Scribd
Upload
147 views3 pages

Cybersecurity Fundamentals TP

1) The article discusses a ransomware attack targeting Norsk Hydro in 2019 that disrupted the company's IT systems. Europol arrested 12 individuals connected to over 1,800 ransomware victims in 71 countries, including the Norsk Hydro attack. 2) Norsk Hydro refused to pay the ransom demand, costing the company an estimated $70 million in losses. However, they were praised for their transparency about the incident with customers and the public. 3) The company coped by operating without computer systems for several weeks. The arrested suspects are considered high value targets as they are being investigated for multiple high profile ransomware cases.

Uploaded by

Ariel Guerra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
147 views3 pages

Cybersecurity Fundamentals TP

1) The article discusses a ransomware attack targeting Norsk Hydro in 2019 that disrupted the company's IT systems. Europol arrested 12 individuals connected to over 1,800 ransomware victims in 71 countries, including the Norsk Hydro attack. 2) Norsk Hydro refused to pay the ransom demand, costing the company an estimated $70 million in losses. However, they were praised for their transparency about the incident with customers and the public. 3) The company coped by operating without computer systems for several weeks. The arrested suspects are considered high value targets as they are being investigated for multiple high profile ransomware cases.

Uploaded by

Ariel Guerra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

06 Task Performance

1. Select five (5) malware from the following: Spyware, Adware, Rootkit,
Ransomeware, Worm, Trojan Horse, or Backdoor

2. Search two (2) examples for each of the five malware you have selected. Add a short
description for each. Cite your reference. (5 points per example)

Part I
1. SPYWARE

• GO Keyboard is a virtual Android keyboard software that sends personal data to


distant servers without the users' permission.
• Zwangi search bar, it collects screenshots without authorization and redirects
URLs put into the browser's address bar to a search page at www.zwangi.com
2. WORM
• Daprosy worm replaces directories with.EXE files, includes a keylogger, and is a
sluggish bulk mailer.
• Code Red II a virus that exploited Microsoft Internet Information Server
security holes.

3. TROJAN
• Ghost rat is a cyber computer software that the Ghost net operators used to
break into various sensitive computer networks using a Trojan horse for the
Windows platform it alludes to the software's capacity to function as a "Remote
Administration Tool."

• Twelve Tricks the Trojan randomly changes one random word in any of the first
sixteen sectors of the FAT, leading to a gradual corruption of the file system.

4. ROOTKITS
• firmware rootkit creates a permanent malware image in hardware, such as a
router, network card,hard disk, or the system BIOS, by using device or platform
firmware.
• Bootkit can infect startup code like the Master Boot Record , Volume Boot Record
or boot sector, and in this way can be used to attack full disk encryption systems

5. RANSOMWARE
• Ransomware targeting mobile operating systems has grown in popularity as
ransomware targeting PC platforms. Mobile ransomware payloads are often
blockers, as there is little motivation to encrypt data when it can be retrieved
simply via internet synchronization.
• Reveton its payload displays a warning purportedly from a law enforcement
agency claiming that the computer has been used for illegal activities, such as
downloading unlicensed software or child pornography.

Part II
1. Search for an article regarding a cybersecurity attack using malware. The article should
be published between 2016 and 2020, by a credible source.
2. Answer the following items based on the article you found.

a. What is the title of the article? (3 points)


b. Who wrote the article? (3 points)
c. When was the article published? (2 points)
d. Give the link where you found the article. (2 points)
e. Is it possible to prevent this kind of attack? How? (Essay: 15 points)
f. How extensive was the impact of the attack to the environment where it
happened? (Essay: 15 points)
g. How did the person/company, who was attacked, cope with the consequences
and effects of the incident? (Essay: 15 points)

PART II ANSWER

TITLE: Ransomware cybercriminals linked to Norsk Hydro attack fall prey to Europol swoop

Adam Bannister 01 November 2020

https://portswigger.net/daily-swig/ransomware-cybercriminals-linked-to-norsk-hydroattack-fall-prey-to-
europol-swoop

Is it possible to prevent this kind of attack? How?


• Scan all emails for known malware strains and keep firewalls and endpoint protections
up to date with the latest known malware signatures.
• Notify users of out of network emails
• Provide VPNs for users to use outside of the network
• keep current backups of your important data. The best and fastest way to thwart
ransomware is by a quick re-image of the disk, and then a data restore from the last
good backup

How extensive was the impact of the attack to the environment where it happened?

• According to the European Union's law enforcement agency, 12 persons have been
targeted in connection with a professional, well-organized cybercrime that targeted over
1,800 victims in 71 countries. This includes a ransomware assault that disrupted the IT
systems of Norwegian industrial behemoth Norsk Hydro in 2019, according to
Norwegian authorities. Norsk Hydro was highly applauded for refusing to give in to the
hackers' demands, as well as its honesty in revealing the assault to its customers and the
general public, despite the event costing the firm an estimated $70 million in losses.

How did the person or company, who was attacked, cope with the consequences and effects
of the incident?

• The aluminum and renewable energy provider refused to pay the ransom despite having
to operate without computer systems for several weeks. But it was reported into the
high authority and most of these suspects are considered high value targets because
they are being investigated in multiple high profile cases in different jurisdictions, said
Europol article.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy