Cybercrime is literally growing as you’re reading this very sentence. As more malware, ransomware, and phishing attacks enter the cyberspace with every passing second, hackers are becoming more and more sneaky. With many now drifting to the dark side, ever-evolving threats and attacks raise their ugly heads as innocents have their private data exposed. 2017 was a big year when it came to cyber hacks, and 2018 has started off no different. Here we explore some of the biggest cyber threats in the first three months of the new year, brace yourselves, things could get ugly.
2017 brought us the biggest ransomware history has ever seen with WannaCry affecting over 300,000 computers across 150 countries. On top of that, Equifax’s data breach left the personal information of almost half the US exposed!
2018 has been no different as cybercrime continues to rise in both volume and ferocity. It comes as no surprise then that Gartner forecasts worldwide cybersecurity spending to reach some $96 billion this year (that’s an 8% rise from 2017), after all – a company wouldn’t want to become the next Equifax. Despite this extortionate spending, according to Ponemon Institute, only one-third of organizations feel that they have adequate resources to effectively manage cybersecurity – which is worrisome, to say the least.
So what has 2018 brought us so far? Other than the Winter Olympics and Chinese monkey clones, cyber hacks are still at it. 2018 may be young, but we’ve already seen some intense cyber hacking action. Here we give you the cyber hacks that 2018 has brought us so far.
Tesla’s Got Its Head in the Clouds
Tesla’s new electric car has been getting a lot of publicity lately, unfortunately, for all the wrong reasons. Cloud monitoring and defense firm RedLock disclosed a hidden attack to Tesla providing evidence that hackers had stolen computer resources through infiltrating Tesla’s cloud, reportedly using it to illicitly mine cryptocurrencies. This is a new phenomenon that has surfaced within the last six months, known as ‘cryptojacking,’ and in this case, it was built on the popular Stratum bitcoin mining protocol. A rookie error on Tesla’s part meant it was running open-source systems that were quite literally open for the taking as they weren’t even password protected!
With the immaturity of current cloud security programs, it’s likely that this form of cyber attack will only increase in 2018. A new race of cybercriminals are now not necessarily on the hunt for data but rather compute power to mine cryptocurrency. RedLock estimates that 8% of organizations will come under attack by cryptojackers with many going undetected.
Orbitz Travels Beyond Its Security Limits
Orbitz the giant travel guru search engine made a statement on March 1st (2018), claiming that 880,000 customers who made purchases in 2016 and 2017 may have been affected by a recently discovered data breach. One of Orbitz’s consumer and business partner platforms may have been hacked, leaving personal information including the likes of names, addresses, credit card details and dates of birth vulnerable. The scary part is, Orbitz isn’t entirely sure what was taken from the platform, meaning anyone affected could have their private information floating about the dark web, leaving them susceptible to fraud.
Homeland Security – Not So Secure After All
If one place had their s*** together you’d expect it to be the US Department of Homeland Security (DHS), especially when it comes to, well – security. But no, it seems even the most reputable of companies and agencies are still nothing more than ticking time bombs. The DHS confirmed that 240,000+ employees, witnesses, and interviewees have been affected by an in-house data breach conducted by a former DHS Office of Inspector General employee. Social Security numbers, dates of birth, addresses, and many other details were among those compromised.
DHS took a lengthy nine months to come clean to affected individuals, attributing it to a complex investigation of the compromised data. This just makes us wonder how many cyber attacks and breaches have already taken place that we don’t yet know about?
It Doesn’t Pay to Be Sick
January 2018 saw almost 430,000 data breaches to healthcare records alone – with hospital records becoming the main target for hacks, malware, and even sick ransomware attacks. A malware attack at St. Peters Surgery and Endoscopy Center (New York) was consumed by the second-largest healthcare breach of 2018 with 134,512 patient records left vulnerable. Social Security numbers, Medicare data, addresses, names, and insurance information were all among the compromised data. Information hasn’t been classified as to how the malware wormed its way onto the server, we only know that the surgery is “implementing even more stringent information security standards and increasing staff training.” – we feel much safer now, not.
Dwindling Faith in Cryptocurrencies
January saw the biggest cryptocurrency hack in history take place to the unfortunate Japanese cryptocurrency Coincheck Inc. Hackers filled their pockets with nearly $500 million digital tokens raising questions on the security of cryptocurrencies as a whole. There’s little we know about the heist itself other than it was not an inside job and was somehow connected to customers’ ‘hot wallets’ – a form of eWallet holding the assets. It’s understood that due to the wallets being connected to external networks, they were made to be more vulnerable to hacking.
Cryptocurrencies have become a hotspot for hackers due to their anonymous nature with three million bitcoins currently ‘lost’. For anyone thinking about delving into the world of cryptocurrency, they should think twice about where to store their coins. Be sure to store the currency offline, not on an exchange. You could use hardware or even store it on good old paper for example – just make sure you don’t let the dog eat it!
2018’s cyber hacking story so far is grim, to say the least, it’s now no longer a question of ‘if’; it’s a matter of ‘when’ a cyber attack will ensue. With so many data breaches and hacks occurring with every passing second, we often don’t know that they’ve even happened until a few months, or even in some cases, years later (Uber and Yahoo, we’re looking at you). It’s scary to think that our private data could be out there, somewhere, which only highlights the importance for not just individuals, but also corporations to take the necessary steps to make their data as safe and secure as possible. It’s an ongoing and evolving battle between the cyber-tech departments and the cyber hackers.