10. Consider how an actor may carry out a cyber-attack (AC 2.7)

Answer:

Phishing Attack on a Healthcare Institution First step Reconnaissance: The attacker find an employee on LinkedIn and discovers they often handle patient records via email. Second step Weaponisation: The attacker creates a phishing email, containing malicious link disguised as a login page for their patient management system. Third step Delivery: The email is sent to multiple employees, urging them to quickly log in to resolve an "urgent patient care issue". Forth step Exploitation: An employee clicks the link, enters their credentials, unknowingly provides the attacker access to the system. Fifth step Installation: The attacker installs malware on the network to maintain access. Sixth step Command and Control: The malware communicates with the attacker's server, allowing them to browse the network. Final step Action on Objective: The Attacker exfiltrates (downloads) patient data and sells it on the dark web.