Keeping Up With The Cyber Attackers

As businesses invest in cloud resources and other IT systems, cyberattacks have dramatically decreased. But in 2020, 445 million cyberattacks were reported, double the rate of 2019. Major companies such as World Health Organization (WHO), Marriot International and many others were affected by the increase of cyberattacks.

SolarWinds, a major US information technology firm, experienced one the biggest breach of the entire decade. Foreign hackers were able to discretely break into SolarWinds’ system and add malicious code to the company’s system called “Orion.” During the early part of 2020, SolarWinds unknowingly sent software updates that included the hacked code, making up to 18,000 of their customers vulnerable.  Because of this breach, high profile companies such as Microsoft, Fortune 500 companies and even the U.S. federal government agencies such as the Pentagon and the Department of Homeland Security were made vulnerable to these hackers. It took SolarWinds a few months before it detected this breach, giving hackers plenty of time to go through numerous sensitive information and networks.

SolarWinds wasn’t the only one who experienced cyberattacks. Last year, Marriott International suffered a breach, exposing the records of 5.2 million guests. Attackers used two employees’ credentials to access customer information from the hotels across the chain. The World Health Organization also fell victim to a breach. Around 25,000 emails and passwords of WHO, NIH and other organizations employees were leaked online and had sensitive information accessed.

A more recent example of a breach was the Colonial Pipeline cyberattack that happened this April 2021. The hackers were able to take down the largest pipeline system in the U.S. and created a disruption in the economy. The hackers who call themselves DarkSide infiltrated the Colonial Pipeline network and encrypted the company’s data, demanding 75 bitcoin or $4.4 million USD to be paid— the vector of the cyberattack was ransomware. Cybersecurity experts have stated that Colonial Pipeline cybersecurity is substandard and did not have the awareness and technology needed to protect itself, leading them to vulnerability. Because of this, the Colonial Pipeline Company ceased all their operations to contain the attack. This lead to a spike in prices and as a result, a  rise of panic across the country. Joseph Blount, the CEO of Colonial Pipeline, decided to pay the $4.4 million dollars or 75 bitcoin to restore the pipeline operations and as of June 7, approximately $2.3 million USD or 63.7 bitcoin were recovered by the FBI.

Popular networks like Twitter, Zoom and Facebook have also seen an increase of cyberattacks. Several high-profile Twitter accounts, such as Barack Obama and Apple, were compromised by social engineering attacks. The hackers used these accounts to tweet out cryptocurrency giveaway scams and were able to approximately get $117,385 USD worth of cryptocurrency. Attackers also stole 500,000 Zoom passwords and usernames. The stolen information were made available on dark web forums, making their users vulnerable to threats and theft. Facebook also experienced a large-scale phishing attack on their network. The attackers used a set of complex websites, which presents as a Facebook login screen but was actually a phishing site and compromised the user’s credentials.

These are just some of the cybersecurity incidents that happened in 2020 and 2021. The pandemic has caused an expansion of the attack surface of companies through the Work-from-home practice, which has consequently led to increased cyberattacks. These attacks show the importance of investing in Threat Intelligence as a security layer. As businesses expand and progress, attacks and threats will too. Needless to say, threat intelligence solutions need to keep up with them. It is necessary for large and small scale companies to have a highly advance cyber protection solution to prevent cyberattacks from happening and sensitive information from being stolen. The incidents above show even the most sophisticated and largest companies in the world are vulnerable to breaches. To stay ahead of cyber attackers, you need a proactive approach to keep your company safe.