Cyber security

Are you a Clone Trooper, Padawan, or Jedi Master? This 30-minute learning and test will determine whether you are enlightened or not. Enter your details below to begin learning and receive a certificate of acceptance upon successful completion


There are two broad categorized types of cyberattacks - passive attacks and active attacks. These two broad categories of attacks are defined as follows:

Passive attack

A passive attack is a hacking attempt where data and hardware is monitored and tracked, but no alterations are made. Often, a program or human hacker gain access to a computer or network and monitor the activity of the user, tracking emails, internet usage, and even using the system's microphone or camera to spy on the user.

Active attack

An active attack is a hacking attempt where the attacker attempts to alter, add or control data or hardware. This is the type of attack most commonly associated with hacking and includes attack types like Denial of Service and Malware.

While these general types of cyberattacks remain largely the same, the specific types of cyberattacks are constantly changing with technology.


Types of Cyberattacks

There are many specific types of cyberattacks being used today, posing threats from a variety of sources. Below is a list of the kinds of cyberattacks most commonly faced by businesses, what they are and some cybersecurity examples. This learning is intended to help users avoid cyberattacks and identify threats early.

  • 1Advanced Persistent Threats (APT)
  • 2Phishing
  • 3Denial of Service (DoS)
  • 4Insider Attacks
  • 5Malware/Adware/Spyware/Viruses
  • 6Password Attacks – Brute force
  • 7Ransomware
  • 8Man-in-the-Middle (MITM)

1. Advanced Persistent Threats (APT)

An advanced persistent threat, known by the acronym APT, is a type of passive cyberattack. In APTs, a hacker or program gains access to a computer or network over a long period with the intent to gather information. This monitoring process may be done with the intent to steal information or to collect information to be used in a more extensive attack later on. One example of an APT is the Flame malware discovered by Iran’s National Computer Emergency Response Team in 2012. This malware had infected over a thousand computers in the Middle East and North Africa, collecting information from governing and educational bodies as well as private citizens in the region. It had been spread using network connections and USB sticks and tracked audio, screenshots, keyboard activity and internet usage, among other information. The best ways to prevent APTs are to stay on top of software patches, updates and be aware of unusual user, network or computer activities at all points of entry. For healthcare, hospitality, and government agencies, following compliance guidelines and best practices is also highly recommended. You can help boost these efforts against APTs by quickly alerting admins to any suspicious activity, collecting details and providing information to supervisors to help identify, document and eliminate the risk or issue.

question 1

Is it okay to connect a personal USB or device into a computer?

2. Phishing

Phishing is a type of scam where criminals encourage targets, via email, links or other online communication methods, to perform a certain action. The action the target is encouraged to do may be anything from providing information about themselves, entering username or passwords, to clicking on a link to download something. Once the target completes the action, the originator of the scam can gain access to private systems or information. Possibly the most recognized version of the phishing scam is the often-spoofed Nigerian prince scam, where one person sends an email to as many people as possible, claiming to be a Nigerian prince in need of financial assistance to gain access to his vast riches. However, phishing scams have become significantly more sophisticated over time. Now instead of sending mass emails with a generalized plea, cybercriminals are sending emails to thoroughly researched targets, purporting to be trusted sources that the target may recognize. For example, what appear to be from legitimate sources like banking, wire transfers, invoices, paypal etc. These types of targeted phishing scams are called whaling or spear-phishing scams and make up a significant portion of cyberattacks using logo’s and copying formatting to trick users. Phishing scams are most easily prevented by educating staff members on cyber safety. Employees should know not to click on links or respond to email addresses they don’t recognize or if they don’t match the exact domain name.

question 2

How do I verify if an email or link is legitimate?<br />(Check all that apply)

question 3

When you visit a website and are interested in their marketing, advertising:

3. Denial of Service (DoS)

A denial of service or DoS attack is possibly one of the oldest and most common cyberattack methodologies. This type of cyber extortion works by denying service to a legitimate user through two methods: Specially Crafted Data: This method involves sending specialized data to a system that causes an error within the system, preventing the system from functioning. Flooding: This method involves overloading a system with enough data packets to slow it down so that the system is unable to function. DoS attacks can use one or both of these methods to cripple a system so their business ceases to function, or hold a system hostage, forcing the user to pay a fee to return the system to working order. Another distinction to make is the difference between a DoS attack and a DDoS attack — while a DoS attack uses a single computer to carry out the attack, a DDoS attack, or distributed DoS attack, uses multiple computers to do so. A common example of DoS attacks is often found in casinos. These businesses deal with large amounts of money, which are tracked using a server during their business hours. A DoS attack may slow or stop these servers during those hours or threaten to do so if the hacker’s demands are not met.

question 4

Which of these are potential DDoS attack targets?

question 5

Can my computer be used as a DDoS by a hacker?

