By: The Hacker News
We likely all agree that 2020 was a year we won’t soon forget – for many reasons. One area particularly impacted last year was (and continues to be) cybersecurity.
While Internet access allowed many businesses to continue functioning during the COVID-19 stay at home requirements, the unprecedented number of people accessing company assets remotely introduced many new challenges for cybersecurity professionals.
With a history of leveraging societal maladies to their advantage, cyber criminals leverage the confusion and unpreparedness created by the global pandemic in their cyber attacks.
In just the last two months of 2020, several high-profile organizations and government entities were successfully attacked using clever approaches that were overlooked by cybersecurity experts. Making sense of how attacks have changed and what new defensive strategies should be taken is no easy task. Cybersecurity company Cynet will help by reviewing the 2020 high profile attacks in depth and guide cybersecurity professionals for 2021 in an upcoming webinar (register here).
Until then, what high profile attacks are they likely to explore?
The Top 2020 Cyber Attacks
Without enough space to cover all the top attacks in 2020, several significant breaches were predominantly accomplished by new techniques.
The attack involved hackers compromising the infrastructure of SolarWinds, a company that produces a network and application monitoring platform called Orion. The attackers then used that access to produce and distribute trojanized updates to the software’s users, including 425 of the US Fortune 500, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US Military, the Pentagon, and the State Department, as well as hundreds of universities and colleges worldwide.
Cybersecurity company FireEye was successfully breached using a malware-infected update to SolarWinds Orion.
An additional malware, dubbed Supernova, also used the SolarWinds Orion product as its delivery method but was likely developed and used by a different threat actor.
The second-largest software vendor in Germany and the seventh-largest in Europe, Software AG was reportedly hit by a Clop ransomware attack in October 2020. It was reported that the cyber-criminal gang had demanded a $23 million ransom.
Sopra Steria is a European information technology firm with 46,000 employees in 25 countries, providing a large array of IT services, including consulting, systems integration, and software development. In October 2020, Sopra Steria was attacked by what turned out to be a new version of the Ryuk ransomware, previously unknown to antivirus software providers and security agencies.
Hackers with access to the system used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. In what is believed to be a targeted attack, the hackers were after two-factor authentication (2FA) login codes delivered over the short messaging system of the victim’s mobile phone provider.
What To Expect in 2021
It will be quite interesting to hear Cynet’s perspective on what will unfold over the coming year. Ransomware shows no sign of abating, and attacks on third-party suppliers to gain access to their clients’ environments will undoubtedly continue. A large remote workforce likely opens companies up to traditional social engineering attacks as well.
In terms of defensive actions, third party risk management will certainly be top of mind following the SolarWinds fiasco. Remote endpoints and remote workers will need to be better protected.
Automated response systems will certainly gain traction as reaction times to things like ransomware must accelerate to machine speed to prevent infections from propagating across the environment and locking up critical system assets. We’re certainly in for a bumpy ride ahead. Look to cybersecurity experts steeped in protecting client organizations for insights and advice moving forward.
Register for this live webinar here
By: The Hacker News