the usage of an account

Match the following social engineering techniques to their descriptions:

Creating a fabricated scenario to gain trust = Making the target feel comfortable or liked Following someone into a secure area = Gaining access to a secure area with the consent of an employee Redirecting a user to a fake website = Manipulating people to gain unauthorized access or information Phishing email asking for login credentials = Phishing attack using SMS/text messages

Match the following cryptographic terms to their definitions:

A cryptographic process producing a fixed-length output = The unencoded message before encryption is applied A technique that adds random data to a password = A process that strengthens weak keys by using additional rounds Encrypts fixed-size blocks of data = Concealing messages within a covertext Uses a public and private key pair = The process of cracking or breaking cryptographic systems

Match the following malware types to their characteristics:

Malware that propagates over network links = Malware concealed within a legitimate program Logs local activity including screenshots = Malware that spreads within code without authorization Encrypts fixed-size blocks of data = Allows a user to authenticate once and gain access to multiple systems Method of trying all possible combinations = Phishing attack using SMS/text messages

Match the following attack methods to their objectives:

Phishing email = Redirecting a user to a fake website Data interception on unsecured Wi-Fi = Gaining unauthorized information using manipulation Malicious USB stick = Cyber espionage actors exploiting insider knowledge Information gathering prior to an attack = An attacker using pre-made tools with little knowledge

Match the following forms of attack to their examples:

Social engineering = Creating a fabricated scenario to gain trust Phishing attack = Phishing email asking for login credentials Attacks via malware = Malware hidden inside legitimate applications Insider threat = Gaining access with an employee's consent

Match the following cryptographic terms to their processes:

A technique to obscure messages = Using random data in hashing A method for enforcing stronger keys = Cryptographic process of producing fixed outputs The act of breaking encrypted systems = Encrypting fixed-size blocks of data Two key encryption method = Adding random data to a password before hashing

Flashcards

Advanced Persistent Threat (APT)

A highly sophisticated group of attackers often linked to government agencies, frequently engaged in espionage and state-sponsored hacking.

Cryptanalysis

The process of intercepting encrypted communication to decode and read the messages.

Steganography

A cryptographic technique where data is concealed within seemingly harmless content, such as images, audio, or video, to hide the true message.

Asymmetric Key Encryption

A type of cryptography employing a key pair, allowing one key to encrypt data and the other to decrypt it. One key is kept private, while the other is made public. This ensures only the authorized recipient can decrypt the message.

Single Sign-On (SSO)

A method of authentication allowing repeated access to multiple systems with only one initial login.

Worm

Malware that spreads autonomously within a computer system, replicating itself without user interaction.

Trojan Horse

A type of malware disguised as legitimate software, secretly harboring malicious intent.

Account Auditing

The process of analyzing system logs to track user activity and identify potentially unauthorized behavior.

Man-in-the-Middle Attack

An attacker intercepts unencrypted traffic from public Wi-Fi networks to steal sensitive data.

Phishing

An attacker creates a fake website mimicking a legitimate one to trick users into providing credentials.

Malware

Software designed to intentionally harm computer systems, steal data, or disrupt operations.

Hashing

A cryptographic process that converts any input into a fixed-length output.

Brute Force Attack

A technique used by attackers to try all possible passwords until the correct one is identified.

Study Notes

Types of Cyberattacks

• Unsophisticated attacks: Inexperienced attackers use pre-made tools, with limited understanding of attack methods. Examples include phishing emails (tricking users into revealing login credentials under false pretenses, masquerading as a legitimate company), malicious USB drives left in public places, and clicking malicious links.
• Sophisticated attacks: Highly organized groups, often linked to government agencies, carry out complex attacks primarily for espionage. This includes cyber espionage actors (exploiting insider knowledge for competitive gain) and groups engaging in politically or socially motivated attacks.

Attack Techniques

• Social engineering: Manipulating people to gain unauthorized access or information. This involves creating fabricated scenarios to build trust, making the target feel comfortable or liked, and luring them into clicking malicious links or downloading attachments.
• Reconnaissance (pre-attack): Gathering information before a cyberattack. This includes tailgating (following someone into a secured area without their knowledge), DNS spoofing (redirecting users to fake websites), intercepting traffic from unsecured public Wi-Fi networks, and using SMS/text messages in phishing attacks.
• Insider threats: Gaining access to a secure area with the consent of an employee or accomplice.

Malware Descriptions

• Network Worms: Propagate over network links, consuming bandwidth.
• Keyloggers: Log all local activity on a device, including screenshots.
• Single Sign-On (SSO): Allows users to log in once to access multiple systems.
• Brute-Force Attack: Trying all possible combinations to guess a password.
• Knowledge-Based Authentication: A security factor relying on facts known to the user (e.g., a password).
• Malware in Code: Malware within legitimate code/programs without authorization of the developer.
• Trojans: Malware disguised as a legitimate program
• Account Activity Auditing: Monitoring actions performed using an account.

Cryptographic Concepts

• Cryptographic Systems Hacking: The process of breaking cryptographic systems.
• One-way Hash Function: A cryptographic process producing a fixed-length, one-way output from an input.
• Steganography: Concealing messages within a covertext; usually audio, image, or video.
• Public Key Cryptography: Using a pair of public and private keys, where one encrypts and the other decrypts. (This includes asymmetric encryption)
• Block Cipher: Encrypts fixed-size blocks of data, using padding if necessary.
• Plaintext: The unencoded message before encryption is applied.
• Key Strengthening: A process that strengthens weak cryptographic keys by using additional rounds of cryptographic operations.
• Salting: The technique of adding random data to passwords before hashing, preventing pre-computed hash tables for cracking and enhancing security.

Additional Note

• Phishing methods can involve SMS/text messages in addition to email.
• Malware examples include installing malware by clicking malicious links on social media.

Matching Matrix Questions: Malware and AAA

• Network Worms: Propagate over network links and consume bandwidth.
• Keyloggers: Log all local activity on a device, including screenshots.
• Single Sign-On (SSO): Allows a user to authenticate once and gain access to multiple systems.
• Brute-Force Attack: Method of trying all possible combinations to guess a password.
• Knowledge-Based Authentication: A knowledge-based authentication factor (e.g., password).
• Malware in Code: Malware that spreads within code without authorization.
• Trojans: Malware concealed within a legitimate program.
• Account Activity Auditing: Auditory usage of an account.