Understanding Attackers Flashcards
What is a SCRIPT KIDDIE?
Unskilled attackers that reuse hacking tools that have been developed by others.
What are good defenses against SCRIPT KIDDIES?
Basic security controls like regular patching, endpoint security software, firewalls, and intrusion prevention systems. This is due to the fact that the scripts used are usually for known vulnerabilities.
What is a HACKTIVIST?
Hackers who use their skills in order to advance their political or social agenda. The name comes from the combination of the words hacker and activist, and their skills can vary from script kiddie to an expert hacker.
What types of attacks are primarily done by members of a criminal organization? What is the primary motive behind the attacks?
Ransomware and all types of cyber extortion. This is done mainly for financial gain.
What is CORPORATE ESPIONAGE?
When a competitor of a competing business targets another business in order to obtain proprietary information that would give them a business advantage.
What is an INSIDER THREAT?
An attack that comes from within the organization.
What is a PRIVILEGED ESCALATION ATTACK?
When a normal user’s credentials are modified into a type of super user account.
What are some common characteristics of persons that take action of an INSIDER THREAT?
Tend to have a predisposition to perform the attack, such as disciplinary problems, mental illness, can be disgruntled from work, stress from personal lives.
What are behavioral indicators that the FBI suggests are indicative of an insider attack?
Taking work materials home, being interested in work issues that do not apply to them, bringing personal equipment to the office, buying items that they could not normally afford on a company salary.
What is THREAT INTELLIGENCE?
Set of activities that an organization undertake to educate itself about changes in the cybersecurity threat landscape, and integrate information about changing threats into its cybersecurity operations.
What is OPEN-SOURCE INTELLIGENCE?
Gathering information from freely available public sources.
Examples: Security websites, general news media, social media, government-sponsored cybersecurity analysis centers, and security research organizations.
What is E-MAIL HARVESTING?
When attackers search the web for valid email addresses at the target’s domain and then use the addresses to send out spearfishing attacks.
