The Internet is not a very safe place. Every day we see news headlines, tweets, and articles about new bugs & malware that breach the computer networks of IT organizations. Internet security is very challenging because the same set of tools that network engineers use to build a network can also be used to break it. Emails can be hacked; sensitive information can be stolen and at worst the entire network can be locked down using an advanced malware rendering it unusable for the organization.
“One single vulnerability is all an attacker needs”
– Window Snyder, Chief Security Officer, Fastly
Top Cyber Attacks of 2018
Sacramento Bee, Ransomware
The Sacramento Bee is a daily newspaper published in Sacramento, California. An attacker gained access to 2 databases operated by the company. These databases were locked down and the attacker demanded a ransom to let the company use them again. The hack exposed 53,000 subscribers’ information and the personal data of 19.4 million California voters according to The Sacramento Bee.
Facebook, Data Theft
2018 was not a good time for Facebook. In March 2018, Cambridge Analytica collected the personal information of more than 87 million users. On June 27, Nametests.com, a Facebook app, had publicly exposed information of more than 120 million users. Another cyber-attack resulted in 29 million Facebook accounts being hacked using an automated program that moved from one friend to the next.
Aadhaar, Data Theft
Aadhar number is a unique identifier for citizens of India, like a social security number. WhatsApp was used to share login credentials to an Aadhar service using which, the attacker can enter any Aadhaar number to retrieve the name, address, photo, phone number, and email address. The personal information of all of the 1.1 billion citizens registered in India was believed to be compromised in the data breach.
British Airways, Data Breach
Hackers made their way inside the systems of British Airways for more than 2 weeks between August 21 to September 5. Anyone who made the booking on ba.com and British Airways’ mobile app during this time was under the attack. Personal and financial information including names, email addresses, and credit card information were stolen. This cyber-attack affected around 380,000 transactions. After the exposure of the massive cyber-attack, people were asked to contact their banks, and reimbursement was promised to the affected accounts.
US Universities, Phishing attack
The Department of Justice charged 9 Iranian hackers for a massive number of attacks on universities and private companies across the United States. The attackers tricked professors and university affiliates into opening malicious links and entering their network login credentials. 31 terabytes of data were estimated to be stolen which is worth $3 billion in intellectual property. Reportedly, 144 US universities, 47 private companies, US Federal Energy Regulatory Commission and other official agencies were infiltrated in this attack.
Exactis, Data Breach
Exactis is a marketing and data aggregation firm based in Florida. One of its databases was exposed on a publicly accessible server. Millions of records of personal information of American citizens and business were contained in the compromised database. In June 2018, Vinny Troia, a security researcher said he was able to find 340 million individual records which also contained extremely sensitive details like the names and genders of children of the US citizens.
Reddit, Man in the middle attack
Reddit’s systems were compromised by a hacker that managed to access user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords. On August 1, the site announced the attack in its blog post. Reddit admitted that their 2-factor SMS based authentication system was intercept when its staff members were trying to login to their systems. The attacker was able to access the logs containing the email digests the company had sent between June 3 and June 17, 2018. Also, a complete copy of their old database backup containing very early user data and account credentials was also stolen.
Google+, API Bug
Google identified a vulnerability in an API of their social networking platform Google+. Just like Facebook, the API bug gave third-party app developers the access to private data. Users who have granted permission to allow Google + to access their data, as well as their friends’ data, was compromised in the attack. Though Google kept it secret, fearing the lawsuits and reputational crises which Facebook was suffering at that time, it finally decided to shut down consumer access to Google +. The investigators have found out that more than 500,000 accounts were affected and up to 438 third-party apps had access to private data from Google+ profiles.
“The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards”
There is no such term like a perfectly secured system in the IT domain. With computer network becoming the backbone of organizations, cybersecurity is one of the greatest challenges that mankind has ever come across with. Network administrators in organizations work 24/7 to monitor and detect anomalies in their network usage. Unfortunately, the attackers are also constantly evolving their tactics to cause havoc in the IT industry. With billions of dollars compromised in cybersecurity breaches in 2018, companies should invest not only in cyber security but also in cyber insurance. They need to realize that security is not an additional feature but the part of their application itself. They need to invest in cybersecurity services that can analyze their current IT infrastructure and find solutions to improve network security using the latest computer security tools in the market.