Copy of [MAKE A COPY] Security 101 Challenge
docx
keyboard_arrow_up
School
University of Texas *
*We aren’t endorsed by this school
Course
BOOTCAMP
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
6
Uploaded by CorporalMoose4126
Cybersecurity Threat Landscape
Part 1: Crowdstrike 2021 Global Threat Report
For Part 1 of your homework assignment, use the Crowdstrike 2021 Global Threat Report
,
along with independent research, to answer the following questions (remember to make a copy of this document to work on):
1.
What was the dominant ransomware family that impacted the healthcare industry
in 2020?
Maze
2.
Describe three different pandemic-related eCrime Phishing themes.
1.Emails, attackers impersonating the CDC.
2.Attacks on people working remotely.
3.
Scams to give people protective gear online.
4.
Which industry was targeted with the highest number of ransomware-associated data extortion operations?
Education
5.
What is WICKED PANDA? Where do they originate from?
A Chinese cyber threat group of people. China.
Cybersecurity Boot Camp
Security 101 Challenge
6.
Which ransomware actor was the first observed using data extortion in a ransomware campaign?
Outlaw-Spider
7.
What is an access broker? They have advanced social engineering scams to blend with normal users to sell credentials to make a quick profit.
8.
Explain a credential-based attack.
Attackers steal credentials to get access, bypass companies and organizations security measures and steal data.
9.
Who is credited for the heavy adoption of data extortion in ransomware campaigns?
Twisted Spider
10.What is a DLS?
Data Leak Site- When data is compromised by threat actors to obtain information and extort money from businesses.
11.According to Crowdstrike Falcon OverWatch, what percentage of intrusions came from eCrime intrusions in 2020? 80%
12.Who was the most reported criminal adversary of 2020? Wizard Spider
13.Explain how SPRITE SPIDER and CARBON SPIDER impacted virtualization infrastructures.
They allow users to create vm’s on a single computer.
14.What role does an Enabler play in an eCrime ecosystem?
They give criminal actors capabilities they couldn't get on their own.
15.What are the three parts of the eCrime ecosystem that CrowdStrike highlighted in
their report?
Circuit Panda, Wizard Panda, and Phantom Panda
16.What is the name of the malicious code used to exploit a vulnerability in the SolarWinds Orion IT management software?
Sunburst
Part 2: Akamai Security Year in Review 2020
In this part, you should primarily use the Akamai Security Year in Review 2020 and Akamai State of the Internet / Security
,
along with independent research, to answer the following questions.
1.
What was the most vulnerable and targeted element of the gaming industry between October 2019 and September 2020? The players
2.
From October 2019 to September 2020, in which month did the financial services
industry have the most daily web application attacks? December
3.
What percentage of phishing kits monitored by Akamai were active for only 20 days or less? 60%
4.
What is credential stuffing?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Stolen credentials to get into accounts.
5.
Approximately how many of the gaming industry players have experienced their accounts being compromised? How many of them are worried about it?
More than half accounts was compromised, ⅕ was worried.
6.
What is a three-question quiz phishing attack?
A trick used by hackers to gain personal information.
7.
Explain how Prolexic Routed defends organizations against Distributed Denial of Service (DDoS) attacks.
They redirect network traffic through Akamai Scrubbing centers, and allow only clean traffic to come through.
8.
Which day between October 2019 to September 2020 had the highest Daily Logins associated with Daily Credential Abuse Attempts? 8-17-20
9.
Which day between October 2019 to September 2020 had the highest gaming attacks associated with Daily Web Application Attacks? 7-11-20
10.
Which day between October 2019 to September 2020 had the highest media attacks associated with Daily Web Application Attacks?
8-20-20
Part 3: Verizon Data Breaches Investigation Report
In this part, use the Verizon Data Breaches Investigation Report plus independent research to answer the following questions.
______________________________________________________________________
1.
What is the difference between an incident and a breach? Incident compromises the confidentiality, or integrity of an information asset. Breach is when a incident results in confirmed disclosure,not only potential.
2.
What percentage of breaches were perpetrated by outside actors? What percentage were perpetrated by internal actors? 80% and 25%
3.
What percentage of breaches were perpetrated by organized crime? 80%
4.
In 2020, what percent of breaches were financially motivated? 92%
5.
Define the following (additional research may be required outside of the report): Denial of service
: Is an attack meant to shut down a network or machine, making so the intended users can't access it. Command control
: When a cybercriminal or attacker controls a computer to send commands to systems compromised by malware to receive stolen data from a specific network. Backdoor
:Any method unauthorized and authorized users use to get around normal security measures to gain high level access Keylogger
: When a hardware or malware records and keep track of your keystrokes as you type.
6.
What remains one of the most sought-after data types for hackers? Credentials
7.
What was the percentage of breaches that involved phishing?
35% to 40%
© 2023 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help