Cyber security
certificate

Are you a Clone Trooper, Padawan, or Jedi Master? This 30-minute learning and test will determine whether you are enlightened or not.Enter you details below to begin learing and receive a certificate of acceptance upon successful completion

Cyberattacks

There are two broad categorized types of cyberattacks - passive attacks and active attacks. These two broad categories of attacks are defined as follows:

Passive attack

A passive attack is a hacking attempt where data and hardware is monitored and tracked, but no alterations are made. Often, a program or human hacker gain access to a computer or network and monitor the activity of the user, tracking emails, internet usage, and even using the system's microphone or camera to spy on the user.

Active attack

An active attack is a hacking attempt where the attacker attempts to alter, add or control data or hardware. This is the type of attack most commonly associated with hacking and includes attack types like Denial of Service and Malware.

While these general types of cyberattacks remain largely the same, the specific types of cyberattacks are constantly changing with technology.

8

Types of Cyberattacks

There are many specific types of cyberattacks being used today, posing threats from a variety of sources. Below is a list of the kinds of cyberattacks most commonly faced by businesses, what they are and some cybersecurity examples. This learning is intended to help users avoid cyberattacks and identify threats early.

  • 1Advanced Persistent Threats (APT)
  • 2Phishing
  • 3Denial of Service (DoS)
  • 4Insider Attacks
  • 5Malware/Adware/Spyware/Viruses
  • 6Password Attacks – Brute force
  • 7Ransomware
  • 8Man-in-the-Middle (MITM)

1. Advanced Persistent Threats (APT)

An advanced persistent threat, known by the acronym APT, is a type of passive cyberattack. In APTs, a hacker or program gains access to a computer or network over a long period with the intent to gather information. This monitoring process may be done with the intent to steal information or to collect information to be used in a more extensive attack later on.

One example of an APT is the Flame malware discovered by Iran’s National Computer Emergency Response Team in 2012. This malware had infected over a thousand computers in the Middle East and North Africa, collecting information from governing and educational bodies as well as private citizens in the region. It had been spread using network connections and USB sticks and tracked audio, screenshots, keyboard activity and internet usage, among other information.

The best ways to prevent APTs are to stay on top of software patches, updates and be aware of unusual user, network or computer activities at all points of entry. For healthcare, hospitality, and government agencies, following compliance guidelines and best practices is also highly recommended. You can help boost these efforts against APTs by quickly alerting admins to any suspicious activity, collecting details and providing information to supervisors to help identify, document and eliminate the risk or issue.

question 1

Is it okay to connect a personal USB or device into a computer?
Select the best answer:


2. Phishing

Phishing is a type of scam where criminals encourage targets, via email, links or other online communication methods, to perform a certain action. The action the target is encouraged to do may be anything from providing information about themselves, entering username or passwords, to clicking on a link to download something. Once the target completes the action, the originator of the scam can gain access to private systems or information.

Possibly the most recognized version of the phishing scam is the often-spoofed Nigerian prince scam, where one person sends an email to as many people as possible, claiming to be a Nigerian prince in need of financial assistance to gain access to his vast riches. However, phishing scams have become significantly more sophisticated over time. Now instead of sending mass emails with a generalized plea, cybercriminals are sending emails to thoroughly researched targets, purporting to be trusted sources that the target may recognize. For example, what appear to be from legitimate sources like banking, wire transfers, invoices, paypal etc. These types of targeted phishing scams are called whaling or spear-phishing scams and make up a significant portion of cyberattacks using logo’s and copying formatting to trick users.

Phishing scams are most easily prevented by educating staff members on cyber safety. Employees should know not to click on links or respond to email addresses they don’t recognize or if they don’t match the exact domain name.

question 2

How do I verify if an email or link is legitimate?
Select multiple answers:


question 3

When you visit a website and are interested in advertising:


3. Denial of Service (DoS)

A denial of service or DoS attack is possibly one of the oldest and most common cyberattack methodologies. This type of cyber extortion works by denying service to a legitimate user through two methods:

Specially Crafted Data: This method involves sending specialized data to a system that causes an error within the system, preventing the system from functioning. Flooding: This method involves overloading a system with enough data packets to slow it down so that the system is unable to function.

DoS attacks can use one or both of these methods to cripple a system so their business ceases to function, or hold a system hostage, forcing the user to pay a fee to return the system to working order. Another distinction to make is the difference between a DoS attack and a DDoS attack — while a DoS attack uses a single computer to carry out the attack, a DDoS attack, or distributed DoS attack, uses multiple computers to do so.

A common example of DoS attacks is often found in casinos. These businesses deal with large amounts of money, which are tracked using a server during their business hours. A DoS attack may slow or stop these servers during those hours or threaten to do so if the hacker’s demands are not met.

question 4

Which of these are potential DDoS attack targets?
Check all that apply:


question 5

Can my computer be used
as a DDoS?


4. insider Attacks

Insider attacks are attacks that are initiated due to the action of a trusted internal user of a system. These users may be employees, contractors or any other internal user. Many of these insider attacks are unintentional mistakes where an employee fails to practice good cyber safety by clicking on a malicious link. However, rogue or disgruntled current and former employees may also attack the system on purpose for personal gain or revenge. Either way, internal attacks can result in stolen, lost or compromised data.

Insider attacks are becoming of increasing concern. One former engineer for Amazon Web Services hacked into a Capital One server hosted by her former employer. Her attack allowed her to gain access to 140,000 Social Security numbers, 80,000 bank account numbers and a vast amount of private information.

Help avoid insider attacks by reporting unusual specific user activity and their access across a network.

question 6

If I notice unusual user activity, who should
I report it to?


