JULIANA BENAVIDES PEREZ_Security 101 Challenge
pdf
keyboard_arrow_up
School
George Washington University *
*We aren’t endorsed by this school
Course
MISC
Subject
Information Systems
Date
Apr 3, 2024
Type
Pages
6
Uploaded by ConstableProtonChimpanzee29
Cybersecurity Threat Landscape Part 1: Crowdstrike 2021 Global Threat Report For Part 1 of your homework assignment, use the Crowdstrike 2021 Global Threat Report
,
along with independent research, to answer the following questions (remember to make a copy of this document to work on): 1. What was the dominant ransomware family that impacted the healthcare industry in 2020? [The dominant ransomware family that impacted the healthcare industry in 2020 was Maze.]
2. Describe three different pandemic-related eCrime Phishing themes. [I. Exploitation of individuals looking for details on disease tracking, testing and treatment. II. Financial assistance and government stimulus packages III. Scams offering personal protective equipment (PPE)]
3. Which industry was targeted with the highest number of ransomware-associated data extortion operations? [Industrials and Engineering] Cybersecurity Boot Camp
Security 101 Challenge
4. What is WICKED PANDA? Where do they originate from? [WICKED PANDA is a Chinese-based adversary that targeted telecommunication operations in 2020 and continues to be one of the most prolific adversaries.] 5. Which ransomware actor was the first observed using data extortion in a ransomware campaign? [OUTLAW SPIDER was the first to be observed using data extortion in a ransomware campaign.]
6. What is an access broker? [Malicious actors are threat actors that gain backend access to various organizations (both corporations and government entities) and sell this access either on criminal forums or through private channels.
]
7. Explain a credential-based attack. [A credential-based attack would be like brute forcing, password spaying or credential stuffing to bypass an account login and steal other information. The process begins with the scanning/exploitation of remote services to harvest user account credentials. Threat actors can often use these stolen credentials to reacquire access to the same targets (or to other networks where victims reused passwords) via credential-based techniques. In these situations, the stolen logins also introduce the threat of a privilege escalation from an authenticated user, pivoting and eventual domain takeover. At this point, an adversary can obtain all Active Directory accounts for future credential-based attacks as the cycle begins anew.] 8. Who is credited for the heavy adoption of data extortion in ransomware campaigns? [TWISTED SPIDER]
9. What is a DLS? [Dedicated Leak Site] 10. According to Crowdstrike Falcon OverWatch, what percentage of intrusions came from eCrime intrusions in 2020? [79%] 11. Who was the most reported criminal adversary of 2020? [WIZARD SPIDER] 12. Explain how SPRITE SPIDER and CARBON SPIDER impacted virtualization infrastructures. [They helped transition their targeted eCrime operations into BGH, launching their own ransomware-as-a-service operation.] 13. What role does an Enabler play in an eCrime ecosystem? [eCrime enablers open the doors for eCrime to keep occurring] 14. What are the three parts of the eCrime ecosystem that CrowdStrike highlighted in their report? [Trends and Techniques, OverWatch Feature: WIZARD SPIDER Targets Financial Institution & eCrime Enablers] 15. What is the name of the malicious code used to exploit a vulnerability in the SolarWinds Orion IT management software? [SUNBURST]
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Part 2: Akamai Security Year in Review 2020
In this part, you should primarily use the Akamai Security Year in Review 2020 and Akamai State of the Internet / Security
,
along with independent research, to answer the following questions. 1. What was the most vulnerable and targeted element of the gaming industry between October 2019 and September 2020? [DDoS attacks] 2. From October 2019 to September 2020, in which month did the financial services industry have the most daily web application attacks? [May 2020] 3. What percentage of phishing kits monitored by Akamai were active for only 20 days or less? [60%] 4. What is credential stuffing? [An act of using stolen credentials to infiltrate accounts]] 5. Approximately how many of the gaming industry players have experienced their accounts being compromised? How many of them are worried about it? [55%; 20%] 6. What is a three-question quiz phishing attack? [Bait, Hook and Catch]
7. Explain how Prolexic Routed defends organizations against Distributed Denial of Service (DDoS) attacks. [
Prolexic Routed is a cloud based DDos scrubbing platform to protect your apps wherever they are deployed
] 8. Which day between October 2019 to September 2020 had the highest Daily Logins associated with Daily Credential Abuse Attempts? [August 17,2020] 9. Which day between October 2019 to September 2020 had the highest gaming attacks associated with Daily Web Application Attacks? [July 11, 2020] 10. Which day between October 2019 to September 2020 had the highest media attacks associated with Daily Web Application Attacks? [August 20,2020] Part 3: Verizon Data Breaches Investigation Report
In this part, use the Verizon Data Breaches Investigation Report plus independent research to answer the following questions. ______________________________________________________________________ 1. What is the difference between an incident and a breach? 1.
[An incident is a security event that compromises the integrity, confidentiality or availability of an information asset. A breach is an incident that results in the confirmed disclosure, not just potential incident that results in the confirmed disclosure, not just potential.] 2. What percentage of breaches were perpetrated by outside actors? What percentage were perpetrated by internal actors?
[70% 30%] 3. What percentage of breaches were perpetrated by organized crime? [55%] 4. In 2020, what percent of breaches were financially motivated? [71%] 5. Define the following (additional research may be required outside of the report): Denial of service: An attack meant to shut down a machine or network, making it inaccessible for its intended users. Command control: Commands given by voice recognition. Backdoor: A type of malware that allows access to a computer or encrypted data. Keylogger: Activity monitoring software programs that allow hackers to PII 6. What remains one of the most sought-after data types for hackers? [Activity monitoring software programs that allow hackers to PII] 7. What was the percentage of breaches that involved phishing? [25%] © 2023 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help