Scribd
Upload
30 views7 pages

Modern Security Threats Overview

Computer fraud and misuse notes

Uploaded by

jokeranonymous1010
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
30 views7 pages

Modern Security Threats Overview

Computer fraud and misuse notes

Uploaded by

jokeranonymous1010
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

MOUNT KENYA UNIVERSITY

UNIT:COMPUTER SECURITY AND FRAUD MISSUE.

NAMES

BCSM/2022/71406. LEMAYIAN KAIKAI

BCSM/2022/52963. JEPHA TRIZER OKECH.

BCSM/2022/51741. GRANTON OCHIENG.

BCSM/2022/70077.HUSSIEN DOYO

BCSM/2022/70260. ANTHONY JUMA

BCSM/2024/37143. IBRAHIM JAMA.


TASK.

Here's a detailed outline to help you craft your report on two major security threats from the last
decade. I'll cover the key points, including examples, vulnerabilities, impacts, motives, and methods. You
can expand on each section as needed to meet your word count requirement.

TITLE:

MODERN SECURITY THREATS IN THE 21 ST CENTURY.

Threat 1: Ransomware Attacks

1. Type of Attack

Ransomware attacks involve malicious software that encrypts the victim's data, rendering it inaccessible.
The attacker then demands a ransom, typically in cryptocurrency, for the decryption key.

2. Vulnerability Exploited

Ransomware often exploits vulnerabilities in software and systems, particularly:

 Phishing Emails: Attackers send emails with malicious attachments or links that users unwittingly
click on.
 Unpatched Software: Systems that have not been updated are more susceptible to exploitation.

3. Impact on Affected Systems or Organizations

 Operational Disruption: Organizations can face significant downtime as they attempt to recover
data.
 Financial Loss: Costs associated with the ransom itself, recovery efforts, and lost productivity can
be substantial.
 Reputation Damage: Trust with customers and partners can be severely impacted.

4. Motives Behind the Attack

The primary motive behind ransomware attacks is financial gain. Attackers aim to maximize their profit
by targeting organizations that are likely to pay the ransom to restore access to critical data.

5. Method or Technique Used by Attackers

Attackers often utilize sophisticated methods, such as:

 Spear Phishing: Targeting specific individuals within an organization with tailored messages.
 Exploitation of Remote Desktop Protocol (RDP): Gaining access to systems through weak or
stolen credentials.

6. Flow of the Attack

 Step 1: User receives a phishing email.


 Step 2: User clicks on a malicious link or attachment.
 Step 3: Ransomware is downloaded and executes, encrypting files.
 Step 4: Ransom note appears, demanding payment.

Threat 2: Data Breaches

1. Type of Attack

Data breaches involve unauthorized access to confidential data, leading to the exposure of sensitive
information, such as personal identification, credit card details, or corporate data.
2. Vulnerability Exploited

Data breaches exploit several vulnerabilities, including:

 Weak Passwords: Many breaches occur due to easily guessable or reused passwords.
 Insufficient Network Security: Inadequate firewalls and intrusion detection systems can allow
attackers to gain access.

3. Impact on Affected Systems or Organizations

 Data Loss: Exposure of sensitive information can lead to identity theft and fraud.
 Regulatory Consequences: Organizations may face fines and legal actions due to non-
compliance with data protection laws (e.g., GDPR).
 Loss of Customer Trust: Breaches can damage customer relationships and brand reputation.

4. Motives Behind the Attack

Motives for data breaches can include:

 Financial Gain: Selling stolen data on the dark web.


 Corporate Espionage: Competing companies may seek to gain insights into proprietary
information.

5.Methods or Technique used by the Attackers.

Common techniques used in data breaches include:

 SQL Injection: Attackers exploit vulnerabilities in web applications to access databases.


 Credential Stuffing: Utilizing stolen username and password combinations from previous
breaches to gain access.

6. Flow of the Attack

 Step 1: Attacker identifies a vulnerable web application.


 Step 2: SQL injection or credential stuffing is used to gain access.
 Step 3: Sensitive data is extracted from the system.
 Step 4: Data is either sold or used for malicious purposes.
Conclusion

Both ransomware attacks and data breaches are significant threats that exploit common vulnerabilities
in modern organizations. Understanding these threats is crucial for implementing effective security
measures to protect sensitive information and maintain operational integrity.

Diagrams and flowchart

You might also like