5. Malware

Malware quite literally means malicious software. These programs are specifically designed to be downloaded to a computer without the user’s knowledge, where the software can cause serious damage or data breaches. There are many types of malware that act in different ways, including viruses, worms, spyware and keyloggers.

Malware is often used on corporate and private devices, but it is also commonly used at the healthcare and government level as a form of international espionage. For example, India’s largest nuclear power plant was recently attacked by North Korean malware. This malware allowed attackers to gain control access to the plant. Fortunately, the issue was discovered and resolved quickly.

It is important maintain computer security software’s and to identify malware quickly by becoming aware of unusual behaviors from your computer browser or system.

question 7.A

When I am visiting a website page and I get an alert that I need to do a scan on my computer because a virus was detected?


question 7.B

When I receive pop-ups saying I have to perform an update?


question 8

How does a virus/adware/malware become installed?
Check all that apply


question 9

What is more dangerous?
Check all that apply


question 10

Define Malware ?
Check all that apply:


question 11

Define Adware?
Check all that apply:


question 12

Define a Virus.
Check all that apply:


6. Password Attacks – Brute force

Password attacks, also known as brute force attacks, are attacks in which a hacker inputs various password combinations in an attempt to access a system or network. This is often accomplished using automated systems such as a dictionary attack list or rainbow tables.

Because of their simplicity, password attacks are on the rise. In one case, hackers had intermittent access to software company Citrix over the course of six months in mid-2019. During that time, they removed files and information, downloaded documents and accessed sensitive customer information. Citrix only became aware of the breach when the FBI alerted them to the activity, and the extent of the breach is still unknown.

The best way to prevent this type of attack from succeeding is to implement password complexity standards and regular credential changes.

question 13

The following password policies should be used?
Check all that apply:


7. Ransomware

Ransomware is a specific type of malware that gathers and encrypts data and devices on a network, preventing user access. User access is only restored if the hacker’s demands are met, which most often relate to paying some type of ransom. Unfortunately, payment does not always result in access. Even if companies pay the ransom, the hacker may refuse to unlock the devices, amplifying the company’s losses.

Ransomware attacks are the kind that is most likely to keep security engineers, administrators, CSOs and other IT personnel awake at night. Ransom payments have increased 13 percent between the summer and fall of 2019, rising to an average of $41,000 per incident. Attacks are also becoming more frequent and their effects more widespread — 13 managed service providers have been attacked throughout 2019, affecting their companies as well as the clients using their systems.

Eliminating the issue before it arrives is the key and maintaining an active anti-virus is critical to helping avoid or minimize infection possibilities. Properly configured networks and firewalls with UTM (Unified threat management) licensing are excellent resources to aid blocking ransomware.

question 14

Which of the following is an indication of ransomware?
Check all that apply:


How To identify Ransomware: How it Act

Ransomware behavior is considered to be silent but deadly. It has many ways on how it could enter your computer. If you don't know how to identify ransomware and how it acts, it would be difficult for you to make a solution to the problem it created.

File Encryption - One simple way on how to identify ransomware on your computer is when the file got encrypted. Ransomware has the capability of encrypting all kind of files. It includes photos, videos, office documents and many else.

File Renaming - When a ransomware gets into your computer, it renames your data. This is a better way of knowing how to identify ransomware on your computer. This is typical behavior of a ransomware to create confusion on which file is affected.

File Extension Alteration - To help you on how to identify ransomware, you can check the extension file of your data. If the extensions were altered and became an unknown character, there is a big possibility of a ransomware infection on your computer.

Ransom Note on the Screen - Usually, you will never know when a ransomware gets inside to your computer. It will secretly do what it needs to do, and when it is finished, that's the time it will reveal itself. A good way to know how to identify ransomware is when you see a ransom message flashed to your screen. It demands you to pay a ransom fee for a certain period of time. If you fail to pay the criminals, all of your files will be deleted. Turn your Computer into Botnets - One of the things that may happen to your computer when you have been infected by a ransomware is to become a bot in a botnet. Although it would be difficult for you how to identify ransomware on your computer if it became a botnet. You will just notice that your PC is running slow and keeps on hanging most of the time.

Spread in the Network - Another common way on how to identify ransomware is when your neighboring computers also gets infected. It is because ransomware is capable of spreading the infection into your local network. So, if you are infected, all of the computer connected to your network will also be infected by the ransomware.

Data extraction - The last option on how to identify ransomware is data extraction. Although this also happens in the background and would be hard to recognize. Once it has extracted your files, you will never know what will it do next. It could upload your file to criminal's server or encrypt them all.

8. Man-in-the-Middle (MiTM)

A man-in-the-middle attack is when a third party intercepts communication between two parties. This third-party gains access to the communication then listens in or monitors activity, gaining access to any information shared over that connection, including login credentials, personal information and more.

MITM attacks are the oldest type of cyberattack and began with eavesdropping on phone lines, radio lines and other communications channels. The methods have become significantly more advanced over time, however. For example, one type of MITM attack is an Evil Twin attack, which occurs when a user accesses the internet through a deceptive Wi-Fi access point. The access point’s owner can then monitor this connection.

The best way to prevent MITM attacks from affecting your workplace is by not accessing unknown or unfamiliar Wi-Fi access points and by educating your employees on proper cybersecurity practices and being aware of unusual network behavior.

question 15

Should you connect your device into the public the following networks?


question 16

If I connect into an open unknown or neighboring network, is it safe to enter private information such as passwords, bank account information, etc.?


question 17

What is an SSL certificate, and what does it do?
Checkbox all answers that apply:


question 18

Should I enter private information into a website that doesn’t have an SSL?