2017 is often referred to as a cybersecurity disaster: with major data breaches and hacks, the year has left us a total of $5 billion worth of damages. Even though the hacking tools used this year turned out to be more sophisticated than ever before, according to Online Trust Alliance, 93% of breaches could have been avoided by using simple cybersecurity tips. Let’s recap how vulnerable our online presence was in the year that passed, and hope that 2018 won’t bring another cybersecurity fiasco.
In April 2017, a hacker group under the name The Shadow Brokers released a set of hacking tools that reportedly belong to the National Security Agency (NSA) of the US Department of Defense. The breach exposed to danger a number of Windows servers and OS (Windows 7 & 8).
Admittedly, Microsoft has quickly released security updates, but many businesses and enterprises were slow to install them, which allowed hackers to compromise more cyber attacks in 2017, including WannaCry. The Shadow Brokers have also recently threatened to disclose more confidential data of NSA every month.
While it is still not known, who stands behind the mysterious group, one thing is clear: they managed to embarrass the NSA and put its intelligence-gathering capabilities in question.
In May 2017, the world had been struck by a ransomware called WannaCry which targeted hundreds of thousands of large corporations and public services. It is estimated that in just 4 days more 300, 000 computer systems have been infected, including the UK’s National Health Service which has been hit particularly hard. With over 19, 000 appointments canceled at NHS hospitals and facilities, many British patients have been left in chaos.
Even though, WannaCry reminded many other ransomware attacks (e.g. to get the files decrypted users were asked for a Bitcoin payment), its worm tactics were different. As soon as WannaCry infected a system, it scanned connected networks, infecting other hosts without user interaction.
It was later announced by US officials that they believe WannaCry was a project of the North Korean government. All in all, WannaCry raised $130, 000 (or 52 bitcoins).
Even though the malware called Petya, was more advanced than WannaCry, its inefficient payment system was among its biggest flaws. The ransomware hit dozens of networks in different countries – including American delivery services corporation FedEx, Danish shipping company Maersk, and the biggest Russian oil and gas provider, however, it is believed that Petya initially targeted Ukrainian businesses. With a series of hacks, Petya interrupted the work of airports, power companies, and the national bank in Ukraine. Later, a new attack hit the country especially hard, dispersing via Ukrainian accounting software. The malware considerably resembled Petya and was called after it – NotPetya.
Similarly to WannaCry, both Petya and NotPetya spread thanks to a vulnerability previously disclosed by The Shadow Brokers group. It was reported that both cyber attacks are a part of Russian campaign against Ukraine, however, no evidence has been publicly released yet.
In July 2017, personal data of over 145, 5 million users (mostly Americans, but also UK and Canada nationals) were exposed due to an attack on Equifax, one of the biggest credit monitoring bureaus. It is considered to be one of the worst leaks in history since the information exposed included sensitive data (birth dates, addresses, credit card and Social Security numbers, etc.). The stolen data can be used for identity theft, therefore, the impact of the breach could be felt for years to come.
Richard Smith stepped down as the CEO of Equifax once the breach was revealed. In his testimony at the Congress, he blamed an employee for the security failure and admitted that the person has already been fired. Smith has also stated that he would only meet with security representatives every three months to review Equifax’s security stand. It is also believed that one of the digital platforms used by Equifax was safeguarded by credentials “admin, admin”, which does sound ridiculous.
Once the world thought nothing as bad could happen again – Uber hit a new record low. In late November 2017, Dara Khosrowshahi, who was appointed as Uber CEO just three months earlier, announced that data of over 57 million people (including names, addresses, and phone numbers) as well as license information for more than 600, 000 drivers were leaked back in 2016.
Ironically, Uber tried to cover up the breach by offering a $100, 000 ransom to the hackers. Right now, the company is facing huge legal issues: executives could even go to jail for knowingly covering up the data breach. Senators of Florida, Connecticut, and Wisconsin have recently introduced the Data Security and Breach Notification Act, that would require companies to report similar security breaches within 30 days. Moreover, city attorneys of Los Angeles and Chicago along with the state attorney of Washington are reportedly already suing Uber.
Special Mention: Cambridge Analytica
In March 2018, the world has been shaken by the news that a London-based data analysis firm Cambridge Analytica that reportedly contributed to President’s Trump win in 2016, illegally collected and kept data of 50 million Facebook users. The data was acquired with the help of University of Cambridge professor Aleksandr Kogan, who built a Facebook quiz that would accumulate data not only from the quiz-takers but their friends as well.
Mark Zuckerberg, Facebook’s CEO has already offered an apology, saying: “We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you.” In addition to the Facebook data breach, Cambridge Analytica is linked to a pro-Brexit campaign. Its CEO, Alexander Nix has been suspended after a footage of him talking about dirty tactics that would discredit politicians was leaked online. British and American investigators are already working on the case.