February 1, 2021
2020 was a strange and extraordinary year. The COVID-19 pandemic emphasized the importance of secure systems as hackers kept busy with an aggressive barrage of data breaches and ransomware.
The new normal changed how we viewed technology. Terms like “Telehealth” and “Zoombombing” are a part of our everyday lexicon while online services like food delivery and remote work tools are now considered essential. 2020 has been a transformative year, and our list of top stories reflect the many ways cybersecurity was at the forefront of our digital transformation:
1. Serious Trouble for Twitter
2020 was not first year a social media platform was hacked, but it was one of the most memorable incidents for the social networking site, Twitter.
Twitter’s woes began when its employees fell prey to a bitcoin phishing attack. The hackers took over the high-profile accounts of Bill Gates, Elon Musk, Uber, Apple, Kanye West, and Jeff Bezos. By the time the dust settled, 130 accounts were affected, but less than 50 were used to send a scam “we’ll double your bitcoin if you send us money” message to users.
To regain control, Twitter took some drastic action. Administrators blocked tweets from both verified and compromised accounts. Twitter CEO Jack Dorsey wrote, “Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”
During this incident, Twitter's stock price fell by 4%.
In addition, Twitter faces a possible $250 million Federal Trade Commission (FTC) fine for misusing emails and phone numbers. The alleged time period for the improper use of personal information to display targeted ads is between 2013 to 2019.
For now, there is no finalized timeline for these fines.
2. Colossal SolarWinds Hack Affects Both Government and Private Industries
Although first reported in mid-December 2020, the SolarWinds hack happened during the better part of the year. Austin-Texas-based SolarWinds provides “IT monitoring and management tools”, and hackers compromised SolarWind’s software distribution network. From there, the attackers could monitor, steal, remove, or change sensitive data information from over 18,000 customers.
At the beginning of 2021, top US officials blamed an international hacking group for the sophisticated malware attack.
According to the Wall Street Journal, this attack allowed hackers to track public and private organizations including:
- Department of Homeland Security
- US State Department
- Department of Energy
- National Nuclear Security Administration
- US Treasury
The Wall Street Journal also reports that some victims may never know if they were directly affected, due to the covert nature of the attack. Some cybersecurity experts say the size of the company was turned into its Achilles’ heel:
“We don’t think anyone else in the market is really even close in terms of the breadth of coverage we have,” the former chief executive, Kevin Thompson, said during an early 2020 earnings call. “We manage everyone’s network gear.”
This widespread presence of SolarWinds in the market was used to the hackers’ advantage.
3. Zoom Bombing and Video Conferencing Growing Pains
In March 2020, organizations from schools to hospitals frantically switched to remote learning and working due to the emergence of COVID-19. Zoom became of the most popular choices for video conferences.
While convenient, the online meeting platform had multiple vulnerabilities ready for threat actors to abuse privacy and security weaknesses. Zoom-bombing occurs when unauthorized attackers gain access and disrupt live meetings or chats. Once inside the call or session, attackers share offensive or disturbing materials.
During the initial wave of attacks, Google, SpaceX, and even NASA banned their remote work employees from downloading Zoom. However, in recent months, Zoom has worked to enhance security and privacy. Some of these upgrades include end-to-end encryption and meeting controls, giving hosts the ability to remove unwanted participants.
Here are some quick tips on how you can protect yourself during Zoom calls:
- Use passwords to protect your meeting.
- Don’t include public links on social media – send participants their login link directly.
- Create a waiting room to screen your participants.
- Use a different meeting ID each time.
For more tips to keep your calls and chats safe, visit Forbes.
4. Garmin Paid Multimillion Ransom to Company Hackers
In late July, Garmin announced a “cyber-attack that encrypted some of our systems on July 23 2020.” Users noticed something was amiss when Garmin’s website and other services were offline; employees said their internal communications were down. Garmin did not share many details at first, but many speculated that ransomware was the culprit.
