Podcast
Questions and Answers
This typically happens when unsuspecting users fall prey to ______ attempts.
This typically happens when unsuspecting users fall prey to ______ attempts.
phishing
Users enter their login credentials on ______ websites.
Users enter their login credentials on ______ websites.
fake
The x-axis of the graph lists all of the devices and apps on your ______.
The x-axis of the graph lists all of the devices and apps on your ______.
network
When lost, stolen or exposed, compromised credentials can give the intruder an ______ access.
When lost, stolen or exposed, compromised credentials can give the intruder an ______ access.
Compromised ______ can give the intruder access to user accounts.
Compromised ______ can give the intruder access to user accounts.
Different ______ methods are represented on the y-axis of the graph.
Different ______ methods are represented on the y-axis of the graph.
Examples of breach methods include weak passwords and ______.
Examples of breach methods include weak passwords and ______.
Phishing attempts target ______ users who are unaware of the risks.
Phishing attempts target ______ users who are unaware of the risks.
An adversary uses a cyber attack vector to ______ or infiltrate a network.
An adversary uses a cyber attack vector to ______ or infiltrate a network.
Social engineering is one of the breach methods that can manipulate individuals into ______ information.
Social engineering is one of the breach methods that can manipulate individuals into ______ information.
Flashcards
Cyber Attack Vector
Cyber Attack Vector
The method an attacker uses to breach a network or system.
Breach Method
Breach Method
A specific way an attacker can compromise a network or system
Network Devices
Network Devices
Computers, apps, and other devices connected to a network.
Graph X-axis
Graph X-axis
Signup and view all the flashcards
Graph Y-axis
Graph Y-axis
Signup and view all the flashcards
Phishing attempts
Phishing attempts
Signup and view all the flashcards
Compromised credentials
Compromised credentials
Signup and view all the flashcards
Insider's access
Insider's access
Signup and view all the flashcards
Fake websites
Fake websites
Signup and view all the flashcards
Unsuspecting users
Unsuspecting users
Signup and view all the flashcards
Study Notes
Unit 2: Cybercrime
- Cybercrime is criminal activity targeting or using computers, networks, or devices.
- Most cybercrimes are committed for financial gain.
- Some cybercriminals are organized and highly skilled, while others are novice hackers.
- Cybercrime can damage computers for reasons other than profit, such as political or personal motivations.
Types of Cybercrime
- Email and internet fraud: Stealing personal information.
- Identity fraud: Stealing and using personal information.
- Theft of financial or card payment data: Stealing financial information.
- Theft and sale of corporate data: Stealing and selling company data.
- Cyberextortion: Demanding money to prevent a threatened attack.
- Ransomware attacks: Holding data hostage to obtain a ransom.
- Cryptojacking: Using computer resources to mine cryptocurrencies.
- Cyber espionage: Hackers gaining access to government or company data.
Malware Attacks
- Malware attacks involve infecting computer systems or networks with viruses or other malware.
- Compromised computers can be used for various criminal purposes, including stealing data, conducting other criminal activities, or causing damage.
- The WannaCry ransomware attack was a globally significant malware attack in May 2017, impacting 230,000 computers across 150 countries and causing estimated $4 billion in losses.
Denial-of-Service Attacks
- A denial-of-service attack (DoS) stops users from accessing a machine or network, or prevents a business from providing services to its customers.
- A distributed denial-of-service (DDoS) attack is a DoS attack using compromised computers.
Phishing
- Phishing is a cybercrime tactic using email, telephone, or text messages that tricks individuals into providing sensitive information.
- Phishing campaigns aim to undermine security of the organizations individuals work for.
- Some sophisticated phishing schemes can bypass traditional security measures such as email gateways.
Main Attack Vectors
- Attack surface includes network devices (infrastructure, apps, endpoints, IoT).
- Attack vectors are the methods attackers use to exploit system vulnerabilities
- compromised credentials, malware, weak and stolen credentials, malicious insiders, mis-configurations, ransomware, and phishing.
Security Breaches
- Security breaches involve unauthorized access to sensitive data, impacting brand, customers, and assets
- DDoS, Bitcoin Mining are other examples of security breaches.
- Data breaches are the most common type of security breach.
SOC/CERT/CSIRT
- SOC (security operations center) manages and analyzes security incidents.
- CSIRT (computer security incident response team) is responsible for responding to incidents and deploying appropriate responses.
- Several companies outsource their SOC functions to security providers.
Classified Cyber threats and cybercrimes
- Websites and resources provide information about classifying cyber threats categories.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