4. Insider Attacks

Insider attacks are attacks that are initiated due to the action of a trusted internal user of a system. These users may be employees, contractors, or any other internal user. Many of these insider attacks are unintentional mistakes where an employee fails to practice proper cyber safety by clicking on a malicious link. However, rogue or disgruntled current and former employees may also attack the system on purpose for personal gain or revenge. Either way, internal attacks can result in stolen, lost, or compromised data. Insider attacks are becoming of increasing concern. One former engineer for Amazon Web Services hacked into a Capital One server hosted by her former employer. Her attack allowed her to gain access to 140,000 Social Security numbers, 80,000 bank account numbers, and a vast amount of private information. Help avoid insider attacks by reporting unusual specific user activity and their access across a network.

question 6

If I notice unusual user activity, who should I report it to?

5. Malware/Adware/Spyware/Viruses

Malware quite literally means malicious software. These programs are specifically designed to be downloaded to a computer without the user's knowledge, where the software can cause serious damage or data breaches. There are many types of malware that act in different ways, including viruses, worms, spyware, and keyloggers. Malware is often used on corporate and private devices, but it is also commonly used at the healthcare and government level as a form of international espionage. For example, India’s largest nuclear power plant was recently attacked by North Korean malware. This malware allowed attackers to gain control access to the plant. Fortunately, the issue was discovered and resolved quickly. It is crucial to maintain computer security software’s and to identify malware quickly by becoming aware of unusual behaviors from your computer browser or system.

question 7

If you receive an alert while visiting a website prompting you to do a scan on your computer because a virus was detected, what should you do?

question 8

How does a virus/adware/malware become installed?

question 9

What is more dangerous?

question 10

Define Malware

question 11

Define Adware

question 12

Define a Virus

question 13

When downloading something from your web browser (Chrome, Firefox, Edge, Safari, etc.), and a window opens offering free trial software, (i.e.  free anti-virus from McAfee), what should you do?

question 14

When a browser asks me to save cookies, what are they, and what should I do? (Mark all that apply)

question 15

When you receive pop-ups requesting you to perform an update, what should you do?

6. Password Attacks – Brute force

Password attacks, also known as brute force attacks, are attacks in which a hacker inputs various password combinations in an attempt to access a system or network. This is often accomplished using automated systems such as a dictionary attack list or rainbow tables. Because of their simplicity, password attacks are on the rise. In one case, hackers had intermittent access to software company Citrix over the course of six months in mid-2019. During that time, they removed files and information, downloaded documents, and accessed sensitive customer information. Citrix only became aware of the breach when the FBI alerted them to the activity, and the extent of the breach is still unknown. The best way to prevent this type of attack from succeeding is to implement password complexity standards and regular credential changes.

question 16

The following password policies should be used <br> (Check all that apply)

7. Ransomware

Ransomware is a specific type of malware that gathers and encrypts data and devices on a network, preventing user access. User access is only restored if the hacker’s demands are met, which most often relate to paying some type of ransom. Unfortunately, payment does not always result in access. Even if companies pay the ransom, the hacker may refuse to unlock the devices, amplifying the company’s losses. Ransomware attacks are the kind that is most likely to keep security engineers, administrators, CSOs, and other IT personnel awake at night. Ransom payments have increased 13 percent between the summer and fall of 2019, rising to an average of $41,000 per incident. Attacks are also becoming more frequent, and their effects more widespread — 13 managed service providers have been attacked throughout 2019, affecting their companies as well as the clients using their systems. Eliminating the issue before it arrives is the key, and maintaining an active anti-virus is critical to help avoid or minimize infection possibilities. Properly configured networks and firewalls with UTM (Unified threat management) licensing are excellent resources to aid blocking ransomware.

question 17

Which of the following is an indication of ransomware?

8. Man-in-the-Middle (MITM)

man-in-the-middle attack is when a third party intercepts communication between two parties. This third-party gains access to the communication then listens in or monitors activity, gaining access to any information shared over that connection, including login credentials, personal information, and more. MITM attacks are the oldest type of cyber attack and began with eavesdropping on phone lines, radio lines, and other communications channels. The methods have become significantly more advanced over time, however. For example, one type of MITM attack is an Evil Twin attack, which occurs when a user accesses the internet through a deceptive Wi-Fi access point. The access point’s owner can then monitor this connection. The best way to prevent MITM attacks from affecting your workplace is by not accessing unknown or unfamiliar Wi-Fi access points and by educating your employees on proper cybersecurity practices and being aware of unusual network behavior.

question 18

Is it safe to connect your laptop or mobile device into the following networks? (Mark all that apply)

question 19

If I connect into an open unknown or neighboring network, is it safe to enter private information such as passwords, bank account information, etc.?

question 20

What is an SSL certificate, and what does it do?<br>(Check all that apply)

question 21

Should I enter private information into a website that doesn’t have an SSL?