2.1

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/18

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

19 Terms

1
New cards

Nation-state

  • Definition: Government-backed groups targeting other nations for intelligence, disruption, or advantage.

  • Example: A country's cyber unit hacking another nation's critical infrastructure.

  • Methods: Advanced persistent threats, zero-day exploits, espionage, sabotage.

2
New cards

Unskilled attacker

  • Definition: Individuals with limited technical knowledge using available hacking tools (“script kiddies”).

  • Example: Teenagers running a password-cracking tool they downloaded.

  • Methods: Pre-made malware, basic phishing, brute-force attacks.

3
New cards

Hacktivist

  • Definition: Activists using hacking to promote political, social, or ideological causes.

  • Example: A group defacing government websites to protest policy.

  • Methods: Website defacement, DDoS attacks, information leaks.

4
New cards

Insider threat

  • Definition: Current or former employees or contractors who misuse access to harm an organization.

  • Example: A disgruntled employee stealing customer data before leaving.

  • Methods: Data theft, sabotage, privilege abuse.

5
New cards

Organized crime

  • Definition: Criminal groups that use cyberattacks for financial gain.

  • Example: A ransomware group targeting hospitals for payouts.

  • Methods: Ransomware, phishing, fraud, identity theft.

6
New cards

Shadow IT

  • Definition: Employees using unauthorized technology or software within an organization.

  • Example: Staff using unapproved file-sharing apps to transfer work documents.

  • Methods: Unapproved cloud apps, personal devices, unauthorized software installations.

7
New cards

Internal/External

  • Definition: Whether the threat comes from inside (employee) or outside (hacker) the organization.

  • Example: External—A hacker tries to breach the network; Internal—An employee leaks data.

  • Methods: Insider—privilege misuse, sabotage. Outsider—phishing, exploiting vulnerabilities

8
New cards

Resources/funding

  • Definition: The amount of money, tools, and training available to the attacker.

  • Example: Nation-states have more resources than unskilled attackers.

  • Methods: Sophisticated attacks require significant resources; simple attacks use basic methods.

9
New cards

sophistication/Capability

  • Definition: The skill level and technical expertise of the attacker.

  • Example: A script kiddie has low sophistication, while an APT group has high.

  • Methods: High sophistication—custom malware, zero-days. Low—common malware, simple emails.

10
New cards

Data exfiltration

(Motivation)

  • Definition: Stealing data from a network or system.

  • Example: Hackers extracting customer credit card information.

  • Methods: Phishing, malware, exploiting misconfigurations.

11
New cards

Espionage

(Motivation)

  • Definition: Spying to gather confidential or classified information.

  • Example: Nation-state actors stealing defense secrets.

  • Methods: Email phishing, social engineering, spyware.

12
New cards

Service disruption

(Motivation)

  • Definition: Interrupting or degrading normal system operations.

  • Example: Launching a DDoS attack to take down a website.

  • Methods: DDoS attacks, ransomware, disabling services.

13
New cards

Blackmail

(Motivation)

  • Definition: Forcing action by threatening to release damaging information.

  • Example: Ransomware gangs threatening to leak data unless paid.

  • Methods: Ransomware, sextortion, Doxxing.

14
New cards

Financial gain

(motivation)

  • Definition: Making money through cybercrime.

  • Example: Stealing and using credit card data for fraud.

  • Methods: Fraud, theft, ransomware, phishing.

15
New cards

Philosophical/political beliefs

(motivation)

  • Definition: Attacks motivated by ideology or moral views.

  • Example: Hacktivists attacking organizations they oppose.

  • Methods: DDoS, website defacement, leaking documents.

16
New cards

Ethical

Motivation:

  • Definition: Attacking systems to identify and fix vulnerabilities (with or without consent).

  • Example: White-hat hackers performing penetration testing.

  • Methods: Penetration testing, vulnerability scanning.

17
New cards

Revenge

(Motivation)

  • Definition: Retaliation for perceived wrongs.

  • Example: An ex-employee erasing company databases.

  • Methods: Data deletion, sabotage, leaks.

18
New cards

Disruption/chaos

  • Definition: Causing confusion or disorder without financial or ideological motive.

  • Example: Spreading malware just to watch systems fail.

  • Methods: Worms, viruses, random attacks.

19
New cards

War

  • Definition: National conflicts carried out through cyberattacks targeting an adversary’s infrastructure.

  • Example: State-sponsored attacks disabling power grids during conflict.

  • Methods: Advanced persistent threats, infrastructure sabotage.