It’s not just companies, it’s countries that get hacked these days. Here are some examples from the United States:
➤ The big story was the Solar Winds case last month. One version is that an intern thought that SolarWinds123 was a safe password:
At this point though, it’s still uncertain whether the password leak played a role in the SolarWinds hack, CNN noted, which is believed to be the largest foreign intrusion campaign in U.S. history. This month, White House national security adviser Anne Neuberger stated that approximately 100 different companies and nine federal agencies, including the one that oversees the country’s nuclear weapons, had been compromised by foreign hackers.Jody Serrano, “SolarWinds Officials Throw Intern Under the Bus for ‘solarwinds123’ Password Fail” at Gizmodo (February 27, 2021)
The hackers were also targeting NASA and the Federal Aviation Administration (FAA):
➤ Then there were the hackers who were targeting the US military and others, offering jobs in the aerospace:
Stating that the campaign was highly targeted, ESET said it relied on social engineering tricks to lure employees working for the chosen companies with fake job offers using LinkedIn’s messaging feature, posing as HR managers of well-known companies in the aerospace and defense industry, including Collins Aerospace and General Dynamics.
“Once the contact was established, the attackers snuck malicious files into the communication, disguising them as documents related to the advertised job offer,” the researchers said, based on an investigation with two of the affected European companies.
The decoy RAR archive files, which were directly sent over the chats or as emails sent from their fake LinkedIn personas pointing to an OneDrive link, purported to contain a PDF document detailing salary information of specific job positions, when in actuality, it executed Windows’ Command Prompt utility to perform a series of actions…Ravie Lakshmanan, “Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs” at Hacker News (June 17, 2020)
The primary purpose seems to have been espionage.
➤ It’s not just the United States: In Europe, hackers got hold of regulatory agency data about promising COVID-19 vaccines:
The European Medicines Agency based in Amsterdam first disclosed the breach. The statement said only that the EMA had been subject to a cyberattack and that it had begun a joint investigation along with law enforcement. The agency didn’t say when the hack happened or whether the attackers sought vaccine information, tried to infect the network with ransomware, or wanted to pursue some other purpose. An EMA spokesperson said in an email that “the Agency is fully functional and work continues.”Dan Goodin, “COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator” at ArsTechnica (December 9, 2020)
➤In 2019, a hacker broke into the Bulgarian national tax agency and posted the data from five million taxpaying adults online. Blogger Asen Genov found his own data online. Why do they do it? “’You can make (your password) longer and more sophisticated, but the information the government holds are things that are not going to change,’ said Guy Bunker, an information security expert and the chief technology officer at Clearswift, a cybersecurity company.” (FoxCarolina, July 21, 2019). That’s pretty much true everywhere.
But hackers also attack vital services:
➤ Hospital ransomware attacks: Ransomware means that the hacker wants money to give you your data again. Ransomware attacks on the health care system are “skyrocketing,” according to Forbes (January 28, 2021). Health care information, because it is sensitive, can be very useful. In 2020, the University of California at San Francisco paid $1.14 million to criminal hackers to get back the School of Medicine’s data.
The COVID crisis has spiked the number of such attacks on hospitals. In one hospital hack last September, staff reported conditions like these: “Our ER is closed to ambulances and OR’s are closed and all ambulances and surgeries are being rerouted.” (USA Today, September 28, 2020)
Private companies that have been hacked in recent years include Microsoft (2019, 220 million entries exposed), MGM Resorts (2019, 10.6 million entries exposed), Walgreens (2020, stats not directly available but there were 10 million downloads of the affected app), Marriott International (2020, 5.2 million guests’ data exposed), and Estee Lauder cosmetics (2020, 440 million records exposed),
Social media have been hit too. Twitter rival Parler was hacked just before Amazon Web Services cut it off in 2020 (it’s back online now). But then Twitter was hacked too in 2020 in a giant bitcoin scam (July 15, 2020, targeting Warren Buffett, Bill Gates, Kanye West, and Elon Musk).
Here’s an interactive time line of recent attacks from Hackmageddon.
Clearly, if the internet is to thrive, hackers should be having a harder time getting into major systems. How can a firm, large or small, or a sole proprietorship, reduce exposure to cyberattacks? We’ll address this in more detail later but for now, MalwareBytes Labs offered some advice in 2015 which is still relevant, including:
1) Update programs regularly to get rid of known vulnerabilities in the older ones
2) Insist on strong passwords (SolarWinds123 is not a strong password)
3) Use different passwords for different devices, and
4) Be sure to scrub any data from machines you give away.
How much the internet can benefit us depends in large part on better security and privacy.
You may also wish to read: Hackers seize popular Twitter accounts for giant Bitcoin scam. Scammers have gained access to a number of high-profile Twitter accounts, including those of Warren Buffett, Bill Gates, Kanye West, and Elon Musk. (Jonathan Bartlett, July 15, 2020)