At the end of last year, we said that in 2021 Ransomware would stay, and the big trends will be third party attacks and cyber terrorism. While no one likes to say “I told you so,” especially when it comes to cybersecurity, the past 12 months have seen headlines after headlines about ransomware attacks, third party hacks, and valuable data breaches (like EMRs) and even some cyber espionage. 2021 highlighted vulnerabilities within Third Party Connections, watched hackers get smarter and better, and showed how devastating it can be in the real world. You only need to look at three of the biggest data breaches of 2021 to see the rising trends.
SolarWinds: The 2020 data breach that lasted through 2021
Technically, it is SolarWinds Cyber Attack happened in late 2020, but the aftermath was felt throughout 2021. A malicious group – led by a Russian intelligence group – enforced one of the biggest data breaches in 2021 by breaching SolarWinds by inserting bad code into an update for Orion, the company’s network management system. Then the group emailed this update, essentially phishing 18,000 vendors. These providers included large government agencies such as sections of Homeland Security and the Treasury. It is possible based on an NPR reportthat the hack was targeted at SolarWinds dot gov customers.
The response showed another major trend this year: more regulation. The Biden government imposed sanctions on Russia, which it held to be responsible. Furthermore, this major hack could have been the attack that changed cyber warfare since cybersecurity has become an important part of it. became Biden’s infrastructure goals and bill.
The colonial pipeline rupture that caused a gas shortage
In May, a ransomware attack targeted the computerized equipment of Colonial Pipeline – a large oil pipeline company – that was part of their larger accounting system. In response, Colonial Pipeline shut down its systems to contain the attack. This led to panic buying and gas shortages on the east coast, and cost the company at least $ 5 million.
This latest cyberattack, which paralyzed not only systems but also gas pumps across the country’s southeast, has shown how vulnerable it is Supply chains can lead to violations, and how devastating a hack can be to critical infrastructure.
The Kaseya ransomware spread around the world
In the age of globalization, the hack of a system can spread far and wide. Not only was Kaseya, an IT software company, hacked, but the attackers were able to hack a software update and distribute it to hundreds of customers. Not just one, but hundreds of customers – including a grocery chain, schools, and a national railroad system – were hit by ransomware at the same time.
Hackers want to maximize profits. You aspire to the big game to get the big rewards and when Ransomware levels hit all-time highs, it’s no surprise that a group would try to see if hundreds of systems could be hit at the same time.
What do the biggest data breaches of 2021 have in common?
There are three things: if you hack one, you can crack many, there is ongoing mismanagement of critical access points, and the real-world consequences of digital breaches.
No server is an island, and 2021 has highlighted the ripple effect that a breach of just one system can have, especially when that system is connected to hundreds or thousands of vendors. Third parties are still an organization’s most vulnerable connection point, and 51% of all violations are caused by third parties. SolarWinds is a provider of large government agencies, each of which contains a large amount of private, sensitive information. Just by breaking into part of SolarWinds, part of the US government was instantly vulnerable to hackers.
Third party vendors aren’t the only vulnerability to a system. Every critical access point must be protected. Colonial Pipeline should have shut down VPNs in time to protect their systems and should have been more in place to prevent sideways movement, which in turn could have prevented a full system shutdown. SolarWinds needed to better protect access to Orion systems and vendor email, and Kaseya needed to protect access to the software update programs. Failed to secure access points and critical assets can have significant consequences, creating a chain reaction with ramifications beyond the business itself.
These effects quickly extend into the real world. The data breach in the Colonial Pipeline showed how a software breach can quickly become a gas shortage. As the world is becoming more and more online, systems are growing together and critical infrastructures are becoming a sought-after target for hackers, the threat is not just a system failure, but also a gas system, a health organization, or more down.
How to stay safe in 2022
Critical Access Management is key to protecting a company from data breaches and potential cyber attacks. By implementing solutions that follow the three pillars of critical access management:Access governance, Access control, and Access monitoring—An organization is able to get an overview of who has access to what and implement it fine-grained access controls like Zero Trust Network Access, and be able to be better Monitor access for education and prevention.
As 2021 has shown and as 2022 will certainly show again, hackers are counting on apathy and will continue to find vulnerabilities in organizations that can be exploited. Securing access points and assets is no longer optional – it’s critical.
*** This is a syndicated blog from the Security Bloggers Network from SecureLink written by Isa Jones. Read the original article at: https://www.securelink.com/blog/reviewing-the-biggest-data-breaches-of-the-year/
#biggest #data #breaches