[go: up one dir, main page]
Scribd
Upload
369 views5 pages

06 Task Performance 1 Computer Network and Security - RMZS

Uploaded by

renzsantos0825
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
369 views5 pages

06 Task Performance 1 Computer Network and Security - RMZS

Uploaded by

renzsantos0825
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Santos, Renz Marie Z.

Computer Network & Security

BE4101 - BSCpE 06 Task Performance 1

Part I

1. Select five (5) malware from the following: Spyware, Adware, Rootkit, Ransomeware, Worm,
Trojan Horse, or Backdoor
2. Search two (2) examples for each of the five malware you have selected. Add a short description
for each. Cite your reference. (5 points per example)

Spyware

• FinFisher
→ FinFisher, also known as FinSpy, is a sophisticated spyware suite that has been used
worldwide, including potential instances in the Philippines. It is designed to infiltrate
target systems, capture screenshots, record keystrokes, and monitor various
activities on the infected device. FinFisher is often associated with targeted
surveillance operations conducted by government agencies.
→ Retrieved from https://acg.pnp.gov.ph/main/about-us/2-uncategorised/237-acg-
cyber-security-bulletin-no-109-understanding-finfisher-spyware
• FlexiSPY
→ FlexiSPY is a commercial spyware application that can be installed on mobile devices,
including smartphones. While it is marketed as a tool for parental control and
employee monitoring, its capabilities extend to spying on text messages, call logs, GPS
locations, and even ambient audio through the device's microphone.
→ Retrieved from
https://www.forbes.com/sites/thomasbrewster/2017/02/22/flexispy-malware-spy-
on-spouse-illegal-wiretap-act-offences/?sh=1520daaa5c75

Adware

• Gator
→ Gator is a sort of adware or software that automatically displays or downloads
advertisements onto a user's computer. Because of how difficult it was to uninstall,
Gator was one of the first and most disputed open-source adware programs. Gator
Corporation, which subsequently changed its name to Claria Corporation, created the
program.
→ Retrieved from https://investopedia.com/terms/g/gator.asp
• CoolWebSearch
→ This malware would reroute your browser to other websites, which were frequently
filled with ads or even hazardous software.
→ Retrieved from https://www.telework.ro/en/coolwebsearch/

Rootkit

• ZeroAccess
→ ZeroAccess rootkit infects a computer silently, turns the system into a bot and exploits
the infected computer for malicious purposes. It can corrupt devices like TV, printers,
mobiles, tablet, and more.
→ Retrieved from https://www.thesecuritybuddy.com/preventing-rootkits/what-is-
zeroaccess-rootkit/
• Alureon
→ Alureon is a rootkit created especially to eavesdrop on network traffic and retrieve
private and sensitive data, giving the attacker access to data being transferred across
a network connection.
→ Retrieved from https://www.techopedia.com/definition/29811/alureon

Ransomeware

• Luna
→ Luna is a rust-based malware that can execute on Windows, Linux, and ESXi, has been
uncovered. It is developed in the rust programming language, which enables simple
cross-platform compatibility and avoidance of static analysis.
→ Retrieved from https://acg.pnp.gov.ph/main/cyber-security-bulletin/531-acg-cyber-
security-bulletin-nr-284-understanding-the-risk-of-luna-ransomware.html
• CryptoLocker
→ CryptoLocker is a prominent ransomware variant that emerged in 2013. It typically
spread through email attachments and encrypted files on the victim's computer. The
attackers then demanded payment in cryptocurrency, such as Bitcoin, in exchange for
the decryption key.
→ Retrieved from https://www.avast.com/c-
cryptolocker#:~:text=CryptoLocker%20ransomware%20is%20a%20type,May%20of%
20the%20following%20year.
Worm

• ILOVEYOU
→ The extremely dangerous ILOVEYOU worm, also known as the Love Bug Worm and
the VBS/Loveletter, spread like wildfire in 2000 due to its ability to access email
addresses found in a user's Outlook contact list and send itself infinitely across the
worldwide web while overwriting a victim's files.
→ Retrieved from https://www.secpoint.com/top-10-worms.html
• MSBlast
→ This 2003 virus was able to continue the early 2000s history of worm-related
disruption by exploiting a vulnerability disclosed by Microsoft in July of that year. It
had a message addressed to Bill Gates that stated, "Stop making money and fix your
software," and it was able to infect 7,000 PCs within hours of its detection.
→ Retrieved from https://www.secpoint.com/top-10-worms.html
Part II

1. Search for an article regarding a cybersecurity attack using malware. The article should be
published within the last 5 years by a credible source.
2. Answer the following items based on the article you found.
a. What is the title of the article? (3 points)

PhilHealth: Workstations hit in ransomware attack, but member data unaffected

b. Who wrote the article? (3 points)

Gaea Katreena Cabico

c. When was the article published? (2 points)

October 2, 2023 | 4:55 pm

d. Give the link where you found the article. (2 points)

https://www.philstar.com/headlines/2023/10/02/2300679/philhealth-workstations-hit-ransomware-
attack-member-data-unaffected

e. Is it possible to prevent this kind of attack? How? (Essay: 15 points)

Preventing ransomware attacks involves a combination of technical measures, user awareness, and
proactive cybersecurity practices. One critical aspect is keeping software and systems up to date, including
applying security patches promptly. Implementing robust cybersecurity solutions, such as firewalls,
intrusion detection systems, and antivirus software, can help detect and block ransomware. Regularly
backing up data is essential to ensure that, in the event of an attack, data can be restored without paying
the ransom. Additionally, educating employees about phishing emails and other social engineering tactics
helps prevent initial infection vectors.

f. How extensive was the impact of the attack to the environment where it happened? (Essay:
15 points)

The impact of the ransomware attack on PhilHealth appears to be limited. While the attack affected
application servers and workstations, crucial member data, including the membership database, claims,
contribution, and accreditation information, remained unaffected. The quick restoration of the website,
member portal, and e-claims submissions indicates a relatively swift response to mitigate the impact. The
article does not provide details on any disruptions to services or the scale of data loss, suggesting that the
impact was contained.

g. How did the person/company, who was attacked, cope with the consequences and effects of
the incident? (Essay: 15 points)
PhilHealth took several measures to cope with the consequences of the ransomware attack. The first
crucial step was to isolate the affected systems, ensuring that the ransomware did not spread to other
parts of the network. The company also communicated transparently with the public, assuring them that
the attack did not compromise sensitive member data. Restoration efforts were successful, as evidenced
by the functioning of the website, member portal, and e-claims submissions. Moreover, PhilHealth
expressed a commitment to strengthening its incident response plan, improving defenses, staying
updated on threats, and adapting security measures to prevent future incidents. This proactive approach
indicates a responsible and forward-thinking response to the cyber threat.

You might also like