Read the notes, then try the practice. It adapts as you go.When you're ready.
Session Length
~17 min
Adaptive Checks
15 questions
Transfer Probes
8
Cybercrime encompasses any criminal activity that involves a computer, networked device, or digital network as either the target, the tool, or the means of the offense. As societies have become deeply dependent on digital infrastructure, cybercrime has grown into one of the most significant threats facing individuals, corporations, and governments worldwide. The category spans a vast range of illegal conduct, from financially motivated attacks such as ransomware and credit card fraud to politically motivated activities like state-sponsored espionage and hacktivism. The global cost of cybercrime is estimated to exceed ten trillion dollars annually by the mid-2020s, making it more profitable than the entire global illegal drug trade.
The study of cybercrime draws from multiple disciplines including computer science, criminal justice, law, psychology, and international relations. Technical understanding of attack vectors, malware, network protocols, and encryption is essential, but equally important are the legal frameworks that define and prosecute these offenses. Key legislation includes the Computer Fraud and Abuse Act in the United States, the Computer Misuse Act in the United Kingdom, and the Budapest Convention on Cybercrime, the first international treaty addressing internet and computer crime. Investigators and analysts must also understand the psychology of threat actors, who range from lone individuals seeking financial gain to organized criminal syndicates and nation-state advanced persistent threat groups.
Modern cybercrime defense relies on a layered approach combining technology, policy, and human awareness. Organizations deploy firewalls, intrusion detection systems, endpoint protection, and security information and event management platforms, while simultaneously training employees to recognize social engineering attacks. Digital forensics teams preserve and analyze electronic evidence for legal proceedings, and incident response plans ensure organizations can contain and recover from breaches. As emerging technologies like artificial intelligence, the Internet of Things, and quantum computing reshape the digital landscape, both the attack surface and the defensive toolkit continue to evolve rapidly.
One step at a time.
Adjust the controls and watch the concepts respond in real time.
A social engineering attack in which an attacker impersonates a trusted entity through email, text messages, or fraudulent websites to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.
Example: An employee receives an email appearing to come from their company's IT department asking them to click a link and reset their password. The link leads to a fake login page that captures their credentials.
A type of malicious software that encrypts a victim's files or locks them out of their system, then demands a ransom payment, typically in cryptocurrency, in exchange for the decryption key or restored access.
Example: The WannaCry attack in 2017 exploited a Windows vulnerability to spread across 150 countries, encrypting files on over 200,000 computers and demanding Bitcoin payments from hospitals, businesses, and government agencies.
The psychological manipulation of people into performing actions or divulging confidential information. It exploits human trust, fear, urgency, and helpfulness rather than technical software vulnerabilities.
Example: An attacker calls a company's help desk, pretends to be a senior executive locked out of their account, and pressures the technician into resetting the password immediately without proper verification.
A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period, typically carried out by well-funded nation-state or organized criminal groups pursuing strategic objectives.
Example: The SolarWinds supply chain attack discovered in 2020, attributed to a nation-state actor, compromised a software update mechanism to infiltrate thousands of organizations including multiple U.S. government agencies over several months.
The scientific process of identifying, preserving, analyzing, and presenting digital evidence from computers, networks, and storage devices in a manner that is legally admissible in court proceedings.
Example: After a data breach, forensic investigators create bit-for-bit images of affected hard drives, analyze log files and memory dumps, and reconstruct the timeline of the intrusion to determine how the attacker gained access.
A previously unknown software security flaw that is exploited by attackers before the vendor becomes aware of it or has released a patch. The term 'zero-day' refers to the fact that developers have had zero days to fix the vulnerability.
Example: The Stuxnet worm, discovered in 2010, used four separate zero-day vulnerabilities in Windows to target and damage Iranian nuclear centrifuges, demonstrating how zero-days can be weaponized for cyber warfare.
An attack in which multiple compromised computer systems, often forming a botnet, flood a target server, service, or network with overwhelming traffic to exhaust its resources and render it unavailable to legitimate users.
Example: In 2016, the Mirai botnet hijacked hundreds of thousands of IoT devices such as cameras and routers to launch a massive DDoS attack against the DNS provider Dyn, temporarily taking down major websites including Twitter, Netflix, and Reddit.
The fraudulent acquisition and use of another person's private identifying information, typically for financial gain. Cybercriminals steal personal data through breaches, phishing, or malware and use it to open accounts, make purchases, or commit further fraud.
Example: After the 2017 Equifax data breach exposed the personal information of 147 million people, criminals used stolen Social Security numbers and birth dates to open fraudulent credit card accounts and file false tax returns.
More terms are available in the glossary.
Choose a different way to engage with this topic — no grading, just richer thinking.
Explore your way — choose one:
See how the key ideas connect. Nodes color in as you practice.
Walk through a solved problem step-by-step. Try predicting each step before revealing it.
This is guided practice, not just a quiz. Hints and pacing adjust in real time.
Small steps add up.
What you get while practicing:
The best way to know if you understand something: explain it in your own words.
More ways to strengthen what you just learned.