Name that threat
According to the National Institute of Standards and Technology (NIST) this is any hardware, firmware or software that is intentionally included or inserted in a system for a harmful purpose
What is Malware?
Predictive measures, including backup procedures, are helpful when dealing with ransomware attacks T/F?
True
The single unified source of expert advice, guidance services and support on cybersecurity for the Canadian government, critical infrastructure owner and operators, the private sector and the Canadian public
What is the Canadian Centre for Cyber Security?
Valdez hackers wanted four of this well known cryptocurrency
What is BitCoin?
What are some severe potential damages to a company/business of not paying ransom?
Loss of Life, Property Damage, Reputation, Confidential Information, Financial Costs, Existence
According to the Canadian Centre for Cybersecurity (2022), this is a type of malware used by cybercriminals, often with links to organized crime, that uses encryption or exfiltration to prevent an individual or an organization from accessing their own information and digital assets and then hold that data hostage for material benefit
What is Ransomware?
Something that requires at least two items of authentication to log in to a service such as something you know and something you have (like a password and a SMS token)
What is Multi-Factor (or Two-factor) Authentication?
How does Canada respond to cyber threats on an international scale?
The Government of Canada (GAC) has made partnerships with States to hold attackers accountable (Canada, 2023). GAC works with partners to continually evaluate and respond to identify threats accurately (Canada, 2023). Canada will attribute malicious cyber activities to the hostile states that perpetuate them and hold them accountable under international law and agreed-on norms of State of behaviour in cyberspace(Canada, 2023).
True or False: hackers used the same key to encrypt and decrypt the files in the Hermes ransomware attack?
True
In 2020, ransomware attacks were responsible for this percentage of healthcare data breaches
50%
This virus named after a famous pre-historic city is a type of virus that spreads other malware and often is not as it first appears.
What is a Trojan virus?
Do you value the information being used against you? How much do you trust the cybercriminals to return your data? How much money do you have? How often do you rely on safe data storage? Do the files contain valuable private information? How likely is it that these files can be recovered by forensic experts and financial analysts?
What are some factor an individual should consider before making a ransom payment due to a ransomware attack?
A National Police Service stewarded within the RCMP that coordinates and deconflicts cybercrime investigations across all levels of policing to enable efficient law enforcement activities of national and internation police partners as they relate to cybercrime.
What is the RCMP'S National Cyber Crime Coordination Unit (NC3)?
A form of social engineering by which an email impersonator tricks an individual into clicking into or downloading malware
phishing
What are some of the first steps to investigate a ransomware attack?
Determine the scope and extent of the attack. Engage an external forensic team to investigate the root cause and extent of the attack. Determine if there has been a data breach and if ransomware attackers can access private or confidential information (Lasrado & Li, 2021).
A group of computers which have been infected by malware and have come under the control of a malicious actor
What is a Botnet?
Something to do after receiving an email attachment if you have to open an attachment before you can verify the source according to CISA
What is saving and scanning the attachment?
What is the IIROC and what do they do?
Investment Industry Regulatory Organization of Canada (IIROC) works with Canadian law enforcement agencies, government and private sectors to coordinate cybercrime investigations in Canada (Lasrado & Li, 2021).
A form of attack that utilizes psychological manipulation to trick an individual into a specific action for illegitimate reasons and often are incorporated into other cyberthreats such as phishing, malware distribution and ransomware
social engineering
What is the Zero Trust security model?
The Zero Trust security model requires all users and devices to authenticate themselves every time they connect to your network, making sure everything within is safe and secure
What is the name of the virus used in the Valdez ransomware attack that infected 27 servers and 107 government computers?
Hermes
A rule that posits that one should have 3 copies of data, 2 on site on different devices and 2 offsite, one in the cloud and one in a remote location?
In the Valdez Alaska, the city consulted with these two groups before reaching out to a third party security consultant to explore possible alternatives before paying the ransom
Who are the local police and their cybersecurity insurance provider?
The first stage of ransomware where the system becomes compromised
What is infection?