The Covid-19 pandemic has proven to be more than just an attack on lives. It is also the cause of a significant increase in the number of cyber attacks and security breaches. With a new remote workforce and a lack of adequate protection for thousands of businesses around the world, the environment was ripe for cyber criminals to take advantage of. That’s exactly what they did. According to Reports Issued by Identity Theft Resource Center (ITRC), the number of data breaches through September 30, 2021 exceeded the total number of events for the full year (FY) of 2020 by 17%. From politically motivated hacks to disruptive supply chain attacks, cybersecurity has become a term that affects almost everyone.
Here’s a round-up of the 8 biggest security breaches of the year.
1. Volkswagen data protection breach
Volkswagen reported a data breach by an unauthorized third party in June. Affected by over 3.3 million customers, an electronic file left unsecured by their marketing provider was the cause of the security breach. The file contained customer data that was used for sales and marketing purposes between 2014 and 2019. The hacker was identified under the pseudonym “000” and wanted to sell the contents of the database for around US $ 5,000. The leaked information consisted of names, postal addresses, cell phone numbers, social security numbers, driver’s license numbers, tax identification numbers, and the make and models of the vehicles purchased / leased / requested.
2. SocialArk data breach
SocialArks, the China-based platform that leads marketing, branding and social customer management, suffered a massive data breach in January. The cause of the leak was a cloud misconfiguration that exposed 318 million records with 400 GB of public and private profile data – including celebrity and influencer profiles – from 214 million social media users around the world.
All data disclosed comes from users’ Facebook, Instagram and LinkedIn profiles and includes their names, country of residence, contact information, work position, subscriber details and direct links to their profiles. The attack was initiated by a vulnerability in their ElasticSearch database, which exposed their server without usernames or passwords to protect the stored data.
Image source: istockphoto
3. Kaseya ransomware attack
In July 2021, the IT management and security software company Kaseya suffered a ransomware attack by the Russian hacker organization REvil that claimed $ 70 million. The company’s Remote Monitoring and Management (RMM) solution was targeted for a SQL vulnerability that affected nearly 1,500 companies – including schools, hospitals and a Swedish supermarket chain – in the attack.
The hackers used a zero-day exploit to bypass authentication protocols and execute arbitrary commands in Kaseya’s Virtual System Administrator. Then a fake software update introduced a malicious payload into their customers’ systems. Up to a million systems have been encrypted and reserved for ransom.
4. ParkMobile data breach
The cashless parking app ParkMobile suffered a data breach in March in which the personal data of its users was compromised. The breach was caused by a vulnerability in a third-party software integration that resulted in critical customer data such as phone numbers, email addresses, license plates, vehicle nicknames and addresses of 21 million customers being leaked and sold on the dark web. The hackers accessed encrypted passwords, but not the encryption keys required to read the passwords.
5. Colonial Pipeline Ransomware Attack
Image source: istockphoto
In April, a major fuel company, Colonial Pipeline, experienced a ransomware attack that disrupted its gas supply chain. A hacker organization called DarkSide targeted the company’s billing system and internal business network and stole nearly 100 gigabytes of data.
The company’s old VPN system lacked multifactor authentication, which made it easily accessible via a single password without the need for a second step of text or email verification to keep the hackers away once they figured out the password . The ransomware attack shut the line for several days, leading to spikes in gasoline prices, fuel shortages and panic buying.
6. Android data breach
In May, the personal information of more than 100 million Android users was revealed due to numerous configuration errors in third-party cloud services. The personal data was found in unsecured real-time databases used by 23 applications with downloads ranging from 10,000 to 10 million. All sensitive data – name, email address, chat messages, date of birth, gender, photos, location, passwords, phone numbers, payment information and push notifications – can be accessed by anyone. This breach was caused by misconfigured cloud services – something that a company as large as Google can be vulnerable to.
7. T-Mobile data breach
Telecommunications giant T-Mobile faced a data breach in August that compromised the personal information of nearly 54 million people. There were two stacks of exposed data. The first consisted of the customers ‘social security numbers, dates of birth, addresses, and driver’s licenses, while the second contained the customers’ IMEI and IMSI numbers. The hacker responsible for the attack gained access to T-Mobile’s internal infrastructure via an unsecured router.
What can we learn from these data breaches?
Enforce endpoint protection
Organizations need to properly identify all of their devices and systems and secure them with endpoint protection. You should also monitor every single device connected to your network.
Check third party providers
Before companies work with third party vendors, they should make sure they are legitimate and trustworthy or not. Access controls for third-party software within organizations should be regularly monitored and maintained.
Encrypt sensitive data and use RBAC
It is important to encrypt sensitive data and store it in secure locations. Organizations need to control who has access to sensitive data. And control of access to critical data includes both physical and digital access to systems and data. All systems and physical locations should be protected with multiple layers of security and only accessible to authorized personnel.
Keep systems up to date
Organizations should perform system audits on a regular basis to identify vulnerabilities and apply patches automatically.
Training of employees, partners and users on the subject of security
Organizations should ensure that their employees and users make safe online decisions and take responsibility for their cybersecurity positions. It is important for companies to review all of their current and potential employees. They should also enforce effective training for their employees to teach them best safety practices and ways to minimize harm in the event of a breach.
The use of multi-factor authentication is essential for the security of users – be it end users or employees. It’s easy to implement and one of the strongest defenses against an attack.
Data breaches are always a question of when, not if, as they can arise from a wide variety of attack vectors, each of which is just as dangerous as the other. Organizations must stay one step ahead of attackers to protect user information and other sensitive data. This article highlights some of the major violations of this year, while also serving as a guide to learn from.
Recommended image source: istockphoto
#biggest #vulnerabilities #learn