Professional Documents
Culture Documents
Cyber Attack
Cyber Attack
Cyber Attack
QUESTION
1 a). Point out and explain at least five forms of cyber-attack criminals and
terrorists normally use to cripple organizations, nations, and companies.
Phishing Attacks:
Phishing is a form of cyber attack where attackers impersonate legitimate entities, such
as banks, government agencies, or trusted organizations, to trick individuals into
divulging sensitive information like passwords, credit card details, or personal data.
Attackers typically use deceptive emails, messages, or websites to lure victims into
providing their confidential information, which can then be used for identity theft,
financial fraud, or unauthorized access to systems.
Ransomware Attacks:
Ransomware is a type of malicious software that encrypts a victim's files or locks their
computer system, making them inaccessible until a ransom is paid. Attackers deploy
ransomware through infected email attachments, malicious links, or vulnerabilities in
software. Once the victim's system is compromised, the attacker demands a ransom in
exchange for providing the decryption key or restoring access. Ransomware attacks can
cause significant disruption, financial losses, and data breaches.
DDoS attacks involve overwhelming a target's network or website with a flood of traffic,
rendering it unable to function properly. Attackers achieve this by deploying a network
of compromised computers, known as a botnet, to generate a massive volume of
requests or data packets. DDoS attacks can disrupt online services, cause website
downtime, and impact the availability of critical systems, leading to financial losses and
reputational damage.
APTs are long-term, sophisticated cyber attacks orchestrated by skilled hackers or state-
sponsored groups to gain unauthorized access to sensitive information. APTs involve
multiple stages, including reconnaissance, initial compromise, establishing persistence,
lateral movement, and exfiltration of data. Attackers employ various techniques, such
as social engineering, zero-day exploits, and custom malware, to infiltrate networks,
gather intelligence, and maintain long-term access for espionage, intellectual property
theft, or sabotage.
Insider Threats:
Insider threats involve individuals within an organization who misuse their authorized
access to systems, data, or networks for malicious purposes. This can include
employees, contractors, or partners who intentionally or unintentionally compromise
security. Insider threats can involve theft of sensitive information, sabotage, fraud, or
unauthorized access. Attackers may exploit their insider position to bypass security
controls, escalate privileges, or exfiltrate data without raising suspicion.
b). During its lifetime, a typical virus goes through the following four phases.
Explain them below. i. Dormant phase ii. Propagation phase iii. Triggering
phase iv. Execution phase
A typical computer virus goes through the following four phases during its
lifetime:
i. Dormant Phase:
In the dormant phase, the virus remains inactive and does not exhibit any malicious
behavior. It may be present on a computer system or within a file, but it lies dormant
and does not cause any harm. During this phase, the virus may be lying dormant in an
infected file or waiting for specific conditions or triggers to become active.
In the propagation phase, the virus starts to spread and infect other files, systems, or
networks. It seeks opportunities to replicate and spread its malicious code to other
susceptible targets. This can occur through various means, such as email attachments,
infected websites, removable storage devices, network connections, or software
vulnerabilities. The virus may use different techniques to propagate, including self-
replication, exploiting security weaknesses, or social engineering to deceive users into
executing infected files.
The triggering phase is when the virus is activated or triggered to execute its malicious
payload. The trigger can be a specific date and time, a particular event, user action, or
a predetermined condition within the infected system. Once triggered, the virus moves
from its dormant state to an active state, preparing to execute its intended malicious
activities.
In the execution phase, the virus performs its intended malicious actions. This can vary
depending on the specific characteristics and objectives of the virus. It may involve
activities such as deleting or modifying files, stealing sensitive information, disrupting
system functionality, launching other malware components, or establishing
unauthorized access to the infected system. The execution phase is where the virus
directly impacts the targeted system or network, causing damage, compromising
security, or achieving its malicious goals.
2a). With examples discuss the relevancy of the theories of Cyber security
and National security at large.
The theories of cybersecurity and national security are highly relevant in today's
interconnected world, where cyber threats pose significant risks to the security and
stability of nations. Let's discuss some examples to highlight their relevance:
In the digital age, information warfare and influence operations have become critical
aspects of national security. Theories of cybersecurity and national security highlight
the need for protecting information integrity, countering disinformation campaigns, and
ensuring the resilience of democratic processes. Cybersecurity measures, including
securing communication networks, protecting critical information systems, and
promoting media literacy, play a vital role in mitigating the impact of information
warfare and safeguarding national security interests.
b). Point out and discuss the major ways through which National security
complements Cyber security in their day-to-day operations.
National security and cybersecurity complement each other in several ways in their day-
to-day operations. Here are some major ways in which they intersect and support each
other:
Conclusion