Six Cyber Attacks That Shook 2017

Even as the world is moving towards a life more digital than ever before, the threats associated with the digital world are multiplying manifold, threatening to disrupt life as we have now come to know it. 

Cyber attacks are nothing new, but their increasing number and growing potency have become causes for concern for governments all over the world. There has been a marked increase in the amount of information getting stolen online every day.

Add to this mix a secret ingredient called Crypto-currencies and you have a potential Hindenburg on your hands. Crypto-currencies are very useful for making discreet transactions and have the added benefit of increasing in value exponentially, which makes them very valuable to cyber criminals.

It is estimated that the total damage on account of various ransomware attacks this year might be in excess of USD 5 billion. It is also estimated that this cost will only increase exponentially over the next 5 years, while the cost of cyber security will correspondingly amount to USD 1 trillion dollars in the next four years.

Here’s a quick look at some of the most brutal cyber-attacks this year:

Shadow Brokers
This anonymous group of hackers first surfaced in August 2016 when they breached the spy tools of a National Security Agency (NSA)-led program known as the Equation Group. However, the group’s most impactful release came in April 2017 - a trove of NSA tools, including a windows defect called EternalBlue (NotPetya and WannaCry hackers have since exploited this defect to infect targets with ransomware). The tools were auctioned off on the dark web.

WannaCry
The most infamous ransomware attack of 2017 was a strain of ransomware called WannaCry that spread all over the globe.
The ransomware targeted numerous public utilities and large corporations, most notably National Health Service hospitals and facilities in the United Kingdom, hobbling emergency rooms, delaying vital medical procedures, and creating chaos for many British patients.Though the origin of WannaCry is not yet known, the US government has blamed the Kim Jong-un-led North Korean government for initiating the attack.

Petya/NotPetya
Another dangerous malware that affected people across the globe this year was NotPetya. The malware, which bore many similarities to the 2016 ransomware Petya (hence ‘NotPetya’), began spreading to computers around the world, including those belonging to corporate giants like the US-based pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosneft.The ransomware hit Ukrainian infrastructure particularly hard, disrupting utilities like power companies, airports, public transit, and the country's central bank. India was affected the most by NotPetya in the Asia-Pacific and region and was the seventh most affected globally, according to the cyber security firm Symantec.

Zomato Hack
This one principally affected India. Zomato, which is one of the largest restaurant aggregators in India, was hacked and some of its user accounts were being sold on the dark web. A post on a blog called Hackread cited how accounts of 17 million users were being sold on the dark web. The vendor had also shared a trove of sample data to prove that the data is legitimate. Luckily, as Zomato stores its user’s payment details at a separate location, none of the users encountered a financial loss.

The HBO Hack
Game of Thrones is easily the most popular television show to hit the screens in the last decade, maybe more. Everyone loves it, everyone wants more of it, and most of all, everyone wants to be associated with it. This held true for a bunch of hackers too. In July 2017, hackers claimed to have acquired 1.5 terabytes of data from HBO, which is the producer of the show, and released yet-to-be-aired episodes of shows like Ballers and Room 104 online. But HBO did not truly feel the heat of this attack before it became known that the script for Episode 4 of Season 7 of Game of Thrones, which was scheduled to be released the following week, was put up online for the whole world to see. This was followed by a series of threats and ransom demands to HBO, which if not met would result in the leaking of more episodes of the popular show. The details of the ransom demanded by the hackers have been kept top secret and HBO refused to comment on whether it paid the ransom or not.

Equifax
In July this year, a group of hackers penetrated Equifax, one of the largest credit bureaus in the world, and stole personal data of 145 million people.The Equifax breach is considered one of the worst incidents of hacking ever because of the sensitivity of information stolen,  which included credit card numbers, birthday details, social security numbers. The information could easily be used for identity theft or misrepresentation.The company drew a lot of flak after it took two months to reveal that a breach had taken place. 

The Equifax breach raised concerns over the amount of information data brokers collect on consumers, which can range from public records to mailing addresses, birth dates and other personal details.

Money Control

You Might Also Read: 

Equifax Executives Resign Without Charge:

Postmortem: WannaCry Ransomware Explained:
 

« British IT Bosses Fear Sophisticated Cyber Threats
FBI Fingerprint Software Might Contain Russian code »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Italian Association of Critical Infrastructure Experts (AIIC)

Italian Association of Critical Infrastructure Experts (AIIC)

AIIC acts as a focal point in Italy for expertise on the protection of Critical Infrastructure including ICT networks and cybersecurity.

Nok Nok Labs

Nok Nok Labs

Nok Nok is a market leader in next generation authentication for cloud, mobile and IoT applications.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Let's Encrypt

Let's Encrypt

Let’s Encrypt is a free, automated, and open digital certificate authority, run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

Innovex Global

Innovex Global

Innovex is a full-service executive search and advisory business that engages with early-stage startups, scale-ups, and established businesses in the Fintech, Cybersecurity and Technology industries.

Asimily

Asimily

Asimily’s IoMT risk remediation platform holistically secures the mission-critical healthcare devices that deliver safe and reliable care.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Awareness Software Limited (ASL)

Awareness Software Limited (ASL)

As Hosting Specialists, Awareness Software offer practical and affordable hosting solutions including backup and disaster recovery and a range of cybersecurity services.

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.