2020 has been a year to remember! Apart from a virus turning our lives upside down, there has been no dearth of Cybersecurity incidents this year!
Whether it is offensive security strategies or defensive security strategies, most organizations try to stay on top of the game by constantly keeping themselves educated with the latest threats and exploits. In spite of this, there are always surprises in store on the Cybersecurity front. Here are the top 5 Cybersecurity incidents in 2020 and surprises that rocked this year.
Major newspapers worldwide reported on December 13, 2020, that the US Department of Treasury and Commerce were subjected to expert cyber attacks by foreign entities. It was suspected that the email addresses of these departments were breached. It was also suspected that there might be more departments involved in this breach, which may have been going on for a long time.
Further information revealed that all the departments’ email systems might have been monitored for quite a period of time. The cyberattack was carried out by a group known as “APT29 or Cozy Bear,” and the attackers may have used Microsoft 365 email as an attack vector.
SolarWinds is the company that provided the software to the various departments and organizations, and it is estimated that fewer than 18,000 organizations might have installed a patch for a vulnerability that might have been exploited for the sophisticated attack.
This is an ongoing investigation, and more organizations are still beginning to understand the breadth of the attack. The Cybersecurity and Infrastructure Security Agency (CISA), which is one of the divisions of the Department of Homeland Security, is helping with the investigation.
‘FireEye’ is an “intelligence-led security company” that provides services in network security, endpoint security, and other areas for different organizations.
The ‘FireEye’ cyber attack On December 8, 2020, was carried out by a highly sophisticated set of attackers using novel techniques. The attackers are said to have used techniques that were not witnessed previously in the past. It has been understood that attackers gained access to FireEye’s Red Team tools. According to the FireEye blog, the team has not understood whether the attackers plan to use the Red Team tools for their own benefit or disclose them openly.
On its part, FireEye has developed several countermeasures that will thwart any usage of the stolen Red Team tools. It has also incorporated countermeasures into its security products.
FireEye is working with the Federal Bureau of Investigation, Microsoft, and other organizations to get more answers.
In the wake of the Coronavirus pandemic in March of 2020, the world adjusted to a new way to do business/academics and other social interactions. This introduced video conferencing software such as Zoom into our living rooms and study and dining tables! Even though the Zoom software alleviated most of our business and academic concerns and life could move forward, it did come with its own share of Cybersecurity woes.
‘Zoombombing’ became a word, and unwanted guests were part of business and school meetings. Besides, Zoom was accused of leaking unauthorized data to Facebook. Personal videos of children and telehealth consultations on Zoom were found online.
All these issues propelled many governments and business organizations to ban the use of Zoom. However, by June 2020, Zoom CEO said that he resolved to fix most security issues within 90 days. Zoom 5.0 came with enhanced security features such as stronger data encryption, and password locked meetings by default, and more.
These security features helped offset some of the concerns that users had, and Zoom was back in business again with enhanced security rules and regulations for users!
On July 15, 2020, Twitter was subjected to a social engineering attack that compromised the verified Twitter accounts of Jeff Bezos, Elon Musk, Bill Gates, Barack Obama, and others. Hackers sent fake messages from these high profile handles. The fake Tweets said that Bitcoin sent to the link in the Tweet would be doubled. These fake Tweets were later deleted by Twitter, and the compromised accounts were locked.
How did this happen?
Some employees of Twitter were subjected to a phone spear-phishing attack, and through this, hackers gained access to the internal network and internal support tools of Twitter.
This allowed hackers even to penetrate the 2-factor authentication system and access the affected profile’s password and send out fake Tweets. For 8 of the affected Twitter accounts, hackers were able to download “Your Twitter data Tool,” which holds Twitter account details and activity.
Twitter swiftly moved and employed all remediation steps. Affected accounts were locked, tweeting and changing passwords was prevented. Access to internal networks was also revoked, thus bringing the systems under total lockdown.
Going forward, Twitter has employed better security protocols and mechanisms and also beefed up its methods to prevent unauthorized access to internal systems.
The Maze ransomware discovered in 2019 was also known as “ChaCha ransomware.” It created more havoc than the other ransomware that was already floating around. In a ransomware attack, a hacker typically encrypts the files and locks the screen of the user. The files are decrypted and released after the user pays a ransom amount.
But in the case of the Maze ransomware, if the user did not abide by the ransomware rules and did not pay the amount, the hackers threatened to release the stolen files onto their public site!
The ‘Maze ransomware’ infected systems using exploit kits, email impersonation, and weak passwords.
Some of the Maze Ransomware attack victims included Xerox, cyber insurance giant Chubb, Wire and cable maker Southwire, and Cognizant.
2020 has seen it all! From Zoombombing to Ransomware threats to lingering threats on US Federal and State systems, there are breaches and data security incidents everywhere.
The recent cyberattacks in 2020 showcase an alarming trend. What will 2021 bring? Let’s be prepared with our Cybersecurity arsenal!