As 2017 is coming to an end, and if you think you have seen it all then you are wrong. Observations and predictions are saying cyber crimes will be proliferating rapidly in the coming years as we are becoming increasingly dependent on technology. The advancement of technology is curse and boon at the same time. Hackers are innovating new approach to attack systems, gain access and steal data for making money.
This year, witnessed a massive number of cybersecurity meltdowns. The attacks were not limited to mere corporate breaches but it had expanded its wing to cripple a large number of systems through ransomware, leaks of spy tools and full-on campaign hacking.
Several malicious cyber attacks destroyed a huge amount of data and stole millions of dollars exposing serious vulnerabilities and lack of awareness. According to a report from Cyber Security ventures, cyber-crime damages will cost the world $6 trillion annually by 2021.
Let's have a recap of the biggest cyber threats of 2017 to at least prepare ourselves for a less chaotic scenario in the next year.
The mysterious hacker group was responsible for stealing a few disks full of National Security Agency secrets, called themselves Shadow Brokers. In August 2016, the shadow brokers published a series of hacking tools and computer exploits. Not only that, the shadow brokers offered a sample of alleged stolen NSA data and attempted to auction off a bigger trove. In April 2017, the most impactful release came from the group including a Windows exploit known as EternalBlue developed by the US National Security Agency. Hackers took the advantage of EternalBlue to infect targets in two high profile ransomware attacks.
One of the most prolific hacking attacks, known as ‘WannaCry’ crippled thousands of computers from Russia to China to the UK and the US locking people out of their data and demanding a hefty ransom to get them back. Once the ransomware infected a system, it encrypted all the contents of the hard drive and demanded payment in bitcoin to unlock them. WannaCry temporarily crippled National Health Service hospitals and facilities in the UK which affected vital medical procedures and created much chaos for many British patients.
What shocked the world most was, the malware exploited a vulnerability in the Microsoft Windows Operating system using a code, named EternalBlue developed by the US National Security Agency. Shadow Brokers, the notorious hacker group who stole and leaked the code to the world was responsible for this heinous attack. In total, WannaCry netted almost 52 bitcoins, or about $130,000.
The malicious software began to spread across the computers around the world in July 2017 with infection sites focused in and around Ukraine. It seemed very similar to the 2016 ransomware called Petya, which demanded money to unlock the encrypted hard drives of the infected systems. But NotPetya proved to be something worse than that. It was a wiper which destroyed all the encrypted data in an infected system causing irreparable damage to the user.
Petya bundled a tool called "LSADump," which could gather passwords and credential data from Windows computers and domain controllers on the network. NotPetya was also spread using the vulnerability in Microsoft Windows that the software giant patched in March 2017 on the “Eternal Blue” exploit. Unlike WannaCry, NotPetya was spread internally within networks, but not seed itself externally. That thankfully limited the spread of the malware.
Data breach in the largest consumer credit bureau Equifax is considered to be one of the worst breaches of all time happened in July this year. The massive data breach exposed personal data of 143 million people. The stolen data raised the risk of identity theft as the criminals got hold of sensitive data like-name, social security numbers, Birth date, address, driving license numbers etc. Hackers acquired social security numbers by exploiting website application vulnerabilities in a tool called Apache Struts.
Equifax announced the hack after two months. And the worst part was, the company knew about the vulnerabilities yet failed to take proper actions to fix it timely.
The Equifax breach raised concerns over the amount of information data brokers to collect from consumers so that it can be sold to customers such as banks, landlords, and employers to know you better. But who was responsible for the hack is still unknown.
Internet infrastructure company Cloudflare announced a bug named Cloudbleed in February which caused random leakage of potentially sensitive customer data. A glitch that caused CloudFlare's servers to return extra data in response to website requests was exploited and the bug leaked sensitive data of affected users, including passwords, authentication tokens, and more. Major Cloudflare users such as Uber, Fitbit and OKCupid were directly affected, though the total damage of the data breach is still unclear. Cloudflare stated that about "1 in every 3,300,000 HTTP requests through Cloudflare" potentially resulted in memory leakage.
Another ransomware named 'Bad Rabbit' spread fast in Russia, Ukraine affected 200 organizations in October. It initially targeted Ukraine's Ministry of infrastructure and Kiev's public transportation system. Bad rabbit required a potential victim to download and execute a bogus Adobe flash installer file which infected the system. Once the computer is infected, a message in red letters on a black background was displayed asking the user to log into a Tor domain and make the payment of 0.05 in bitcoin. Bad Rabbit is the third ransomware style malware outbreak followed by WannaCry and NotPetya in 2017.
198 million Americans were hit by the 'largest ever' voter records leak in June this year. It shocked the whole world when a security researcher discovered a publicly accessible database containing personal information for 198 million US voters. The databases containing the information of the voters from all political parties were found stored on an open Amazon S3 storage server owned by a Republican data analytics firm, Deep Root Analytics. It was misconfigured which exposed more than a terabyte of voter information. Though Deep Root Analytics claimed that the voter data, though publicly exposed, was not accessed by anyone besides Vickery—but it's always possible that someone else discovered it, too.
A massive global breach of the personal information of 57 million customers and drivers in October 2016 was hidden until this November by Uber. To cover up the news, they did another blunder by paying $100,000 to the hackers responsible for the breach to keep the data breach incident a secret. The breach occurred when two hackers obtained login credentials to access data stored on Uber's Amazon Web Services Account. Personal data like name, email address, phone numbers as well as driver's license numbers were stolen by hackers. Now Uber is facing questions from lawmakers for hiding the incident so long.
So, new attacks breaking in almost every month made 2017 a terrible year for cyber-security industry. More we'll rely on technology, the chances of attacks will increase. It is predictable that the attacks on the IoT will keep hitting industries including airlines, cars, and manufacturing as they rely more on this 'smart-technology.' Everyone dealing with technology needs to be involved with protecting and defending apps, data, devices, infrastructure and people as cyber-crime is predicted to be increased by leaps and bounds in the coming years. But the environment of mistrust that has been created can be treated as an opportunity for companies that can show genuine concern and effort for protecting data and establish that they have proper security measures in place.