Global in scale, with across the board press coverage, the WannaCry ransomware attack has quickly gained a reputation as one of the worst cyber incidents in recent memory. Despite the scale, this attack relied on the same tried and true methods as other successful malware: find exposed ports on the Internet, and then exploit known software vulnerabilities. When put that way, the attack loses its mystique. But there’s still a lot we can learn from this incident, and we’ve summed up the five most important takeaways to keep in mind going forward.
Retailers aren’t the only ones benefiting from increased sales around the holidays — scammers and hackers are seeing their own bump in business.
As the holiday season approaches, the world’s fraudsters, scammers, and blackhats can take no small measure of yuletide cheer from their work in 2016 - a banner year for hacking. Call it the dark side of technological innovation, an equal and opposite reaction to the increasing breadth and efficiency of the internet. 2016 was a record-breaking year for data breaches, powerfully affecting the spheres of life like never before - from a presidential election rife with electronic intrigue, to a business landscape increasingly shaped by hacking. But if there is a silver lining to be found, looking at the most damaging data breaches to actually occur in 2016, it is the depressing fact that some of the worst hacks exploited well-known vulnerabilities which could’ve been easily prevented.
On November 29th, after a high-profile year of published leaks and hacks targeting the Democratic Party, Wikileaks struck once more, albeit against an unexpected target: HBGary Federal, a now-defunct government contracting affiliate of the eponymous cybersecurity firm. It was not a name unfamiliar to online observers; in 2011, HBGary Federal CEO Aaron Barr had boldly claimed to have identified the leading members of internet hacking collective Anonymous, drawing attention from federal investigators eager to identify and arrest the culprits behind DDoS attacks in support of Wikileaks.
The election year is officially underway, but for non-voters and the apathetic—another reason not to register to vote has surfaced: on December 20th, 2015, a security researcher discovered a publicly exposed database of 191 million voter registrant records—names, addresses, dates of birth, phone numbers, party affiliations, state voter IDs, and more—posted online and freely accessible.
The figures are staggering: 21.5 million records containing social security numbers, names, places of birth, addresses, fingerprints, and other highly sensitive personal data—stolen by cyber attackers.
It's been barely a month since the VTech data breach resulted in the theft of over 6.4 million children's records, and yet another massive compromise affecting kids' data privacy is upon us—this time involving venerable children's toy and accessory brand Sanrio (of Hello Kitty fame). The data leak resulted in the exposure of details from more than 3 million user accounts: first/last names, birth dates, genders, countries, and email addresses, all openly available to the public. With children becoming prime targets for cyber criminals seeking low hanging fruit, companies that deal with and manage minors' data are increasingly under pressure to bolster their security controls and practices.
There's a classic line (one out of many) in the movie Casino by DeNiro's character Ace Rothstein: "Since the players are looking to beat the casino, the dealers are watching the players. The box men are watching the dealers. The floor men are watching the box men. The pit bosses are watching the floor men. The shift bosses are watching the pit bosses. The casino manager is watching the shift bosses. I'm watching the casino manager. And the eye-in-the-sky is watching us all.”
In a news flash buried beneath a slew of other notable security news items, UCLA Health revealed last week it was the victim of a massive data breach that left 4.5 million patient records compromised. Like previous attacks on Anthem and Premera Blue Cross, the intrusion gave hackers access to highly sensitive information: patient names, addresses, date of births, social security numbers, medical conditions, and more. And while matters around healthcare IT have taken center stage as of late, the ineffective security at leading institutions of higher education and research is equally distressing.
Every year, Verizon compiles data from a list of prominent contributors for its annual report highlighting trends and statistics around data breaches and intrusions from the past year. The 70-page Data Breach Investigations Report (DBIR) covers a myriad of data points related to victim demographics, breach trends, attack types, and more. Reviewing these shifting security trends can give indications as to how well-postured one’s organization is against future threats. And just in case you’ve got your hands full patching server vulnerabilities, we’ve done the legwork of expanding on a few critical key points from the report.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.