Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Top Cyber Attacks of 2020

January 28, 2021

With a lot of the world transitioning to working, purchasing, finding out, and streaming on-line through the coronavirus pandemic, cybercriminals now have entry to a bigger base of potential victims than ever earlier than.

“Zoombomb” grew to become the brand new photobomb—hackers would achieve entry to a non-public assembly or on-line class hosted on Zoom and shout profanities and racial slurs or flash pornographic images. Nation-state hacker teams mounted assaults in opposition to organizations concerned within the coronavirus pandemic response, together with the World Well being Group and Facilities for Illness Management and Prevention, some in an try and politicize the pandemic.

Even garden-variety cyber assaults like e-mail phishing, social engineering, and refund theft took on a darker taste in response to the widespread financial precarity introduced on by the pandemic.

“Hackers have been principally attempting to make the most of individuals’s concern by providing medical tools like thermometers and masks for affordable, low-rate mortgage provides and pretend authorities emails,” mentioned Mark Adams, a cybersecurity analyst and subject material knowledgeable for Springboard’s new Cyber Security Career Track. “You already know, the sorts of emails that say you owe X quantity in again taxes and you may be arrested if you don’t reply to this e-mail immediately!”

This is a more in-depth have a look at among the greatest cyberattacks of 2020.

Assault 1: Fraudulent unemployment claims rise in response to the pandemic

Unemployment claims soared to a document excessive of almost 23 million claims filed in Could, shortly after most U.S. states instituted lockdowns to forestall the unfold of the coronavirus. Two months later, the FBI reported a spike in fraudulent unemployment claims from hackers who had stolen taxpayers’ personally identifiable info and filed for unemployment insurance coverage whereas impersonating the sufferer.

“Tax scams are inclined to rise throughout tax season or throughout occasions of disaster, and rip-off artists are utilizing the pandemic to attempt stealing cash and knowledge from trustworthy taxpayers,” IRS Commissioner Chuck Rettig mentioned in an announcement.

Criminals steal this info in numerous methods, resembling buying stolen private information on the darkish internet, sending e-mail phishing scams, cold-calling the victims in an impersonation rip-off by pretending to be an IRS agent or financial institution consultant, or accessing the info from a earlier information breach or pc intrusion.

Every year, the IRS publishes a listing known as the Dirty Dozen, enumerating tax- and non-tax-related scams taxpayers ought to be careful for. In January, a U.S. resident was jailed for utilizing info leaked by means of a knowledge breach at a payroll firm to file a fraudulent tax return price $12 million.

For nationwide safety causes, authorities businesses are usually much less forthcoming about information breaches than personal firms, mentioned Adams.

“If individuals assume your company is susceptible then extra individuals will attempt [to hack you],” mentioned Adams. “It solely takes one large occasion to make it appear to be you do not have your act collectively.”

Assault 2: T-Cell breach exposes delicate buyer information—twice

In December, T-Cell revealed that it had been hacked as soon as once more, the fourth incident in three years.

Corporations which are repeat offenders for weak cybersecurity infrastructure typically make a acutely aware option to forgo further protections as a result of it is less expensive to pay the fines levied by the Federal Commerce Fee within the occasion of a breach, in accordance with Adams. It is unclear if T-Cell is certainly one of them.

“Some firms, together with banks, do a price/profit evaluation,” he mentioned. “In some circumstances, it is cheaper to take the hit. Slap us on the wrist so we will transfer on.”

The primary T-Cell assault of 2020 was confirmed in March 2020, when a cybercriminal gained entry to worker e-mail accounts and stole information on T-Cell workers and a few of its clients. For some customers, “social safety numbers, monetary account info and authorities identification numbers” have been stolen, whereas others merely had their account info seized.

The second attack was restricted to what the FCC regards as “buyer proprietary community info,” resembling cellphone numbers, the variety of strains related to the account, and details about calls positioned. T-Cell was cautious to say that the breach affected simply 0.2% of its 100 million-strong buyer base, which nonetheless equates to about 200,000 individuals. Stealing buyer metadata (details about a buyer’s transaction historical past that does not personally establish them) doesn’t allow a hacker to steal your identification or seize cash out of your checking account, however they can use this info along side one other scheme.

