Happy Halloween! Do you know what’s scarier than ghosts or goblins? Hackers and malware, that’s what. Halloween, it just so happens, is also the last day of Cybersecurity Awareness Month. (Do your part. #BeCyberSmart)
So here’s a Halloween treat from all of us at Certification Magazine: a spooky cybersecurity quiz about cyber attacks and other digitally destructive distractions — many of which were in the news earlier this year. Be safe knocking on doors to get candy tonight, and be safe online! Don’t fall for someone else’s Halloween trick!
1) What malicious software did credulous moviegoers unleash this summer after assuming that they were getting free tickets to see Barbie?
2) What is the handle used by the hacker who recently claimed to have breached the network of DNA testing firm 23andMe and stolen millions of genetic profiles?
3) How many AT&T customers were affected by a data breach disclosed by the telecom titan in March?
4) Which computer expert helped launch and produce the CBS cybersecurity TV series Scorpion to popularize his real-life IT firm?
5) Which government agency in the United Kingdom posted a formal notification to citizens on Aug. 8 that names and addresses of U.K. citizens stored in its database had been exposed to cyber attackers from August 2021 until October 2022?
6) What do Locky, Goliath, Shark, Stampado, Encryptor, and Jokeroo have in common?
7) Which public university in the midwestern United States reported in September that hackers had potentially stolen full names, addresses, birthdates and Social Security numbers, driver’s license or passport information, and other demographic information connected to as many as 7 million different individuals?
8) Which social media giant suffered a breach reported in January that exposed the e-mail addresses of more than 200 million users?
9) How long would it take a computer to crack the password "MyPasswordIs12345"?
10) Which U.S. president announced a national cybersecurity strategy for the United States in March?
ANSWERS
1) Redline Stealer. Opportunistic hackers surfed the wave of enthusiasm around director Greta Gerwig's bubbly blonde blockbuster by attaching a malware used to pilfer personal information to e-mails promising free movie tickets or downloads.
2) Golem. Not Gollum, the twitchy secondary antagonist of The Hobbit and The Lord of the Rings. A "golem" is a mythical monster created from clay or mud and animated by a mischievous spirit.
3) 9 million. That's comparative chump change when viewed alongside attacks on AT&T in 2022 and 2021 that are believed to have affected, respectively, 23 million and 70 million customers. AT&T denied those reports. It acknowledged this year's incident but blamed the actual hack on one of its vendors.
4) Walter O'Brien. O'Brien, the founder and CEO of Scorpion Computer Services, claims that he hacked into the network of the U.S. National Aeronautics and Space Administration (NASA) at age 13.
5) The Electoral Commission. Commission officials said that a limited amount of personally identifiable information (PII) connected to anyone who was registered to vote in the United Kingdom between 2014 and 2022 was potentially compromised in the attack.
6) They are all ransomware tools commonly offered for sale under the Ransomware as a Service (RaaS) model. Some RaaS kits leased by operators to affiliates include round-the-clock tech support.
7) University of Minnesota. University officials believe that a bad actor gained unauthorized access to a university database in 2021. A federla class-action lawsuit against the university is pending.
8) Twitter (also known as X) . The stolen addresses were reportedly posted to an online hacking forum. Twitter officials did not comment on the breach.
9) 2 trillion years. According to the password strength tool at Security.org, it would only take only 200 million years if there were no capital letters.
10) President Joseph Biden. We had to give you at least one gimme, right? Further details of Biden's approach are available here.
Important Update: We have updated our Privacy Policy to comply with the California Consumer Privacy Act (CCPA)