Scribd
Upload
6 views

1 Lab - Visualizing the Black Hats

The document outlines a lab focused on analyzing cyber security incidents, detailing three hypothetical cyber attackers, their motives, methods, and potential mitigation strategies. It emphasizes the increasing prevalence of cybercrime, with significant financial impacts reported by the FBI. The scenarios include an independent hacker, a government-backed hacker, and a hacktivist, each targeting different vulnerabilities within organizations.

Uploaded by

Nina Arro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
6 views

1 Lab - Visualizing the Black Hats

The document outlines a lab focused on analyzing cyber security incidents, detailing three hypothetical cyber attackers, their motives, methods, and potential mitigation strategies. It emphasizes the increasing prevalence of cybercrime, with significant financial impacts reported by the FBI. The scenarios include an independent hacker, a government-backed hacker, and a hacktivist, each targeting different vulnerabilities within organizations.

Uploaded by

Nina Arro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Lab - Visualizing the Black Hats

Objectives
Research and analyze cyber security incidents.

Background / Scenario
The FBI has estimated that cybercrime cost individuals and companies over 3.5 billion dollars in 2019.
Governments, businesses, and individual users are increasingly the targets of cyberattacks and cybersecurity
incidents are becoming more common.
In this lab, you will create three hypothetical cyber attackers, each with an organization, an attack, a motive.
In addition, suggest a method by which an organization could prevent or mitigate the attack.
Note: You can use the web browser in the virtual machine that was installed in a previous lab to research
security issues. By using the virtual machine, you may prevent malware from being installed on your
computer.

Required Resources
 PC or mobile device with internet access and virtual machine (optional)

Instructions

Scenario 1:
a. Who is the attacker?
The hacker is a savvy independent cybercriminal who is adept at taking advantage of
corporate systems.
Type your answers here.

b. What organization or group is the attacker associated with, if any?


The attacker works alone but partners with a dark web marketplace to vend stolen data.
Type your answers here.

c. What is the motive of the attacker?


The reason behind it is to make money by stealing valuable corporate information that is
then sold on the dark web.
Type your answers here.

 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 4 www.netacad.com
Lab - Visualizing the Black Hats

d. What method of attack was used?


The assailant employed a phishing scheme to deceive a staff member into divulging their
login information. Using this information, the intruder was able to access the company's
internal systems without permission.
Type your answers here.

e. What was the target and vulnerability used against the business?
The focus was on the financial department of the company. The vulnerability that was taken
advantage of was the lack of the employee's knowledge about phishing attempts. The
intruder utilized the employee's credentials to breach financial records and extract data.
Type your answers here.

f. How could this attack be prevented or mitigated?


The company can minimize this attack by training employees to detect phishing,
implementing multi-factor authentication (MFA), and conducting regular security audits to
watch for suspicious behavior.
Type your answers here.

Scenario 2:
a. Who is the attacker?
A hacker supported by the government of a different country.
Type your answers here.

b. What organization/group is the attacker associated with?


The assailant is connected with an Advanced Persistent Threat (APT) faction backed by a
foreign nation.
Type your answers here.

 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 4 www.netacad.com
Lab - Visualizing the Black Hats

c. What is the motive of the attacker?


The goal is to take intellectual property and sensitive trade secrets from a top technology
company to further the economic and military objectives of the attacker's country.
Type your answers here.

d. What method of attack was used?


The attacker carried out a supply chain attack by infiltrating a third-party vendor's software
update, resulting in the installation of malware on the technology company's internal
network.
Type your answers here.

e. What was the target and vulnerability used against the business?
The aim was the research and development (R&D) department of the company. The
company's weakness was its inadequate security screening for third-party software vendors.
Type your answers here.

f. How could this attack be prevented or mitigated?


The attack could have been lessened by the company implementing tougher security
measures for third-party vendors, like zero-trust architecture, regular penetration testing,
and reviewing code for external software updates.
Type your answers here.

Scenario 3:
a. Who is the attacker?
A hacktivist is demonstrating against government surveillance.
Type your answers here.

 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 4 www.netacad.com
Lab - Visualizing the Black Hats

b. What organization/group is the attacker associated with?


The attacker belongs to a group of hacktivists who promote digital privacy and freedom
while remaining anonymous.
Type your answers here.

c. What is the motive of the attacker?


The reason is driven by ideology, with a focus on revealing government intrusion and
surveillance methods on its population.
Type your answers here.

d. What method of attack was used?


The approach used was a Distributed Denial of Service (DDoS) technique, which inundated
government servers with traffic, leading to downtime and disrupting their functioning.

Type your answers here.

e. What was the target and vulnerability used against the business?
The government website that was targeted is used for providing public services. The
website's vulnerability was due to its insufficient infrastructure for managing high volumes
of traffic, leaving it open to DDoS attacks.
Type your answers here.

f. How could this attack be prevented or mitigated?


In order to avoid an attack of this kind, the government might consider investing in DDoS
protection tools such as cloud-based traffic filtering and rate-limiting measures to guarantee
the resilience of their systems against sudden increases in traffic.
Type your answers here.

End of document

 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 4 www.netacad.com

You might also like