The history of cybersecurity

Question 1

What is Phishing?

Answer 1

Phishing is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Question 2

Some of the most common types of phishing attacks today include…

Business Email Compromise (BEC)

Answer 2

A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.

Question 3

Some of the most common types of phishing attacks today include…

Spear phishing

Answer 3

A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.

Question 4

Some of the most common types of phishing attacks today include…

Whaling

Answer 4

A form of spear phishing. Threat actors target company executives to gain access to sensitive data

Question 5

Some of the most common types of phishing attacks today include…

Vishing

Answer 5

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Question 6

Some of the most common types of phishing attacks today include…

Smishing

Answer 6

The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

Question 7

What is Malware?

Answer 7

Malware is software designed to harm devices or networks. There are many types of malware. The primary purpose of malware is to obtain money, or in some cases, an intelligence advantage that can be used against a person, an organization, or a territory.

Question 8

Some of the most common types of malware attacks today include:

Viruses

Answer 8

Malicious code written to interfere with computer operations and cause damage to data, software, and hardware. A virus attaches itself to programs or documents, on a computer. It then spreads and infects one or more computers in a network.

Question 9

Some of the most common types of malware attacks today include:

Worms

Answer 9

Malware that can duplicate and spread itself across systems on its own.

Question 10

Some of the most common types of malware attacks today include:

Ransomware

Answer 10

A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.

Question 11

Some of the most common types of malware attacks today include:

Spyware

Answer 11

Malware that’s used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

Question 12

What is Social Engineering

Answer 12

Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. Human error is usually a result of trusting someone without question. It’s the mission of a threat actor, acting as a social engineer, to create an environment of false trust and lies to exploit as many people as possible.

Question 13

Some of the most common types of social engineering attacks today include:

Social media Phishing

Answer 13

A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.

Question 14

Some of the most common types of social engineering attacks today include:

Watering hole attack:

Answer 14

A threat actor attacks a website frequently visited by a specific group of users.

Question 15

Some of the most common types of social engineering attacks today include:

USB baiting:

Answer 15

A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.

Question 16

Some of the most common types of social engineering attacks today include:

Physical social engineering

Answer 16

A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location

Question 17

Reasons why social engineering attacks are effective include…

Authority

Answer 17

Threat actors impersonate individuals with power. This is because people, in general, have been conditioned to respect and follow authority figures.

Question 18

Reasons why social engineering attacks are effective include…

Intimidation

Answer 18

Threat actors use bullying tactics. This includes persuading and intimidating victims into doing what they’re told.

Question 19

Reasons why social engineering attacks are effective include…

Consensus/Social proof:

Answer 19

Because people sometimes do things that they believe many others are doing, threat actors use others’ trust to pretend they are legitimate. For example, a threat actor might try to gain access to private data by telling an employee that other people at the company have given them access to that data in the past.

Question 20

Reasons why social engineering attacks are effective include…

Scarcity

Answer 20

A tactic used to imply that goods or services are in limited supply

Question 21

reasons why social engineering attacks are effective include…

Familiarity:

Answer 21

Threat actors establish a fake emotional connection with users that can be exploited.

Question 22

Reasons why social engineering attacks are effective include…

Trust:

Answer 22

hreat actors establish an emotional relationship with users that can be exploited over time. They use this relationship to develop trust and gain personal information.

Question 23

Reasons why social engineering attacks are effective include…

Urgency

Answer 23

A threat actor persuades others to respond quickly and without questioning.