Six Cyber Attacks That Shook 2017

Even as the world is moving towards a life more digital than ever before, the threats associated with the digital world are multiplying manifold, threatening to disrupt life as we have now come to know it. 

Cyber attacks are nothing new, but their increasing number and growing potency have become causes for concern for governments all over the world. There has been a marked increase in the amount of information getting stolen online every day.

Add to this mix a secret ingredient called Crypto-currencies and you have a potential Hindenburg on your hands. Crypto-currencies are very useful for making discreet transactions and have the added benefit of increasing in value exponentially, which makes them very valuable to cyber criminals.

It is estimated that the total damage on account of various ransomware attacks this year might be in excess of USD 5 billion. It is also estimated that this cost will only increase exponentially over the next 5 years, while the cost of cyber security will correspondingly amount to USD 1 trillion dollars in the next four years.

Here’s a quick look at some of the most brutal cyber-attacks this year:

Shadow Brokers
This anonymous group of hackers first surfaced in August 2016 when they breached the spy tools of a National Security Agency (NSA)-led program known as the Equation Group. However, the group’s most impactful release came in April 2017 - a trove of NSA tools, including a windows defect called EternalBlue (NotPetya and WannaCry hackers have since exploited this defect to infect targets with ransomware). The tools were auctioned off on the dark web.

WannaCry
The most infamous ransomware attack of 2017 was a strain of ransomware called WannaCry that spread all over the globe.
The ransomware targeted numerous public utilities and large corporations, most notably National Health Service hospitals and facilities in the United Kingdom, hobbling emergency rooms, delaying vital medical procedures, and creating chaos for many British patients.Though the origin of WannaCry is not yet known, the US government has blamed the Kim Jong-un-led North Korean government for initiating the attack.

Petya/NotPetya
Another dangerous malware that affected people across the globe this year was NotPetya. The malware, which bore many similarities to the 2016 ransomware Petya (hence ‘NotPetya’), began spreading to computers around the world, including those belonging to corporate giants like the US-based pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosneft.The ransomware hit Ukrainian infrastructure particularly hard, disrupting utilities like power companies, airports, public transit, and the country's central bank. India was affected the most by NotPetya in the Asia-Pacific and region and was the seventh most affected globally, according to the cyber security firm Symantec.

Zomato Hack
This one principally affected India. Zomato, which is one of the largest restaurant aggregators in India, was hacked and some of its user accounts were being sold on the dark web. A post on a blog called Hackread cited how accounts of 17 million users were being sold on the dark web. The vendor had also shared a trove of sample data to prove that the data is legitimate. Luckily, as Zomato stores its user’s payment details at a separate location, none of the users encountered a financial loss.

The HBO Hack
Game of Thrones is easily the most popular television show to hit the screens in the last decade, maybe more. Everyone loves it, everyone wants more of it, and most of all, everyone wants to be associated with it. This held true for a bunch of hackers too. In July 2017, hackers claimed to have acquired 1.5 terabytes of data from HBO, which is the producer of the show, and released yet-to-be-aired episodes of shows like Ballers and Room 104 online. But HBO did not truly feel the heat of this attack before it became known that the script for Episode 4 of Season 7 of Game of Thrones, which was scheduled to be released the following week, was put up online for the whole world to see. This was followed by a series of threats and ransom demands to HBO, which if not met would result in the leaking of more episodes of the popular show. The details of the ransom demanded by the hackers have been kept top secret and HBO refused to comment on whether it paid the ransom or not.

Equifax
In July this year, a group of hackers penetrated Equifax, one of the largest credit bureaus in the world, and stole personal data of 145 million people.The Equifax breach is considered one of the worst incidents of hacking ever because of the sensitivity of information stolen,  which included credit card numbers, birthday details, social security numbers. The information could easily be used for identity theft or misrepresentation.The company drew a lot of flak after it took two months to reveal that a breach had taken place. 

The Equifax breach raised concerns over the amount of information data brokers collect on consumers, which can range from public records to mailing addresses, birth dates and other personal details.

Money Control

You Might Also Read: 

Equifax Executives Resign Without Charge:

Postmortem: WannaCry Ransomware Explained:
 

« British IT Bosses Fear Sophisticated Cyber Threats
FBI Fingerprint Software Might Contain Russian code »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

International Accreditation Forum (IAF)

International Accreditation Forum (IAF)

The IAF is the world association of Conformity Assessment Accreditation Bodies. Its primary function is to develop a single worldwide programme of conformity assessment.

SITA

SITA

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry including vulnerability assessments and managed security services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Techleap.nl

Techleap.nl

Techleap.nl is a non-profit publicly funded organisation helping to quantify and accelerate the tech ecosystem of the Netherlands.

Elysium Analytics

Elysium Analytics

Elysium Cognitive Security Analytics delivers the latest and most flexible security system to reduce cost and complexity while providing unmatched scalability.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

Secuvant

Secuvant

Secuvant is an independent IT Security firm providing enterprise-grade IT security services to mid-market organizations.

Marcum Technology

Marcum Technology

Marcum Technology consultants are focused on helping you reach your company’s full potential by exploring creative ways to integrate tomorrow’s technology into your business today.

CSIR Information & Cybersecurity Research Centre

CSIR Information & Cybersecurity Research Centre

The CSIR Information & Cybersecurity Research Centre focuses on research, development, and innovation of home-grown cyber and information security.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

Sitehop

Sitehop

Sitehop is a cybersecurity technology company developing and supplying FPGA hardware-enforced cyber security solutions for networks.

TriVigil

TriVigil

TriVigil offer a full-service, comprehensive cybersecurity approach specifically tailored to meet the unique needs of educational institutions.

JustunSecure

JustunSecure

JustunSecure is dedicated to promoting information technology and cybersecurity in Africa.