CSCUK

Well done for playing week 2 of the Spring Cyber Challenge, brought to you by NCA Cyber Choices.

How did you do? Check your answers here.

Remember, lucky prize winners will be contacted by email, so keep an eye on your inbox! Now, time to take on week 3…

1. Which industry suffers from the Trickbot Trojan?

Answer: A. Banking

Banking is a major target for hackers.  In 2016 Trickbot Trojan targeted Windows machines used by banks to harvest credentials, and emails as well as launch webinjects.

2. According to the NCSC.gov.uk website which IT systems platform was compromised in 2020 ?

Answer: B. SolarWindsOrion

MarsBright, EuropaDrift, BigDipper2021 – great names but all of these are made up! The SolarWinds hack was noteworthy it was the hack of a US security company IT resources management system,  which spread the malicious code to its clients through its regular software updates

3. Which botnet taken down by worldwide law enforcement agencies in January 2021?

Answer: D. Emotet 

All the others were found in 2008 – Grum was a pharmaceutical spammer, Kraken targeted Fortune 500 companies, and Asprox performed SQL injections into vulnerable websites.

4. What does the ‘BEC’ stand for in BEC hacking?

Answer: A. Business Email Compromise 

Similar to whaling or spear phishing, this is directed at the emails of those in business who have access to the money. Email can be compromised by phishing, keylogging, or spoofing. All the rest were made up, though there’s probably someone somewhere thinking I’m sure I’ve seen that term somewhere!

5. What is OWASP

Answer: A. An online community producing free materials on web application security

Power to the people!  A not for profit foundation OWASP brings together a wide community  drawn from technologist and developers to work on improving software security.

6. Which of the following is not an offence under the Computer Misuse Act?

Answer: C. Downloading a TOR browser

Come on – all the others were obviously criminal behaviour!  A TOR browser can be used for good or evil because it allows anonymous access to the internet but it is not a wicked thing until it gets into the hands of the bad guys.

7. According to the Computer Misuse Act 1990, what is the maximum sentence for conducting a Distributed Denial of Service (DDoS) attack?

Answer: A. 10 years

8 How much pocket money does the subject get in the film ‘Teenage Cybercrime’ hosted on www.cyberchoices.uk?

Answer: C. £10 per week

Let’s hope he did some chores around the house to earn it.

Speech bubbles with link to cyberchoices.uk