Hacks, cyber attacks and investigating websites/news channels

Goal

After reading this article you'll:

understand how to simulate a cyber attack on a website
be able to simulate cyber attacks such as DDOS, defacement, ransomware
be able to simulate access to website metadata and other information

Summary

Websites/News Channel offers the ability to "hack" and to show the results of website scans/information retrieval from other applications.

Name	Web details and
Benefit	Simulate realistic emotional reaction to website hack
Features	Add multiple pages of website information normally accessible to specialised tools Hack one or multiple websites to simulate DDOS and other attacks Return sites to normal after the attack has been resolved

Use these PowerPoint files to create your own images (save the slides as JPG) for web details and broken web pages

Web Details.pptx

Page Errors.pptx

Add the alternative website view and/or website details

First edit the persona to add additional website details and then turn the features on/off via the MEL

1.Ensure your persona is checked as an "Organisation" so that you see the Website tab 2. Now you can add website details and upload an image to represent the hacked version of the website
3. in the MEL, the website/news channel content panel allows you select Post (default) or Action. Select Action.
4. With Action selected (1), you now have the ability to turn on and off both the hacked version of the organisation's website and whether to show the website details or not. 5. You can go directly to the website details for this persona by clicking the config icon (2)

Website details example

You can add multiple pages of details to websites to simulate multiple applications that might provide insights into a webpage's security, accessibility, authenticity and so on.

The training audience can view the website details by clicking the three dots upper right in the website/news channel. Or by clicking the customisable icon. Note that when a website is hacked, the icon will never appear but the three dots can be accessed or not depending on your configuration.

Live hacking

If you haven't scripted your website hack, you can do it live using the Persona management in the Facilitator dashboard.

Content > Personas > Select your persona (ensure they are set as an organisation) > Switch to hacked > upload an image

Data corruption

You can simulate data corruption by using custom data for the website content. The steps are then:

1. While the exercise is running, modify the custom data

2. republish the article

The example below shows the website working with the original custom data.

After you've changed the data and saved it, you must republish the article. It's not enough to only update the custom data because the new data will only to accessed on publication.