Attacks

A cybercriminal group wants to disrupt the operations of a major national bank. They know the bank has strong defenses, so they launch a massive Distributed Denial of Service (DDoS) attack against the bank's internet service provider (ISP), causing outages for the bank and all other customers of that ISP.

From the bank's perspective, which term best describes this attack strategy?

A rival company wants to take down a competitor's online store during a holiday sale. They execute a ransomware attack that encrypts all of the store's website files, replacing the homepage with a ransom note. This makes the site completely unusable.

Based on its effect on the online store's operations, this attack is best described as:

An office manager is responsible for decommissioning old computers. Following company policy, they attempt to wipe the hard drives before sending them to a recycler. However, the software they use fails silently, leaving all the sensitive company data intact on the drives.

Which term best classifies the manager's action that led to this potential data breach?

A hacker sits in a coffee shop and uses sniffing software to monitor all the unencrypted Wi-Fi traffic. They are able to capture login credentials and personal messages from other customers without interfering with anyone's connection.

The hacker's monitoring of traffic, without altering it, is an example of what kind of attack?

A disgruntled employee plans to steal their company's confidential client list before they quit. On their last day, they log into the company's CRM system, download the client list to a USB drive, and delete the original files from the server to cause chaos.

How is this incident best classified in terms of action and intent?

A user receives an email that appears to be from their bank, asking them to verify their account details due to a "security update." The user clicks the link, enters their username and password on a fake website, and the attacker immediately uses these credentials to access their real bank account.

How is this phishing attack best classified?

A software developer at a social media company accidentally leaves a private software key (API key) in a public code repository. A security researcher finds the key and reports it responsibly. However, if a malicious actor had found it, they could have used it to access user data.

The developer's act of exposing the API key is best described as:

An attacker intercepts a bank transfer between a user and an online merchant. They don't stop the transfer, but they cleverly alter the destination account number to their own account before the transaction is processed by the bank.

By altering the transaction data in transit, the attacker has performed which type of attack?

An intelligence agency wants to identify an anonymous dissident. They cannot break the encryption on the dissident's messages, but they can see who is communicating with whom. They analyze the communication patterns of known activists and discover one person who is consistently connected to all of them, thereby identifying their target.

This type of traffic analysis, where data content is not read but metadata is analyzed, is a form of: