AP Cybersecurity Unit 1 Lesson 4 Lab
Lab: AI Attack Specimen Dissection
You are a cybersecurity analyst at a regional hospital. Four AI-enhanced attack attempts have been flagged for review. Dissect each one: identify the AI technique, the psychological lever, the indicators that reveal it as an attack, and the control that would prevent it.
Analyze each specimen with the same rigor you would apply on the AP exam. Each specimen requires: (1) identifying the AI technique, (2) naming the psychological tactic, (3) listing at least two indicators that reveal it as an attack, and (4) naming the specific control. Each specimen is worth 6 points.
Dr. Tran,
Following up on our previous conversation last Tuesday regarding the Q1 surgical supply order. Invoice #HS-2024-8847 for $22,400 is now 31 days overdue. Per our contract terms, a 1.5% late fee will apply after 45 days.
Our new banking details are below following our recent acquisition. Please update your records and process payment to the new account by Friday to avoid the late fee. I’ve attached the updated invoice.
Michael Chen
Accounts Receivable
Medical Supply Group
AI technique used in this attack:
List TWO indicators that this is not a legitimate email:
Specific control that prevents this attack from succeeding:
Incident report: The hospital’s CFO joined a video call with what appeared to be two board members to discuss an emergency lease agreement for new MRI equipment. One board member’s video was live and showed the person speaking clearly. The other board member’s audio was present but video was disabled (“camera issue”). The CFO was asked to wire a $185,000 deposit to a leasing company before the end of business. When the CFO later called the board members directly, neither had scheduled or attended any such call.
Which AI technique(s) were used? (select the most accurate)
The second board member had their camera disabled. Why is this a significant indicator of attack?
Policy that prevents this attack regardless of how realistic the video/audio appears:
SIEM Alert: Email security platform blocked 312 inbound phishing emails over 48 hours. However, analysis shows the blocked emails' characteristics evolved during the campaign: the first 80 emails used the keyword “urgent password reset” (blocked). The next 60 replaced “urgent” with “important” (blocked by updated filter). The final 172 used completely novel phrasing with no overlap with previous trigger words, referenced a real hospital HR portal domain, and scored 0.58 on the phishing classifier (delivered to 44 inboxes).
What does the evolving pattern reveal about the attacker’s methodology?
The 172 delivered emails scored 0.58. List TWO defenses that together would address this gap:
Incident timeline:
Week 1: Hospital posts LinkedIn update about their new HIPAA compliance software deployment. An AI tool scrapes this, identifying the software vendor, IT manager’s name (David Park), and implementation timeline.
Week 2: Five staff members receive a targeted email referencing the HIPAA software deployment, claiming to be from the software vendor’s “compliance team,” requesting they complete “mandatory user setup” through a link. Three click through.
Week 3: One of the three staff members receives a phone call that sounds exactly like David Park (IT manager) saying their account setup requires them to provide their hospital network credentials for “profile migration.”
Week 4: The staff member’s credentials are used to log into the hospital network from an external IP. SIEM detects unusual access patterns 72 hours after initial login.
Name the AI techniques used at each stage (Week 1, Week 2, Week 3):
At which stage could a SINGLE control have broken the entire attack chain? Which control?
Multi-stage AI attack questions on the AP exam always ask: (1) which AI technique was used at each stage, (2) what made each stage more effective than a non-AI version, and (3) which SINGLE control would have broken the chain at the most efficient point. The answer to #3 is almost always the credential-request stage — because that’s where physical access or system compromise actually occurs.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]