For instance, they’ll launch coordinated phishing assaults and cellphone scams. Social engineering refers back to the observe of utilizing verbal manipulation to coerce a sufferer into divulging their private info. These strategies develop into extra convincing when a hacker has detailed info on you, resembling your transaction historical past, making them look like a respectable name middle consultant.

Assault 3: Hackers attempt to meddle with the coronavirus pandemic response

In April, hackers focused high officers who have been engaged on the worldwide response to the pandemic. Whereas the World Well being Group itself wasn’t hacked, worker passwords have been leaked by means of different web sites. Most of the assaults have been phishing emails to lure WHO workers into clicking on a malicious hyperlink in an e-mail that may obtain malware onto their system.

Customers of web discussion board 4chan, which is now a breeding ground for alt-right teams, circulated over 2,000 passwords they claimed have been linked to WHO e-mail accounts, according to Bloomberg. Particulars unfold to Twitter and different social media websites, the place far-right political groups claimed the WHO had been attacked in a bid to undermine the perceived veracity of public well being tips.

“There’s positively a political facet to many [cyberattacks] and they’re going to typically do it to realize a political benefit or ship a message to an adversary,” mentioned Adams. “Or possibly it is simply to place that adversary on the defensive to see how they behave.”

In one other instance of hackers seizing upon the pandemic zeitgeist, some sent phishing emails impersonating the WHO and urging most of the people to donate to a fictitious coronavirus response fund, not the actual COVID-19 Solidarity Response Fund.

Assault 4: The FireEye assault that uncovered a significant breach of the U.S. authorities

When California-based cybersecurity firm FireEye found that over 300 of its proprietary cybersecurity merchandise had been stolen, it uncovered a massive breach that had gone undetected for an estimated 9 months.

That breach prolonged to over 250 federal businesses run by the U.S. authorities, together with the U.S. Treasury Division, Power Division, and even elements of the Pentagon.

However the breach did not begin with FireEye. The assault started when an IT administration software program firm known as SolarWinds was hacked, inflicting a few of its most high-profile clients to be breached, together with Fortune 500 firms like Microsoft, Intel, Deloitte, and Cisco. This domino impact is called a “provide chain” assault, the place the infiltration of 1 firm’s cybersecurity defenses renders all of its clients susceptible to assault.

Hackers additionally monitored the interior emails of the U.S. Treasury and Commerce departments, according to Reuters, which broke the information of the cyberattack in mid-December. Authorities officers and cybersecurity consultants say that Russia’s International Intelligence Service, often known as SVR, is behind the assaults. Investigators are nonetheless piecing collectively the main points of the breach to surmise the hacker’s intentions.

Software program firms are prime targets for cyberattacks for 2 causes. First, they’re below immense stress to launch new iterations and updates forward of their rivals, which might imply reducing corners on cybersecurity protections.

“That is one thing that has plagued the software program {industry} typically for the final twenty to thirty years,” mentioned Adams. “If there are delays in getting that subsequent product or replace out it simply does not look good as a result of that is income sitting on the desk.”

Secondly, attacking a software program firm permits hackers to breach extra victims than in the event that they focused a single firm or authorities entity. When a software program firm is hacked, and the breach goes undetected, hackers want solely infect a brand new software program replace or patch to breach the corporate’s clients. When the corporate unwittingly ships the contaminated software program, all of its clients who obtain it inadvertently set up the hacker’s malware onto their methods.

With Springboard’s complete Cyber Security Career Track, you may work 1:1 with an industry-mentor to be taught key features of data expertise, safety software program, safety auditing, and discovering and fixing malicious code. Studying items embody subject-expert accredited sources, application-based mini-projects, hands-on labs, and career-search associated coursework. Study extra about Springboard’s Cyber Security Career Track here.

Posted in SecurityTags:
Write a comment