Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 201

According to the September 2020 threat intelligence feeds, a new malware called Egregor was introduced and used in many attacks. Distribution of Egregor is primarily through a Cobalt Strike that has been installed on victim's workstations using RDP exploits. Malware exfiltrates the victim's data to a command and control server. The data is used to force victims pay or lose it by publicly releasing it. Which type of attack is described?

Answer options

• A. malware attack
• B. insider threat
• C. ransomware attack
• D. whale-phishing

Correct answer: C

Explanation

The correct answer is C, ransomware attack, as Egregor encrypts or locks data and demands payment to restore access. Option A, malware attack, is too broad and does not specify the coercive payment aspect. Option B, insider threat, does not apply since the attack is external. Option D, whale-phishing, refers to targeted phishing attempts, which does not match the described data exfiltration and ransom scenario.