The first
year of the new decade was plagued with several catastrophic events around the
globe. It also saw a steep rise in the number of cyber-attacks as they almost
tripled the preceding year, and those are just the reported ones. Hence, we’ll
be taking a quick look at the top 5 cyber-attacks of 2020 and how you can
prevent them.
2021 isn’t
likely to be any different as the New Year continues to see the surge, and some
predictions suggest an occurrence of a
cyber-attack every 11 seconds. Here is a glimpse of which cyber-attacks
your organization might be susceptible to: Source
| Industry |
Type of Cyber-attack | | -------- | -------- | | SMEs |Phishing, Malware| |
Healthcare institutions |Ransomware, Insider threat| | Government agencies
|Data Breach through bugs, Ransomware| | Energy companies |Power Grid Server
Hacking| | Education |Data Leaks, Ransomware| | Manufacturing |Phishing, Data
Breach, Injection| | Finance |Credential Leaks, Malware| | Technology |IP
leaks, Web App Attacks| | Real Estate |Sensitive Data Leaks| | Mobile |Mobile
App Attacks, Malicious Hotspot| | Retail |Credential Leaks, Data Breach|
As once said,
“A fool learns from his own mistakes, a wise man learns from the mistakes of
others.”
So without
further ado, let’s take a look at the 5 most significant cyber-attacks of 2020
and their impact while also giving a few tips on how you can prevent them to
avoid falling prey and suffering severe reputational damage.
1. The
Cognizant Hack:
American
Multinational company, Cognizant, became a victim of a Maze ransomware attack
led by the Maze group on the 18th of April 2020, a few weeks after the pandemic
forced billions to undergo a lockdown. The hacker group carries out ransomware
attacks to exfiltrate sensitive organizational data and threaten with its
release on the Dark Web if the organization fails or refuses to shell out the
ransom amount.
The Maze
ransomware is dispersed by targeting computer systems with weak authentication
systems and phishing emails. Then the algorithm scans and encrypts the files
and appends different extends to restrain access and infect the system.
The attack
ended up costing Cognizant a hefty amount upwards of $50 Million, which include
legal and consultation fees. It also stalled the company’s operations for the
next quarter. The attack resulted in the exposure of several sensitive
documents.
Here are some
things you can do to protect yourself from being victimized by such an attack:
Exercise
caution while handling emails from unknown sources, especially ones containing
MS office attachments and suspicious website links.
Update your
OS, software, browsers, and antivirus regularly and avoid using unverified
pirated software and extensions.
Assign unique
passwords for different accounts/websites and enable MFA wherever possible.
Limit access
to network folders to only those who need it and regularly backup your data.
Disable
PowerShell in the network and implement corporate VPN.
Educate your
organizational employees about these practices and the identification of
phishing and ransomware attacks.
You can avail
Squib.media’s expert training services to make sure you leave no stone unturned
while up-skilling your in-house staff.
2. University
of California Hack:
San-Francisco
based University of California was targeted by a ransomware attack initiated by
the hacker group, Netwalker. The incident took place on the 1st of June 2020
with a ransomware attack, similar to the one Cognizant suffered, and infected a
huge part of their IT network system.
The hackers
were able to get their hands on sensitive information. After a brief period of
negotiation, both parties came to a ransom agreement, which ended up costing
the university upwards of $1.1 million.
The
university then received a decryption key to restore access to the files and
also deletion of the stolen documents. The School of Medicine issued a
statement saying patient medical records were not leaked.
In addition
to the earlier mentioned practices, in the event of a Netwalker ransomware
attack, you can perform the following:
Initiate shut
down of all interconnected network computers.
Disconnect
any and all infected computers from the network ASAP and turn off the access
points.
3. The Zoom
Breach:
Zoom’s
instantaneous prosperity due to the COVID-19 pandemic did not come without any
consequences. The growing popularity and the spotlight saw it become one of the
most targeted applications for cyber attacks.
One of the
hackers hit the bullseye and ended up selling over 500,000 Zoom credentials on
the dark web at the dawn of April 2020. The credentials included account
logins, personal meeting URLs, and Zoom host keys. The leak was a result of a
meticulously carried out Credential Stuffing attack.
Some of the
victims included accounts that belong to renowned companies such as Citibank
and Chase, along with several educational institutes like University of
Florida, Colorado, Vermont, etc.
Here are a
few handy tips as to how you and your organization can fend off Credential
Stuffing attacks:
Implement Multi-Factor
Authentication to verify system logins.
Enforce new
password protocols to avoid re-using the same passwords.
Improvise
current passwords and update frequently.
Use CAPTCHA
technology to prevent automated attacks.
Strengthen
firm applications with additional Web Application Firewalls.
4. Twitter
Breach:
On July 15th,
2020, the social media giant Twitter was targeted with coordinated social
engineering attacks resulting in a net loss of over $120,000 in just under an
hour.
The hack was
carried out using a spear-phishing attack, one of the most successful forms of
attacks to acquire sensitive information on the internet and is used by over
90% of hackers.
Using the
credentials, the hacker was able to gain access to Twitter’s Slack account by
coercing an employee then further proceeding to carry out a social engineering
attack. The result was unauthorized access to over 120 notable Twitter
accounts, including Ex-US President-Barack Obama, Current US President-Joe
Biden, CEOs of billionaire corporations, Tesla and Microsoft, Elon Musk, and
Bill Gates, amongst others.
Here are a
few tips you can follow to thwart such attacks:
Follow strong
password practices, change it frequently, and implement MFA wherever possible.
Be wary of unknown
senders and suspicious email attachments.
Train and
educate your employees to make them more vigilant about credential stuffing,
phishing, and other social engineering attacks.
5. The
SolarWinds Hack:
Last but
certainly not least comes the SolarWinds hack, which is definitely the most
impactful attack on this list. The attack was uncovered on the 8th of December
2020 against the US-government managed companies and agencies like the State
Department, Treasury, and Homeland Security, amongst others.
Known as a
‘Supply Chain attack,’ SolarWinds reported that this attack resulted in damages
to over 17,000 of its clients, amongst which a huge number of Fortune 500
companies fall under. One of these clients, Microsoft, has reported evidence of
malware on their systems.
The malware
has been named “Sunburst” by the disclosing company, FireEye, and the attack
itself was quite strategically carried out. The hackers first targeted the
IT-management software, Orion, developed by SolarWinds. The attack was said to
be initiated in the fall of 2020, stating that the hackers were monitoring
several emails.
The hackers
inserted a malicious code into Orion and released it as an update of that
software, immediately infecting thousands of systems with malware. The attack
is claimed to be a state-sponsored one, although the culprits are yet to be
known.
The complex
nature of the attack makes it quite difficult to boil the causes down to a few
points. That is where extensive cybersecurity assessments like those carried
out by Squib.media are of crucial necessity. We have rich experience in
building security programs from the ground up, including one for an Asian
Governmental Agency which was under attack from its neighboring nations.
Conclusion:
As once said,
“Only a fool learns from his own mistakes. The wise man learns from the
mistakes of others.” We hope this blog helped you attain a few key takeaways
and also shed some light on why effective practices and cybersecurity
assessments are crucial.
If you’re
looking to get started with a cybersecurity assessment, get in touch with Squib.media.
We provide research-powered cybersecurity services and training. Through our
innovative and extensive security assessments, you can be sure that security
threats that may be looming around your applications and systems will be
eliminated.
Squib.media
is a Research Focused, CERT-In impanelled Cyber security Consulting company
specializing in security assessments of IoT product ecosystem, Web application
& Network with a proven track record of securing applications and
infrastructure for customers across 20+ countries.