2020 was a memorable year for many people due largely to the COVID-19 pandemic, which forced most everyone to stay at home. The year was also notable for the cybersecurity industry, as cybercriminals repeatedly exploited the situation by launching cyberattacks that caused fear and panic.
But what did you learn from those events? Take our short quiz to find out. Each question will take a look back at some of the most notable cybersecurity happenings of 2020, and see how well you can handle cyberthreats if you’re faced with one. This will give you a better grasp of how to protect your business from current and future cyberattacks.
1. To: [[email protected]]
From: [email protected]
Subject: Corona virus awareness
Dear Sir/Ma’am,
Centers for Disease Control & Prevention (CDC) is actively monitoring 2019 novel corona virus that has affect many continent worldwide. We are asking everyone who has been in China especially in Hubei provinc to quarantine for fourteen days and monitor themselves for symptom. Should any symptoms arise, kindlt contact your local health provider. This is important to reduce the disease’s transmisson to others.
In line with this, we also wish to provide every one with a document containing guidelines for staying safe during endemic.
Kindly download attached PDF.
SafetyMeasures.pdf.exe
Regards,
CDC COVID-19 Health Informaton
What do you do?
A. Download the file and open it
B. Ignore and delete the email
C. Reply to the email
Correct answer: B. Ignore and delete the email
This is a phishing email. As early as February 2020, cybercriminals have been taking advantage of the COVID-19 pandemic to launch phishing scams — that’s even before most US states implemented a stay-at-home order,
Not only is the above message riddled with grammatical errors, but the sender’s email address also spoofs the CDC’s official domain to make the email look authentic. What’s more, the attachment is an executable file disguised as a PDF file, which could install malware such as spyware, keyloggers, and ransomware if launched on the receiver’s computer.
COVID-19-themed phishing scams are still rampant online, so be vigilant about what you click. Inspect the contents of emails thoroughly, do not reply to emails, especially if they ask for confidential information, and refrain from downloading unsolicited attachments.
2. ___________ is a type of cyberattack wherein an individual or a group of uninvited users interrupt online meetings over video conferencing applications like Zoom.
A. Zoom attack
B. Zoomscare
C. Zoombombing
Correct answer: C. Zoombombing
Zoombombing became popular in 2020 as videoconferencing became an indispensable part of business and school operations. Zoombombers often share pornography and offensive images, or hurl racial slurs or profanity to gain a few cheap laughs at the participants’ expense.
Video conferences become vulnerable to Zoombombing when their URLs are shared on public platforms like social media. Attackers can also hijack meetings by googling URLs containing "Zoom.us" or by using trial and error to guess meeting IDs.
To prevent Zoombombing, Zoom is now requiring passwords before users can enter a conference call. It has also enabled waiting rooms by default so hosts can manually admit attendees and prohibit attackers from hijacking the video conference.
3. Multifactor authentication (MFA) is a security protocol that identifies users through two or more ways when they log in to a network. Which authentication factors are the least secure, according to Microsoft?
A. Physical keys
B. Fingerprint scan
C. SMS and voice
Correct answer: C. SMS and voice
Microsoft statistics show that users who enabled MFA blocked 99.9% of automated attacks against their Microsoft accounts. However, the software giant recommends staying away from SMS- and voice-based MFA.
This is because both platforms can be easily intercepted by attackers using software-defined radios and SS7 intercept services. What’s more, mobile phone numbers can be subject to SIM swap attacks, or a scheme where cyberattackers trick telecommunication networks to transfer another person's phone number to their SIM card, enabling them to access that person's one-time codes and online accounts.
In no way does this mean, however, that users should disable SMS- or voice-based MFA if these are their only available options. Disabling these authentication factors only makes them more vulnerable to cyberattacks.
4. __________ is a type of malware that encrypts files in a computer system and denies access to users unless the attackers are paid in cryptocurrency or gift cards. It was the most observed cyberthreat in 2020, according to corporate investigations and risk consulting firm Kroll.
A. Ransomware
B. Trojan horse
C. Spyware
Correct answer: A. Ransomware
Kroll’s data shows that ransomware attacks accounted for over one-third of all cybersecurity cases as of September 2020. While businesses of all sizes were affected by ransomware last year, the professional services, healthcare, and technology sectors got the brunt of the attacks.
Aside from encrypting files and demanding steep ransoms, cybercriminals are now also exfiltrating sensitive data and threatening to publish them on the dark web. This compels victims to pay the ransom, rather than simply ignoring the demand or restoring from a cloud or offline backup.
The best protection against ransomware attacks is awareness. Your employees are most vulnerable to ransomware attacks, so educate them on the subject by showing the devastating effects of ransomware on businesses. Also, make sure they refrain from visiting suspicious websites and downloading potentially malicious files.
5. In October 2020, Microsoft and the United States Cyber Command took down what botnet ahead of the US election?
A. Mirai
B. Trickbot
C. Qbot
Correct answer: B. Trickbot
Trickbot is a banking Trojan that steals sensitive information and acts as a dropper for other malware. The malware typically spreads via malicious spam campaigns, but it can also propagate through infected attachments and embedded URLs.
Microsoft says 94% of Trickbot's command and control servers were brought offline as a result of the takedown operation. But while the botnet survived the attacks, Microsoft pledged its continued crackdown against Trickbot in the future.
To protect against Trojans like Trickbot, keep all your programs and antivirus software updated. Never download or install software from untrustworthy sources, and do not open unsolicited emails.
6. In late 2020, hackers accessed a system that software company SolarWinds uses to build updates for its Orion product. They then inserted malicious code into a legitimate software update. What is this type of attack called?
A. Supply chain attack
B. Watering hole attack
C. Virus attack
Correct answer: A. Supply chain attack
With a supply chain attack, hackers rely on several government agencies and companies to install an update with the hidden malware. This has a higher success rate compared to a phishing attack.
According to Facebook cybersecurity chief Alex Stamos, the SolarWinds hack could make supply chain attacks more common. As such, avoid using unnecessary programs, monitor your cyber risk for third-party attacks, and use intrusion prevention/detection software to detect anomalies in your system and prevent future supply chain attacks.
How did you do?
4–6 correct answers: Well done! You’ve learned quite a lot from cybersecurity during the past year.
2–3 correct answers: You need to brush up on your cybersecurity knowledge.
0–1 correct answer: You need to do better when it comes to cybersecurity awareness.
Looking for the best cybersecurity partner for 2021? USWired has you covered. Our advanced threat protection services will adapt immediately to new threats to boost your business’s protection. What’s more, we will protect your data using firewalls, malware protection, intrusion prevention systems, and access policies. To learn more about our services, download our FREE cybersecurity eBook or contact us today.