Top 5 Cyber Threats from 2020
Ransomware, data breaches and phishing attacks were some of the top cyber threats from 2020.
2020 has been a rough year for everyone, as the tremendous pandemic threat jeopardized many businesses’ plans and forced countless to rethink their strategies as they move their first (late) steps into the digital world.
With so many companies jumping in with both feet to the smart working revolution, it comes as no surprise to see how dangerous it could be to do that without adequate preparedness. Coronavirus, in fact, was linked to a 238% increase in cyberattacks on banks, and since the start of the pandemic in February, phishing attacks have increased by 600%.
The digitized space is full of many cyber threats that require the strongest, most bullet-proof security strategies. Yet, not even the most experienced technology enterprises are safe from those attacks. (Read also: The 7 Basic Principles of IT Security.)
Since one global virus attack wasn’t enough in 2020, let’s have a look at the biggest cybersecurity threats that endangered digital companies this year and what they mean for cybersecurity.
World Health Organization and Other Health Agencies
We couldn’t help but list the cyberattack against the World Health Organization (WHO) as the first one on our list. The WHO saw a dramatic increase in cyber attacks since the COVID-19 global crisis, but on April 23, 2020, the global agency reported that a dangerously large leak of email addresses and passwords has occurred. Apparently, a group of elite hackers was able to stage a large phishing campaign that ended with the theft of 450 active login credentials from WHO staff.
However, the evildoers’ group didn’t stop there and stole nearly 25,000 private email addresses from other important national and international health agencies such as the Center for Disease Control and Prevention (CDC), the National Institutes of Health (NIH), and the Bill and Melinda Gates Foundation. The only upside? After the attack occurred, the WHO explained how they left their old extranet system for a newer, more secure infrastructure.
Zoom’s Data Breach
How many of us started to use video conferencing apps during the pandemic? How many companies were forced to without even knowing how to use them? Apart from some nasty incidents occurring to people who didn’t clearly know how virtual meetings really work, these apps have become a new target for hacking groups. Probably the most known of these platforms, Zoom, has been relentlessly targeted by several cyberattacks through 2020. In April, some 500,000 passwords were leaked and shipped to the dark web markets and forums after a massive data breach occurred.
The cybercriminals used a database of usernames and passwords that got compromised in various hack attacks dating back to 2013. Since many users tend to reuse the same credentials, attackers used them to start a credential stuffing attack with bots that were specifically engineered to avoid being detected as a denial of service (DoS) attack. If a password pinged back as a successful login, the hackers collected it to create a new database that was then put up for sale on the black market. (Read also: Massive Data Breaches: The Truth You Might Not Know About.)
Telegram and e-Commerce Credit Card Frauds
An already tested method to steal credit card information is the one used by Magecart, a hacker conglomerate that targets e-commerce websites. The cybercriminals inject an e-skimmer on the online shopping cart system that will then capture credit card details as the customer fills them in real-time. This data is then sent to a remote server controlled by the hackers who will then collect it for later use. What’s new this time is that now Telegram is used to make this second step of data collection even quicker and more secure for the attackers.
An instant message is sent via a bot to a private chat channel, using a private ID that is encoded directly into the skimmer code. Since Telegram’s data is encrypted, identification is even more difficult, and by using the instant messenger’s API, it’s much easier to transmit stolen information without setting up separate infrastructure.
These domains could, in fact, be identified as dangerous and be taken down or blocked by anti-malware software. On top of that, they’ll even enjoy the additional benefit of receiving a Telegram notification in real-time each time a new victim falls for the trap.
Software AG Ransomware Attack
Being big (and strong) doesn't make you safe when it comes to cyber attacks. Software AG is one of the biggest players in the European digital industry, being the second-largest software vendor in Germany and the seventh-largest in Europe. In October 2020, approximately one terabyte of data was stolen during a ransomware attack from the Clop cyber-criminal gang. The hackers stole the company's information and locked their IT infrastructure, threatening to release sensitive data to the public unless a $23 million ransom is paid.
The compromised files are much of the most private data coming from the enterprise's internal network and employees' laptops, and include sensitive personal information such as photo IDs, passport numbers, contact lists, and contracts. Although there's no clear indication on whether Software AG has paid the ransom or not, the damage they suffered was so bad, that the company has still not recovered from the attack completely.
Twitter Spear Phishing Incident
Some hacks are not as damaging as others. The importance of data stolen may not be great, no ransom paid, or no sale of the information on black markets. The true objective outcome can be menial, but the image and reputation damage to the brand affected can be enormous. That’s the case of the spear-phishing attack against Twitter that occurred on July 15, 2020. (Read also: How Cyberattacks Affect Share Holders and Board Members.)
A group of particularly bold hackers started a very successful phone phishing campaign targeting an initially small number of Twitter employees who were misled into handing out their credentials. After they stole the private info, the cybercriminals leveraged the social media platform’s internal support system to keep stealing more employees’ logins. Eventually, they unlawfully accessed and took control of 130 accounts, including those of many celebrities and major public figures including Bill Gates, Jeff Bezos, Elon Musk, Kanye West, Kim Kardashian, Joe Biden, and Barack Obama. A true reputation disaster for the blue bird’s social media.
Cyber threats will never stop. No matter how much our minds can be distracted by major global crises, digital enterprises must always be wary and diligent in their security strategies. Even small steps such as keeping all software and systems fully up to date, or training a company's staff on how to protect themselves against phishing attacks and malware can go a long way to prevent or at least minimize damage. Now more than ever, making sure that the most sensitive data is safely backed up in a secure place and that all endpoints are protected is necessary to be protect a company from cyber attacks.