Cyber threats are multiplying at an uncontrollable rate and 2017 hasn’t been any different. While global damages, concerning cybersecurity, are expected to surpass $5 billion by the end of this year, the actual predicament is the supposed yearly growth which is somewhere in the ballpark of 350 percent. If the condition isn’t nipped in the bud, these threats might lead to bigger issues in the subsequent years. Looking at the cyber threat landscape for 2017 gives us a fair idea regarding the expected threats, security incidents and other forms of cybersecurity crisis, waiting for us in 2018. The 2017 threat landscape enlists the major data breaches and ransomware attacks that took the global online domain by surprise and crippled several IT security networks.
Probably the biggest ransomware attack of 2017, WannaCry created a lasting impression by plaguing 300,000 computers — spanning across 150 countries. WannaCry automatically encrypted the data of the infected computers and demanded Bitcoin payments for the decryption key. The WannaCry ransomware leveraged a minor vulnerability within the Windows OS. Despite, Microsoft releasing the patch a few weeks before the attack, the malware crept in via systems which weren’t updated. The estimated financial loss due to WannaCry was close to $4 Billion globally.
One of the largest credit reporting firms, Equifax, encountered a massive breach that compromised the personal details of more than 145 million customers. The hackers exploited existing vulnerabilities and initiated attacks that possibly triggered personal identity theft. The most frightening aspect of this breach is that while the possibility of the attack was somewhat known to the company, it missed judging the magnitude of the impact and hence did not proactively correct the security lapse. The attack created massive outrage amongst people and caused the company CEO to resign.
Cybersecurity administrators encountered a Petya like vulnerability in July 2017, named NotPetya. While the initial impressions were similar to that of Petya, this malware went a step further and encrypted data of the infected systems. Although payments were demanded for the decryption key, NotPetya caused irreparable damage to the affected hard drives.
The Cloudbleed Bug
Initially discovered in February 2017, the Cloudbleed bug leaked user data by exploiting glitches within the CloudFlare database. However, this bug didn’t show up suddenly and was actually bothering the data subjects for the past six months before getting discovered. This bug primarily affected FitBit and Uber users.
Our discussion regarding the 2017 cyberthreat landscape would be incomplete without mentioning a cryptocurrency heist. The Ethereum crisis involved breaking into one of the largest online cryptocurrency trading platform, CoinDash. The hacker hijacked the platform and stole more than $7 million worth of Ethereum.
The Infamous Game of Thrones Leak
A high-profile cybersecurity attack plagued the telecast of Game of Thrones where hackers kept leaking episodes and scripts. This incident took place in July and the attackers asked for money in return of at least 15 terabytes of stolen data. This leak was followed by another attack on HBO’s social media identity.
Breaching the Zomato Database
Indian company Zomato encountered a catastrophic cybersecurity breach where at least 17 million records were stolen. Based on the reports and surveys, the Zomato breach was the 6th largest global attack. For mitigating the risks and damages, Zomato asked the users to immediately change their login credentials.
While the first half of 2017 saw inordinate security meltdowns, the other half witnessed steps to mitigate the threats and minimize the encountered damages. Although the enlisted threats and cybersecurity attacks aren’t segregated chronologically, studying them can still help businesses stay vigilant in 2018. However, the nature of malware threats, ransomware attacks, data breaches, infiltrations and even security incidents are evolving with time and it is important that companies hire equipped security services providers like Seqrite for keeping up with the hackers.