The greatest (and strangest) hacks of 2019
Every year we see more and more inventive ways that cybercriminals are hacking business, of all sizes and across all industries. 2019 was no different, with 82 major breaches in Australia alone. In this article, we look at some of the greatest (and strangest) hacks of 2019.
Resurgence of Ransomware
We saw the resurgence of ransomware in 2019. With Victorian healthcare organisations hitting headlines and falling victim.
One of the most bizarre examples of ransomware attacks we saw in 2019 was a variant nicknamed “Jigsaw”, after the famous character from horror film Saw. This variant was given its name due to its fairly vicious nature, not only encrypting the users’ files but also progressively deleting them until the users paid the ransom.
To mitigate the threat of ransomware there are a few different steps that organisations can take; ensuring a secure web gateway is in place that can prevent malicious files from being installed to endpoints is one of the first key steps. But also ensuring robust backups of your business-critical files and data is important to maintain cyber resilience.
Vendor Email Compromise
One of the more unique trends InfoTrust’s partner Agari saw in 2019 was the rise of Vendor Email Compromise, VEC for short. With this type of attack, actors compromise the email accounts of third-party vendors and suppliers, only to sit and wait for an invoice from one of their customers. Once an invoice is received, the scammers will hijack the thread with ‘new account information’ from the supplier, which is actually an account controlled by one of the actors. The funds are then sent to the new account, actors quickly bounce the money through multiple accounts, leaving both the customer and vendor at a loss.
Agari’s Senior Threat Researcher, Ronnie Tokazowski advises “In order to help mitigate against these types of attacks, it’s imperative to have multi-factor authentication set up on accounts. Additionally, auditing email accounts for any extra forward rules that may have been set up by the actors. “
WhatsApp’s recordings
In April of this year, WhatsApp users were targeted by cybercriminals exploiting a vulnerability in the application. Attackers had discovered that by calling the victims through WhatsApp they were able to listen in to the user even after the call had been ended. Since then research has found over 1,400 cases of human rights defenders and journalists in at least 20 different countries who were targeted in this way by the group.
The best way users can try to avoid these kinds of privacy violations is by ensuring applications are always up to date with the latest patches and software updates.
Unwanted house guests
In an even creepier hack, an attacker infiltrated a security camera within a user’s home and was able to have a conversation with the owner’s child. In another incident, it was reported that the owners were victim to racial abuse through their home security device by the same manufacturer.
Whilst the attacks were through the same devices the manufacturer released a statement to identify that these hacks were not the result of a data breach, but rather password stuffing. This technique is used by attackers, where they utilise one account’s password that has been compromised on the dark web and try it for other logins in the belief that it’s likely the user has the same password for many accounts.
In order to avoid this being successful for cybercriminals, it is advised that a different password is used for each account, and two-factor authentication is enabled for any application that offers it. There is also the option to look into using a password manager, which stores all your account passwords in an encrypted vault. Additionally, a good password manager will help you to create more sophisticated passwords and enable you to stop using the same one across multiple sites.
A new decade
Looking forward to 2020 and as we enter a new decade, I believe what is needed is more general security awareness. Not just for businesses, but the public too. There is a multitude of free tools and tips that are available to them to become more cyber-savvy. I believe organisations have a great opportunity to help their customers become more cyber aware and protect themselves from attackers.
More collaboration between cybersecurity businesses is key to getting ahead of cybercriminals. We’ve started to see examples of this in 2019 within specific industries, which I hope will continue and grow into this new decade.
Author: Stephanie Gray, Marketing Manager at InfoTrust
see our
Related resources
Mimecast recently released its State of Email Security Report for 2021. The fifth edition of its annual report used interviews with over twelve hundred of information technology and cybersecurity professionals across the globe to gather vital cybersecurity insights. The report offers an insight into the latest email threats along with advice on how to build cyber resilience and mitigate the risks of email-borne attacks.
Cyber attacks and data breaches have been commonplace in the news headlines for some time now. Although a warning from the media is certainly helpful, there is so much more that can be done when it comes to threat intelligence sharing. Threat intelligence sharing is an important part of the global cybersecurity community effort to tackle cybercrime and should form a part of every organisation’s cybersecurity strategy. Sharing cyber threat intelligence enables organisations to make informed decisions about their cybersecurity, building more effective and robust cyber defences.
One of my favourite annual reports to read is the Verizon Data Breach Investigations Report. It’s packed full of insights about the threat landscape and security leaders, in my opinion, should read this report to get a pulse on what’s happening in cyber-scape.
After all, as cyber leaders, we are here to stop breaches – so the insights gained from real cyber incidents and breaches is gold in learning how to tighten up our defences.
All businesses, large and small, are under increasing pressure to demonstrate that they are managing the risk of cyberattacks. This means having the right processes and controls in place to identify risks and vulnerabilities, protect information, as well as detect, respond, and recover in the event of cybersecurity incidents. As such, many businesses are turning to certification authorities and security frameworks to demonstrate privacy and security best practice and achieve compliance with regulatory bodies. System and Organisation Controls (SOC 2) is one such compliance framework that can help organisations to create a structured approach to cybersecurity.
Frost & Sullivan has recently released its 2021 Frost Radar: Email Security report, where its findings provide a benchmarking framework to help businesses protect their email from cyber threats.
As we operate in an increasingly digital world, every business collect, store, and share more and more data. And, amongst that data is personal information. With the OAIC marking this year’s Privacy Awareness Week (PAW) from Monday 3 May to Sunday 9 May 2021, it’s time for us all to review how we protect our customers’ personal information.
We're Here To Help