Cyber Attacks Flashcards
Types of Attackers - Amateurs (Script Kiddies)
Explanation: Script kiddies, or amateurs, are inexperienced hackers using existing tools or instructions from the internet to launch attacks. Their motives vary from curiosity to causing harm, and although they use basic tools, their attacks can still have significant consequences.
Types of Attackers - Hackers
Explanation: Hackers break into computer systems or networks to gain access. Depending on their intent, they can be classified as white hat (ethical), gray hat (ambiguous), or black hat (malicious) hackers.
White Hat Hackers
Explanation: White hat attackers identify system weaknesses with permission, aiming to improve security. They report findings to the system owner and operate with ethical intentions.
Gray Hat Hackers
Explanation: Gray hat attackers seek vulnerabilities, reporting findings to system owners only if aligned with their agenda. They may publish details publicly, leaving room for ethical ambiguity.
Black Hat Hackers
Explanation: Black hat attackers exploit vulnerabilities for illegal personal, financial, or political gain, engaging in malicious activities without ethical considerations.
Organized Hackers
Explanation: Organized hackers comprise cyber criminal organizations, hacktivists, terrorists, and state-sponsored hackers. They are sophisticated, well-organized, and may provide cybercrime services.
Hacktivists
Explanation: Hacktivists engage in hacking for political statements, aiming to raise awareness about important issues aligned with their beliefs.
State-Sponsored Attackers
Explanation: State-sponsored attackers work on behalf of a government, gathering intelligence or conducting sabotage. They are highly trained, well-funded, and focus on specific government goals
Internal Threats - Mishandling Confidential Data
Explanation: Internal threats may involve mishandling confidential data within the organization, potentially compromising sensitive information
Internal Threats - USB Media Connections
Explanation: Internal individuals may facilitate outside attacks by connecting infected USB media to the organization’s computer system, introducing potential threats.
Internal Threats - Clicking on Malicious Emails or Websites
Explanation: Internal threats can invite malware onto the organization’s network by clicking on malicious emails or websites, posing risks to the network’s integrity.
Internal Threats - Threatening Network Infrastructure
Explanation: Internal individuals may pose a threat by jeopardizing the operations of internal servers or network infrastructure devices, potentially disrupting organizational functions.
External Threats - Exploiting Network Vulnerabilities
Explanation: External threats involve exploiting vulnerabilities in the network, taking advantage of weaknesses to gain unauthorized access.
External Threats - Unauthorized Access to Computing Devices
Explanation: External attackers aim to gain unauthorized access to computing devices, attempting to infiltrate the organization’s systems.
External Threats - Social Engineering for Unauthorized Access
Explanation: External threats may use social engineering techniques to gain unauthorized access to organizational data, manipulating individuals for illicit access.
