Cybersecurity and Cybercrime Lecture Review

Vocabulary flashcards covering the top 20 cyber attacks, financial cybercrime recruitment, victimisation studies, the NIST CSF 2.0 framework, and the professionalization of ransomware and digital authoritarianism.

DoS/DDoS

An attack that overwhelms a system with traffic to take it offline.

MITM (Man-in-the-Middle)

An attack where an intruder secretly intercepts communication between two parties.

Session Hijacking

The act of taking over an active session between a user and a server.

Eavesdropping

Passively or actively intercepting network traffic to steal credentials.

Phishing

Deceptive emails that trick users into revealing information or downloading malware.

Spear Phishing

A targeted form of phishing aimed at a specific individual.

Whale Phishing

A phishing attack that specifically targets high-level executives such as CEOs or C-suite members.

Ransomware

Malicious software that encrypts a victim's data and demands payment for its release.

Malware

A general category of malicious software designed to damage, spy on, or disrupt systems.

Trojan Horse

Malware that is disguised as a legitimate program.

Drive-by Attacks

Malicious code that auto-executes simply by visiting an infected website.

XSS (Cross-Site Scripting)

An attack that injects malicious scripts into web pages viewed by other users.

SQL Injection

The insertion of malicious database commands via a web form or login field.

URL Interpretation

The manipulation of URL structure to access unauthorized web pages.

DNS Spoofing

Redirecting users to fake websites by corrupting DNS records.

Insider Threats

Security risks posed by malicious or careless employees with system access.

Birthday Attack

An attack that exploits weaknesses in hash or signature algorithms.

Professional facilitators

Specialists like phishing kit developers and money laundering experts hired via online ads, mainly on Telegram.

Recruited facilitators

Individuals who perform simpler tasks like driving or card collecting, typically recruited through personal offline networks.

Money mules

Individuals whose bank accounts are used to hide stolen money, recruited both online and offline.

Revictimisation (Sarkki et al.)

A finding that prior victims were nearly $5 \times$ more likely to be victimised again within a year.

Govern (NIST CSF 2.0)

A core function that establishes and oversees cybersecurity strategy, policies, and roles, sitting at the center of the framework.

Identify (NIST CSF 2.0)

A core function focused on understanding assets, risks, and vulnerabilities.

Protect (NIST CSF 2.0)

A core function involving the implementation of safeguards such as access control, training, and data security.

Detect (NIST CSF 2.0)

A core function centered on continuous monitoring for anomalies and potential attacks.

Respond (NIST CSF 2.0)

A core function for managing and containing incidents when they occur.

Recover (NIST CSF 2.0)

A core function for restoring operations and communicating during and after incidents.

Tier 1 (Partial)

A maturity level in the NIST framework where cybersecurity is fully reactive and ad hoc.

Tier 4 (Adaptive)

A maturity level where cybersecurity is fully embedded in the culture with real-time monitoring and continuous improvement.

Initial access brokers

Specialists who hack into systems and sell that access to ransomware groups.

Double/Triple Extortion

Ransomware tactics where attackers threaten to leak stolen data or notify regulators in addition to data encryption.

Self-efficacy (PMT)

Confidence in one's ability to handle an attack, which may paradoxically reduce motivation to take further protective measures.

Digital Authoritarianism

The use of technologies like AI-powered surveillance, censorship, and social media manipulation to empower regimes and weaken democracy.

SIMCA (Social Identity Model of Collective Action)

A model used to explain hacktivism through moral violation, social identity, perceived injustice, and efficacy.

Residential proxies

Infrastructure used by cybercriminals to mask traffic by routing it through legitimate residential connections across multiple jurisdictions.

SIM farms

Industrialized hardware used by scammers for mass phishing operations.

IMSI catchers

Devices used to intercept mobile signals or downgrade them to $2\text{G}$ to facilitate fraud.

Agentic AI

Autonomous AI capable of executing complete cybercrime workflows, separating human orchestrators from operational risk.