XKeyscore and Mass Surveillance

Questions and Answers

Which of the following best describes ransomware?

• Software that blocks unwanted advertisements.
• A program that improves system performance.
• Malware that encrypts files and demands payment for decryption. (correct)
• A type of malware that steals personal information.

Which of the following types of malware can self-replicate and spread to other computers without user interaction?

• Rootkits
• Adware
• Worms (correct)
• Spyware

What is a key characteristic of cyberterrorism?

• Utilization of online resources for political or ideological motives. (correct)
• Attacks that target individual users for personal gain.
• Hacking into public systems to display personal information.
• Use of malware to steal financial information.

Which method is commonly used for delivering malware to computers?

Embedding in legitimate software (C)

What is the difference between cyberstalking and cyberbullying?

Cyberstalking is focused on tracking a person, while cyberbullying involves harassment. (B)

What is a key characteristic of Ransomware-as-a-Service (RaaS)?

It allows anyone to launch ransomware attacks without technical skills. (D)

What is the primary goal of hacktivism?

To protest and enact change aligned with the hackers' beliefs. (B)

What does 'doxing' refer to in the context of cyber activities?

Searching for and publicly disclosing private information without consent. (A)

Which of the following describes mass surveillance?

Collecting data from a large population without a specific target. (D)

What is a common method used in mass surveillance to gather information?

Monitoring communication over international fibre optic cables. (B)

What is XKeyscore primarily used for?

To analyze massive amounts of data collected by the NSA (D)

Why is mass surveillance by companies concerning from a privacy standpoint?

It can involve extensive personal data collection without consent. (C)

What type of information can XKeyscore collect?

Emails, SMS, chats, and browsing histories (C)

Which of the following terms refers to public criticizing or ridiculing an individual online?

Online shaming (D)

Which of the following is considered a type of cybercrime related to identity theft?

Stealing someone's credit card information for financial gain (A)

In the context of ransomware attacks, what does it mean if an operator lacks decryption skills?

Victims may still fail to recover their files even after paying the ransom. (B)

Which category of cybercrime involves using services without permission?

Theft of service (B)

How does XKeyscore alert analysts of noteworthy actions from their targets?

Through a feature called Trafficthief (A)

What can be a consequence of network intrusion?

It can lead to other forms of cybercrime (B)

What is the purpose of the tool called Mugshot in XKeyscore?

To help compile machine fingerprints (B)

Which of the following best describes embezzlement?

Redirecting funds for illegal purposes (B)

Study Notes

Mass Surveillance and XKeyscore

• XKeyscore is a search engine utilized by the NSA and "Five Eyes" alliance (US, UK, Canada, Australia, New Zealand) for accessing extensive data archives.
• The system collects a wide array of data, including emails, SMS messages, chats, address books, and browsing histories.
• Analysts can remotely search through this accumulated data, allowing them to request specific information which is then extracted for their needs.
• Trafficthief is a notification mechanism alerting analysts to noteworthy activities of their targets.
• XKeyscore can also identify new potential targets using queries to locate exploitable machines in specific regions and tools like Mugshot for machine fingerprinting.

Cybercrime Categories

• Identity Theft: Involves stealing personal information to impersonate individuals for financial gain, such as opening bank accounts.
• Theft of Service: Unauthorized use of services like internet or streaming; sharing passwords can lead to prosecution in certain jurisdictions.
• Network Intrusion: Common cyber attack leading to other crimes, e.g., unauthorized access to a neighbor's WiFi network.
• Posting Illegal Material: Distribution of pirated content or illegal materials such as child pornography.
• Fraud: Deceptive practices aimed at obtaining information or access for financial benefit or causing harm.
• Embezzlement: A financial fraud involving theft or misappropriation of funds.

Emerging Cybercrime Trends

• Ransomware-as-a-Service (RaaS): Platforms allowing individuals to conduct ransomware attacks without extensive technical skills, risking permanent file loss despite ransom payment.
• Hacktivism: Cyberattacks aimed at protesting against government or corporate entities, frequently involving denial-of-service attacks and doxing of individuals.
• Online Shaming: Publicly criticizing or humiliating individuals through digital platforms.

Mass Surveillance Techniques

• Mass surveillance encompasses monitoring and data collection of a population to combat threats or gather evidence.
• Involves both governmental espionage and data harvesting by corporations for targeted advertising, raising privacy concerns.
• Tempora: A method for intercepting data from international fiber optic cables.
• Muscular: Another technique for gathering data as it transmits between the data centers of major companies such as Yahoo and Google.

Cybercrime Tactics

• Dumpster Diving: The act of retrieving discarded personal information; legality hinges on whether the activity occurs on private property.
• Malicious Code: Includes various types of malware such as viruses, spyware, and ransomware.
• Unauthorized Data Alteration: Involves the illegal modification or destruction of information without proper consent.

Denial of Service Attacks

• DoS and DDoS: Deliberate overload of systems, rendering them unable to serve legitimate users; DDoS is larger in scale and more complex to mitigate.

Cyberbullying and Cyberstalking

• Emerging forms of crime where online resources are exploited for harassment (cyberbullying) or tracking individuals (cyberstalking).

Cyberterrorism

• Utilization of the internet to instigate significant harm for political objectives; its definition and implications are subject to debate and are linked to information warfare.

Description

Explore the functionalities and implications of XKeyscore, the NSA's powerful search engine. This quiz provides insights into the data collection methods and remote search capabilities utilized by the program. Understand how data from various sources, including emails and browsing histories, is analyzed.