2017 has been a year of several high-profile cyber-attacks with an excruciatingly large number of breaches originating from third-party software modules and compromised accounts. With hackers constantly trying to gain access to confidential data sets, it is important to look closely at the already concluded security incidents of 2017 and analyze the associated takeaways. With 2018 approaching, it is essential that IT administrators and CISOs revisit the biggest security scams of 2017 and plan the next course of action, accordingly.
The Infamous ‘Uber’ Hack
Although hackers broke into Uber’s secured database in 2016, the company publically acknowledged the breach only in 2017. The incident took place in October 2016, when two hackers siphoned off the personal details of more than 56 million customers. Uber tried to keep things under wraps by covering up the breach for almost a year. The organization also offered a sum of $100,000 to the attackers for removing the stolen data and information. However, much like other breaches of 2017, the Uber hack also showed up and caused severe reputational damage to the company. Moreover, Uber also had to deal with certain legal actions from the customers.
Lesson: Much like Uber, other companies that store information on cloud servers should look to encrypt the data, whenever possible. This approach minimizes the sudden threats associated with data breaches. In addition to that, companies, when and if attacked, shall reveal the information publically and notify the customers of the breach.
Ransomware became a common name across the globe in 2017 with WannaCry hitting multiple countries in May 2017. With UK’s primary healthcare provider, NHS, being the worst hit; there were many other big organizations across other countries that were a victim of the same ransomware attack. The WannaCry attack exposed the vulnerabilities associated with the Windows operating system where unpatched machines were infected, and the malware spread across LANs to cause multiple outages.
Lesson: Organizations must update the software units to minimize the system vulnerabilities. It is important to understand that ransomware threats thrive on endpoint security glitches and having a reliable security solution can certainly help organizations by ensuring patch management and timely software upgrades.
Petya Ransomware Attack
Soon after the WannaCry attack in May, another ransomware attack known as “Petya” hit the world in June 2017. Many organizations in US and Europe were crippled by the same. Petya used the same vulnerability as WannaCry but it was believed to be more lethal than the former.
Lesson: Similar to WannaCry, the only way to protect an organization against ransomware threats is to always keep the systems up to date, have endpoint security working at its best and maintain regular backups to restore services quickly in case enterprises do get hit by cyber attacks.
Breaking into the Accounting Firms
Although hackers were relentlessly trying to gain unsolicited access to the databases of reputed accounting firms, it was only in March 2017 that IT administrators could identify some of these attacks. While the attacks started way back in October 2016, the breaches and associated security incidents started showing up recently.
Lesson: Organizations must monitor and restrict privileged account access by securing the perimeters. Moreover, functional security services must be deployed for identifying any kind of suspicious behavior.
Cyber-Attack on the UK Parliament
While a quick cyber-attack on the UK government was successfully shutdown and precisely isolated, it definitely raised certain questions regarding the password safety. Almost 90 accounts were compromised as the hackers targeted addresses with weaker password protection. Every breached email account failed to abide by the basic password safety guidelines.
Lesson: Employees must be educated and trained regarding exceptional security hygiene. Password security and account management need to be prioritized for keeping the attacks to a minimum.
The ‘Equifax’ Security Breach
Equifax, one of the premium credit reference firms, encountered a breach where attackers exploited the vulnerability of a third-party Web Development Company for gaining unprivileged access to Equifax’s database. The hackers stole confidential data, social security identities and even the names of more than 143 million customers; thereby creating a sense of panic and pandemonium. What’s unfortunate is that the third-party Web development company, Apache Struts did issue a patch for fixing Equifax’s system vulnerabilities in March but the company didn’t address the same and the network was breached in May 2017.
Lesson: Although third-party services issue patches and upgrades, it is the responsibility of an enterprise to install the same, as soon as possible. Procrastinating patch installations can have fatal consequences.
The Role of Seqrite
Seqrite amalgamates every lesson and takeaway as a part of its cohesive Endpoint Security Solution. The security service provider assists with centralized and automated patch management followed by Intrusion Detection and Prevention techniques.
For preventing similar attacks, companies must try to ascertain the criminal methodologies associated with the mentioned breaches. Analyzing the attacks and theorizing the takeaways allow organizations to stay one step ahead of the threats waiting for them in 2018.