Reply To: OCU ISSO D Week 05 Lesson 17 Discussion

Marcena Davis

One example of a cybersecurity crime is a ransomware attack. Ransomware is a type of malicious software that is designed to encrypt the victim’s data and demand payment in exchange for the decryption key.

In this hypothetical scenario, a small accounting firm was hit by a ransomware attack. The attack occurred on a weekend when the office was closed, and the attacker gained access to the firm’s network through a phishing email that was sent to an employee’s personal email account. The email appeared to be from a legitimate source, and the employee clicked on a link that downloaded the ransomware onto the firm’s network.

Means: The attacker used a phishing email to gain access to the firm’s network. Phishing is a common means of attack that relies on social engineering tactics to trick victims into divulging sensitive information or downloading malicious software.

Opportunity: The attack occurred on a weekend when the office was closed, providing the attacker with a window of opportunity to gain access to the network without detection.

Motive: The attacker’s motive was financial gain. Ransomware attacks are often carried out by cybercriminals who are looking to extort money from their victims.

The attacker demanded a ransom of $50,000 in exchange for the decryption key. The firm’s data backups were not up to date, and the cost of restoring the data manually would have been much higher than the ransom demand. After consulting with a cybersecurity expert, the firm decided to pay the ransom in order to regain access to their data.

The attack had a significant impact on the firm, as they were unable to access their data for several days and had to pay a significant amount of money to regain access. In addition, the attack damaged the firm’s reputation and eroded the trust of their clients. The firm had to invest in additional cybersecurity measures, including employee training and improved data backup procedures, to prevent future attacks.

The ransomware attack on the accounting firm was carried out using a phishing email to gain access to the network, and the attacker’s motive was financial gain. The attack had a significant impact on the firm, including financial loss, reputation damage, and loss of client trust. Preventive measures such as employee training, data backups, and improved cybersecurity measures can help prevent such attacks from occurring in the future.


Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!