2020 Roundup: Notable Cyberattacks This Year
Today we’re taking a look at some of the biggest cyberattacks this year. If 2020 has proved anything, it’s that cybercriminals never miss an opportunity, and the pandemic has provided them an opportunity too good to miss.
With many businesses forced out of their offices earlier this year (and many still operating under work-from-home conditions), cybersecurity precautions typically present in an office environment vanished, and many workers were left to their own devices (in more ways than one).
This meant millions of people working without adequate cyber protections. Add into the mix the many anxieties that can be preyed on by hackers and you have a recipe for disaster from a security perspective.
It should come as little surprise that 2020 has been a benchmark year in terms of cyberattacks. Estimates indicate that more data records had been breached in the first six months of 2020 alone than any other year on record.
Let’s round up some of the biggest cyberattacks this year and what we’ve learned from them.
In the summer of 2020, Twitter became the victim of an unlikely attack.
At least 130 high-profile accounts, from Apple to Bill Gates to Kim Kardashian, were compromised, commandeered, and ultimately used to promote a bitcoin scam which encouraged users to send money to an address they linked to.
The perpetrators racked up tens of thousands of dollars before the address was blacklisted. In the end, a Florida teenager and two others were arrested and charged.
How did they do it?
The hackers phoned up Twitter consumer support and tech support pretending to be from the company’s IT department, instructing employees to go to a dummy site they’d created and “reset” their passwords—in actuality, they were just inputting their information and handing it straight over to the hackers.
The majority of Twitter employees who were phoned guessed that something was off and passed a message their IT security before moving on with their day.
A few, however, fell for the ruse that led to the compromise of accounts.
Twitter’s summer scrape with hackers showed once again how important it is to train employees to know what to look for in a phishing attack—all it takes is one person for a cybercriminal to get what they need.
Number of accounts affected: 130+
A more recent and very severe attack has been the breach of SolarWinds carried out by a Russian intelligence agency.
SolarWinds provides IT management services to many different companies, so the scale of the attack, which so far includes entities as diverse as Microsoft and the US Treasury Department, is significant.
In total, SolarWinds contacted 18,000 customers to notify that they were compromised during the attack.
How did they do it?
The hackers gained access to the system which SolarWinds uses to update its Orion solution.
From there, they inserted malicious code into a new update that was scheduled to be rolled out. When customers updated their product, they also inadvertently ended up installing dangerous malware.
Instead of having to attempt to trick users or employees through phishing, this attack represents a much more effective method—users were not directly hacked, but instead the victims of a Trojan Horse method.
Businesses should have a comprehensive monitoring system for their network, incorporating machine learning and threat detection that helps identify users in a system who shouldn’t be there or are not credentialed properly.
Related Post: What Is Next-Gen Antivirus?
Number of accounts affected: 18,000+
Note: Impact Networking partners with SolarWinds but was not affected by this hack in any way.
Blackbaud is a provider of IT services for 45,000 nonprofit organizations in 100 countries.
In May 2020, Blackbaud was hit by a ransomware attack, encrypting systems in hospitals, universities, and schools and preventing access to crucial data.
In the end, Blackbaud agreed to pay the hackers the ransom they demanded, in exchange for assurances that the stolen data had been deleted.
How did they do it?
So far, the perpetrators behind the Blackbaud attack are unidentified, but they did pursue the increasingly common method of “double extortion”. In other words, demanding payment for decrypting a company’s files, and then making an additional demand or else leak their data to the public.
In this particular case, Blackbaud is stuck between a rock and a hard place—a business that provides services to nonprofits is under extreme pressure to safeguard data and operational processes; many would be sympathetic to the paying of the ransom.
Paying the money in ransomware cases does, however, only prove to embolden hackers, who will continue to refine their techniques and attack other businesses.
Ransomware attacks cost businesses about $8 billion over the last year.
Number of people affected: 6 million+
It’s not uncommon for hackers to target the hospitality industry, which as far as they’re concerned is nothing more than a goldmine of valuable personal customer information.
The Marriott breach back in 2018 is one of the best examples of how bad a breach can be in hospitality.
Carnival Corporation revealed they were the victim of a ransomware attack in August 2020, telling customers that the likelihood of data being misused was low.
How they responded
The interesting aspect of the Carnival attack is not necessarily the scale of the attack or how it was perpetrated, but rather how the company itself responded.
They immediately said that only a small amount of personal data was stolen, but neglected to say what that personal data was. It is also unclear whether or not they paid the ransom demanded by the hackers.
When a business is breached, it’s important that they have business continuity systems in place that can get operations up and running as soon as possible.
IT decision makers are virtually unanimous in believing that their organizations are susceptible to external attacks, and 71% of these decision makers say they don’t have the cybersecurity infrastructure to prepare for an attack.
Related Post: Stopping Data Breaches In Hospitality
Such is the prevalence of ransomware attacks today, and the compliance of businesses who insure against it without adequate protections, that an industry has arisen—ransomware-as-a-service.
As these actors are rewarded for their work, the sophistication of their campaigns will increase, and more ransomware attacks can be expected.
In any case, companies still need to invest in proper cybersecurity practices that can defend them against attacks on their system.
Even if a company is fully insured against an attack, that alone will not comfort a customer, and the reputational harm caused by a data breach is extremely costly.
It’s more important than ever for organizations to assess and ensure that their cybersecurity programs are up to date.
Subscribe to our blog to receive more insights into business technology and stay up to date with marketing, cybersecurity, and other tech news and trends (don’t worry, we won’t pester you).