The predictions were right. Several days later, Garmin officially released a statement reporting the cyberattack, stating sensitive customer or employee data was not put at risk.
In the following weeks, the ransomware tool, WasteLocker, was connected to the Garmin attack. According to Kaspersky, WasteLocker “is an example of targeted ransomware — malware tweaked to attack a specific company.” The attack is believed to be linked to a small but growing Russian hacking group named “Evil Corp”.
Although not confirmed by Garmin, sources report the company paid $10 million as a ransom for service restoration. In the past, ransom amounts usually totaled over $100,000. This story’s seven-digit demands mark a dangerous new chapter in ransomware.
No matter the size of the company, any organization can be crippled by a relatively small group of malicious hackers.
5. First Ransomware-Related Death Reported in Germany
In Germany, local authorities opened a negligent homicide inquiry in connection to a ransomware incident in September 2020. Prosecutors believed a woman under the care of the University Hospital of Düsseldorf received delayed treatment as a direct result of the cyberattack.
The strike against the hospital’s systems caused major network issues, which required the 78-year-old woman receiving care at the Düsseldorf hospital to be transported to another medical facility. Sadly, the patient passed away during this incident.
According to the note left behind by the attackers, the ransomware was intended for a different hospital, Heinrich Heine University. As soon as authorities notified the perpetrators, the demand was removed, and the decryption key was provided. The BBC reports that the case is being investigated as a homicide.
“If confirmed, this tragedy would be the first known case of a death directly linked to a cyberattack,” Ciaran Martin, formerly the chief executive of the UK's National Cyber Security Centre, said in a speech at the Royal United Services Institute.
Cybersecurity authorities in Germany said the cybercriminals used a notorious vulnerability in Citrix VPN software. This weakness was made public in January 2020.
6. More Social Media Woes: Tik-Tok, Instagram, and YouTube Info Exposed
This next incident shows the importance of protecting your digital assets. In 2020, security experts discovered a compromised database with scraped data of 235 million Tik-Toc, Instagram, and YouTube users.
Scraping data, or web scraping, is used by some companies to collect data from websites. While technically legal, this practice puts the user’s privacy at risk because hackers have easy access to an individual’s full online profile.
According to Cybersecurity Insiders, these hackers targeted a firm called Social Data. This organization kept records on:
- Profile Name
- Legal Name
- Profile Photo
- Account description
To make matters worse, security professionals found this data was not encrypted. What can you do to help protect yourself? Build smarter passwords using a reputable password manager, use search engines that don’t track you, and keep your data “clean” by managing your privacy settings.
7. Coronavirus Phishing Scams Grow Across the World
COVID-19 created upheaval in both our personal and professional lives, and this ensuing chaos created a perfect environment for hackers to strike. We saw the first COVID-19 phishing scams back in January 2020, spreading misinformation on readily available cures and vaccines.
Although many parts of the U.S. and other countries are now beginning to distribute vaccinations to healthcare workers and first responders, it will still take time for the general public vaccinations.
Email attacks try to instill fear and urgency:
"Go through the attached document on safety measures regarding the spreading of corona virus. This little measure can save you." This message came from a fake scientist who claimed to have vital information on the virus.
The World Health Organization (WHO) was not spared; this international group was targeted in March 2020 by phishing email attacks.
2020: The Year of Hacker?
In 2020 alone, hacker activity increase by a startling 600%. In addition to large companies, smaller organizations and individuals also saw an increase in attacks. From financial to healthcare, hackers have inundated a wide variety of industries.
The average day in 2020 saw over 4,000 attacks. 90% of attacks are successful because of human error – a phishing email from your doctor’s office or an online message about COVID-19 vaccines. These emails may look legit, but they can be a gateway into your network.
To help your organization prepare for these growing attacks, Ross & Baruzzini can design a custom cybersecurity plan to protect your business. We are your operational resilience partner. Contact us today to protect your organization from this year’s threats and beyond.