The first year of the new decade was plagued with several catastrophic events around the globe. It also saw a steep rise in the number of cyber attacks as they almost tripled the preceding year, and those are just the reported ones. Hence, we’ll be taking a quick look at the top 5 cyber attacks of 2020 and how you can prevent them.
2021 isn’t likely to be any different as the new year continues to see the surge, and some predictions suggest an occurrence of a cyber-attack every 11 seconds. Here is a glimpse of which cyber attacks your organization might be susceptible to: Source
|Industry||Type of Cyber attack|
|Healthcare institutions||Ransomware, Insider threat|
|Government agencies||Data Breach through bugs, Ransomware|
|Energy companies||Power Grid Server Hacking|
|Education||Data Leaks, Ransomware|
|Manufacturing||Phishing, Data Breach, Injection|
|Finance||Credential Leaks, Malware|
|Technology||IP leaks, Web App Attacks|
|Real Estate||Sensitive Data Leaks|
|Mobile||Mobile App Attacks, Malicious Hotspot|
|Retail||Credential Leaks, Data Breach|
As once said, “A fool learns from his own mistakes, a wise man learns from the mistakes of others.”
So without further ado, let’s take a look at the 5 most significant cyber attacks of 2020 and their impact while also giving a few tips on how you can prevent them to avoid falling prey and suffering severe reputational damage.
1. The Cognizant Hack:
American Multinational company, Cognizant, became a victim of a Maze ransomware attack led by the Maze group on the 18th of April 2020, a few weeks after the pandemic forced billions to undergo a lockdown. The hacker group carries out ransomware attacks to exfiltrate sensitive organizational data and threaten with its release on the Dark Web if the organization fails or refuses to shell out the ransom amount.
The Maze ransomware is dispersed by targeting computer systems with weak authentication systems and phishing emails. Then the algorithm scans and encrypts the files and appends different extends to restrain access and infect the system.
The attack ended up costing Cognizant a hefty amount upwards of $50 Million, which include legal and consultation fees. It also stalled the company’s operations for the next quarter. The attack resulted in the exposure of several sensitive documents.
Here are some things you can do to protect yourself from being victimized by such an attack:
- Exercise caution while handling emails from unknown sources, especially ones containing MS office attachments and suspicious website links.
- Update your OS, software, browsers, and antivirus regularly and avoid using unverified pirated software and extensions.
- Assign unique passwords for different accounts/websites and enable MFA wherever possible.
- Limit access to network folders to only those who need it and regularly backup your data.
- Disable PowerShell in the network and implement corporate VPN.
- Educate your organizational employees about these practices and the identification of phishing and ransomware attacks.
You can avail Payatu’s expert training services to make sure you leave no stone unturned while up-skilling your in-house staff.
2. University of California Hack:
San-Francisco based University of California was targeted by a ransomware attack initiated by the hacker group, Netwalker. The incident took place on the 1st of June 2020 with a ransomware attack, similar to the one Cognizant suffered, and infected a huge part of their IT network system.
The hackers were able to get their hands on sensitive information. After a brief period of negotiation, both parties came to a ransom agreement, which ended up costing the university upwards of $1.1 million.
The university then received a decryption key to restore access to the files and also deletion of the stolen documents. The School of Medicine issued a statement saying patient medical records were not leaked.
In addition to the earlier mentioned practices, in the event of a Netwalker ransomware attack, you can perform the following:
- Initiate shut down of all interconnected network computers.
- Disconnect any and all infected computers from the network ASAP and turn off the access points.
3. The Zoom Breach:
Zoom’s instantaneous prosperity due to the COVID-19 pandemic did not come without any consequences. The growing popularity and the spotlight saw it become one of the most targeted applications for cyber attacks.
One of the hackers hit the bullseye and ended up selling over 500,000 Zoom credentials on the dark web at the dawn of April 2020. The credentials included account logins, personal meeting URLs, and Zoom host keys. The leak was a result of a meticulously carried out Credential Stuffing attack.
Some of the victims included accounts that belong to renowned companies such as Citibank and Chase, along with several educational institutes like University of Florida, Colorado, Vermont, etc.
Here are a few handy tips as to how you and your organization can fend off Credential Stuffing attacks:
- Implement Multi-Factor Authentication to verify system logins.
- Enforce new password protocols to avoid re-using the same passwords.
- Improvise current passwords and update frequently.
- Use CAPTCHA technology to prevent automated attacks.
- Strengthen firm applications with additional Web Application Firewalls.
4. Twitter Breach:
On July 15th, 2020, the social media giant Twitter was targeted with coordinated social engineering attacks resulting in a net loss of over $120,000 in just under an hour.
The hack was carried out using a spear-phishing attack, one of the most successful forms of attacks to acquire sensitive information on the internet and is used by over 90% of hackers.
Using the credentials, the hacker was able to gain access to Twitter’s Slack account by coercing an employee then further proceeding to carry out a social engineering attack. The result was unauthorized access to over 120 notable Twitter accounts, including Ex-US President-Barack Obama, Current US President-Joe Biden, CEOs of billionaire corporations, Tesla and Microsoft, Elon Musk, and Bill Gates, amongst others.
Here are a few tips you can follow to thwart such attacks:
- Follow strong password practices, change it frequently, and implement MFA wherever possible.
- Be wary of unknown senders and suspicious email attachments.
- Train and educate your employees to make them more vigilant about credential stuffing, phishing, and other social engineering attacks.
5. The SolarWinds Hack:
Last but certainly not least comes the SolarWinds hack, which is definitely the most impactful attack on this list. The attack was uncovered on the 8th of December 2020 against the US-government managed companies and agencies like the State Department, Treasury, and Homeland Security, amongst others.
Known as a ‘Supply Chain attack,’ SolarWinds reported that this attack resulted in damages to over 17,000 of its clients, amongst which a huge number of Fortune 500 companies fall under. One of these clients, Microsoft, has reported evidence of malware on their systems.
The malware has been named “Sunburst” by the disclosing company, FireEye, and the attack itself was quite strategically carried out. The hackers first targeted the IT-management software, Orion, developed by SolarWinds. The attack was said to be initiated in the fall of 2020, stating that the hackers were monitoring several emails.
The hackers inserted a malicious code into Orion and released it as an update of that software, immediately infecting thousands of systems with malware. The attack is claimed to be a state-sponsored one, although the culprits are yet to be known.
The complex nature of the attack makes it quite difficult to boil the causes down to a few points. That is where extensive cybersecurity assessments like those carried out by Payatu are of crucial necessity. We have rich experience in building security programs from the ground up, including one for an Asian Governmental Agency which was under attack from its neighboring nations. Read more about it here
As once said, “Only a fool learns from his own mistakes. The wise man learns from the mistakes of others.” We hope this blog helped you attain a few key takeaways and also shed some light on why effective practices and cybersecurity assessments are crucial.
If you’re looking to get started with a cybersecurity assessment, get in touch with Payatu. We provide research-powered cybersecurity services and training. Through our innovative and extensive security assessments, you can be sure that security threats that may be looming around your applications and systems will be eliminated.
Payatu is a Research Focused, CERT-In impaneled Cybersecurity Consulting company specializing in security assessments of IoT product ecosystem, Web application & Network with a proven track record of securing applications and infrastructure for customers across 20+ countries.
Get in touch with us. Click on the get started button below.