Cybersecurity Trends (Week 3 SDL)

What is the estimated annual cost of cybercrime by 2025?

$10.5 trillion (Page 11)

What are the three key characteristics of cyberspace?

Borderless, Ubiquitous, Lawless (Page 4)

What percentage of data breaches involve weak, default, or stolen passwords?

63% (Page 17)

What was the consequence of CrowdStrike's antivirus update in Singapore?

IT crash affecting airlines and banks (Page 5)

Name two cyber defense commands established by SAF.

Defence Cyber Command (DCCOM) and SAF C4 & Digitalisation Command (SAFC4DC) (Page 5)

What type of cyber attack targeted the 2016 US presidential election?

Subversion (Page 14)

What encryption standard is used in GoldenEye ransomware?

Military-grade (implied to be AES) (Page 18)

What was the average ransom demand in 2024?

$2.73 million (Page 21)

How long is the average downtime after a ransomware attack?

24 days (Page 21)

What caused Sweden's Transport Agency data leak?

Misconfigured cloud systems (Page 16)

What percentage of organizations recover encrypted data after paying ransoms?

97% (Page 21)

How many records were exposed in the Capital One breach?

100 million credit card applications/accounts (Page 8)

What type of data did Wells Fargo accidentally leak?

Wealthy clients' financial records (Page 15)

Which IoT device was hacked to act as a covert microphone?

Amazon Echo (Page 23)

How are ransomware decryption keys typically delivered?

Via Darknet/Tor pages (Page 18)

What was the true goal of the NotPetya attack?

Destruction, not profit (disguised as ransomware) (Page 19)

Which Singaporean institution leaked 4,000 personal records in 2013?

Singapore Art Museum (SAM) (Page 16)

What accidental data exposure occurred at Wells Fargo in 2017?

Wealthy client data in an Excel spreadsheet (Page 15)

What enables hackers to remotely access connected cars?

Software vulnerabilities in vehicle systems (Page 25)

What is a major risk of ungoverned cyberspace?

Lawlessness and unchecked threats (Page 6)

What attack method uses targeted phishing emails?

Subversion (e.g., DNC hack) (Page 14)

Which cloud provider misconfiguration caused the Dow Jones leak?

Amazon Web Services (AWS) (Page 16)

What tactic breached the DNC's emails in 2016?

Spear-phishing (Page 14)

What was the reported increase in ransomware attacks?

36% (Page 20)

Which device's flaws allowed home security systems to be disabled remotely?

IoT-connected burglar alarms (Page 23)