Scribd
Upload
8 views

Lab 1.4

Uploaded by

mira.sach22
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Lab 1.4

Uploaded by

mira.sach22
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Lab – Visualizing the Black Hats

Objectives
Research and analyze cyber security incidents

Background / Scenario
In 2016, it was estimated that businesses lost $400 million dollars annually to cyber criminals. Governments,
businesses, and individual users are increasingly the targets of cyberattacks and cybersecurity incidents are
becoming more common.
In this lab, you will create three hypothetical cyber attackers, each with an organization, an attack, and a
method for an organization to prevent or mitigate the attack.
Note: You can use the web browser in virtual machine installed in a previous lab to research security issues.
By using the virtual machine, you may prevent malware from being installed on your computer.

Required Resources
• PC or mobile device with Internet access

Scenario 1
• a. Who is the attacker?
• A lone cybercriminal operating under the pseudonym "ShadowCloak."
• b. What organization/group is the attacker associated with?
• ShadowCloak is unaffiliated but operates in the dark web community to sell stolen data.
• c. What is the motive of the attacker?
• Financial gain by stealing customer payment card information and selling it on the dark web.
• d. What method of attack was used?
• Phishing emails were sent to employees of the target organization to steal login credentials.
• The attacker then used the stolen credentials to access the organization's point-of-sale (POS) system and
install malware.
• e. What was the target and vulnerability used against the business?
• Target: A retail company’s POS system.
• Vulnerability: Lack of multi-factor authentication (MFA) and insufficient employee training on identifying
phishing emails.
• f. How could this attack be prevented or mitigated?
• Implement MFA to protect critical systems.
• Conduct regular employee cybersecurity training to recognize phishing attempts.
• Regularly audit and monitor access to POS systems for anomalies.

Scenario 2
• a. Who is the attacker?

© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 2 www.netacad.com
Lab – Visualizing the Black Hats

• An advanced persistent threat (APT) group called "Silent Jackal."


• b. What organization/group is the attacker associated with?
• Silent Jackal is linked to a state-sponsored cyber unit suspected of operating out of Country X.
• c. What is the motive of the attacker?
• Espionage and intellectual property theft to gain a competitive advantage for Country X's industries.
• d. What method of attack was used?
• Use of spear-phishing emails containing malicious attachments to compromise employee accounts.
• Deployment of custom malware to exfiltrate sensitive files from the network.
• e. What was the target and vulnerability used against the business?
• Target: A biotech company developing a groundbreaking vaccine.
• Vulnerability: Unpatched software and inadequate network segmentation allowed lateral movement.
• f. How could this attack be prevented or mitigated?
• Patch all software and operating systems regularly.
• Use endpoint detection and response (EDR) tools to identify and stop suspicious activities.
• Enforce network segmentation to isolate sensitive systems.

Scenario 3
• a. Who is the attacker?
• A hacktivist group known as "GreenOps."
• b. What organization/group is the attacker associated with?
• GreenOps is a loosely organized group advocating for environmental protection.
• c. What is the motive of the attacker?
• To disrupt the operations of a mining company accused of environmental harm.
• d. What method of attack was used?
• A distributed denial-of-service (DDoS) attack targeting the company’s online customer portal.
• Public defacement of the company's website to share an environmental message.
• e. What was the target and vulnerability used against the business?
• Target: The company’s public-facing website and online portal.
• Vulnerability: Lack of DDoS protection and an outdated content management system.
• f. How could this attack be prevented or mitigated?
• Deploy a web application firewall (WAF) with built-in DDoS protection.
• Update and secure the content management system.
• Monitor for unusual traffic patterns and block suspicious IP addresses.

© Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 2 www.netacad.com

You might also like