The first two months of this year alone have already seen some significant cyber attacks occur.
In January, hackers linked to the Shiite political party Hezbollah caused significant breaches to telecom companies, ISPs, and hosting providers in the US, UK, and the Middle East.
North Korean government-linked hackers targeted a swathe of cybersecurity researchers in a clever piece of social engineering hacking. They created a selection of fake Twitter accounts and blogs, directing their intended targets to virus-infected sites, following up with virus-ridden emails.
Closer to home, hackers breached data centers belonging to New Zealand’s central bank.
The ferocity, tenacity, and sophistication of even the most common cyberattacks are increasing.
COVID-19 facilitated cybercrime
In 2020 cybercriminals took advantage of COVID-19 bringing the world to its knees. Organisations in this field become some of the most common cyber attack targets of the past year.
December 2020 saw the European Medicines Agency come under attack by hackers, who accessed data that pertained to the Pfizer COVID-19 vaccine development.
In November, the AstraZeneca COVID-19 vaccine was targeted. North Korean hackers created online profiles as job recruiters, and sent fake job offers to AstraZeneca employees. These emails were infected with malware. Cybercriminals found to be associated with Russian intelligence agencies, attempted to steal information relating to COVID-19 vaccine development in the US, Canada, and the UK.
Pharmaceutical manufacturing companies, healthcare providers, and even the US Department of Health & Human Service all reported surges in hacking attacks in April 2020.
Even the World Health Organisation wasn’t immune. In April 2020, in the midst of the growing COVID-19 panic, a number of WHO staffers had Iranian government-sponsored hackers attempt to access their accounts.
Cyberattacks are becoming so big that they’re making the news
SolarWinds was a security failure of epic proportions. In December 2020, the US Government was the target of its most devastating cyberattack to date.
Malicious code was inserted in network management software used by at least six US government departments—including Treasury, Commerce, Energy, and Department of Homeland Security. The network of the National Nuclear Security Administration was also breached.
But it didn’t stop there. Technology and security firms, including Microsoft, were targeted. Fortune 500 companies in Europe, Asia, and the UAE were identified as under threat.
This attack was so vast in scope that it’s still unclear exactly how far the threat extends.
Besides the SolarWinds attack, there were some highly-publicised recent cyber attacks that made world headlines.
With the swift pivot to remote working and working-from-home arrangements, Zoom quickly became the tool that kept businesses afloat. But with the growth in the business and its user base, attention from cybercriminals also increased.
One well-known incident saw approximately 500,000 Zoom user accounts, passwords, credentials, and meeting URLs stolen and put up for sale on the dark web.
These accounts were hacked using one of the most common cyber attack methods. Known as credential stuffing, the hackers used usernames from lists of previously stolen email addresses, user names, and passwords. And, as people commonly reuse passwords and usernames, they then set about attacking Zoom accounts with these details.
The hackers use a sophisticated stress testing tool, which attempted to log in to Zoom using multiple bots at various IP addresses. All account details with a positive login attempt were then gathered up into a database and sold.
This caused Zoom to implement much-needed additional security measures, including the ability to set meeting passwords to meeting IDs.
Australia isn’t immune
Toll Group, the massive Australian logistics company, had the misfortune of being hit by cyberattacks twice in the first half of 2020. They suffered two different ransomware attacks within three months of each other.
The first occurred in February 2020, where 1,000 of Toll Group’s servers were infected with the MailTo( Netwalker ) ransomware. While no personal details were leaked, this attack disrupted their supply chain, interrupting deliveries of goods and services all across Australia.
The second attack was undertaken using a new ransomware variant known as Nefilim. Using this ransomware, cybercriminals were able to access a corporate server and steal information regarding commercial agreements with enterprise customers, and information on some Toll staff.
Cybercriminals still follow the money
The majority of cybercrime is all about the money.
In 2020, five countries that are known for their gaming and gambling industries were attached by cybercriminals linked to the Chinese government. They performed ransomware attacks, demanding over $100 million in fees.
In June of 2020 the University of California at San Francisco was also the target of a ransomware attack. An attack was launched against the UCSF School of Medicine’s servers. In this case they were lucky—it was caught in time before it spread to any areas involved with their COVID-19 research.
But the University still wanted its files back, and paid a partial ransom demand of $1.14 million to recover the infected files.
These are just some of the recent cyber attacks
Remember the 2018 Facebook attack? In 2018 Facebook admitted that private information of up to 20 million of its users was exposed in a security breach.
2017 saw the Wannacry ransomware attack hit around 230,000 computers in over 150 countries around the world. Yahoo! was hacked twice within the 2013-14 period, with hackers stealing the information of 1.5 billion of its users.
Now this might sound like there’s no hope for a small business. But it’s not all doom and gloom.
It all comes down to your security preparation. The more robust your IT security systems are, the fewer vulnerabilities your system will have.
At Data Express we provide managed IT security services to protect you against hackers, bots, spyware, malware, and viruses, and ensure your business remains safe and secure. We implement the most rigorous, cutting edge security measures to help minimise your risk of cyber attacks.
It’s never too early to be prepared. Contact us today to discuss your business’ unique IT security needs.