Cyber security vs. Hackers: Seven months of 2019 has already fled and the year has definitely gone through a lot of data breaches, the state-backed hacking campaigns, supply chain manipulations, signal to cyber war and a lot more. But what is mostly waiting for fate is the feeling that the worst is yet to come. The ever-growing threat has been identified as the Ransomware attacks that keep the corporate and US government in complete mess resulting in a soar in the geopolitical tensions worldwide. Before we can or have to experience the worst, let us just have a recap of what all did we go through till date.
Custom & Border Protection Perspectives – In May this year, the news headlines were overflooded with the US Customs and Border Protection Breach where a surveillance contractor for US Customs and Border Protection suffered a breach while the hackers stole photos of travelers and license plates related to about 100,000 people. It was known that the Tennessee-based contractor, a longtime CBP affiliate known as Perceptics, also lost detailed information about its surveillance hardware and how CBP implements it at multiple US ports of entry. This breach was first reported by The Register, and CBP officials later disclosed the incident to The Washington Post. Although the CBP was a bit hesitant at the very first to admit that Perceptics was the contractor that had suffered the breach, the agency sent a Microsoft Word document to the Post titled “CBP Perceptics Public Statement” in its initial response. Days following the incident hackers posted the stolen Perceptics data to the dark web. On Tuesday, CBP has suspended Perceptics from federal contracting, though it did not say why.
Ransomware – To be very honest, the ransomware attacks are not new, although 2019 has been facilitating them with the scope to conduct ransomware attacks, it seems. The criminal groups continue to target businesses, health care providers, and, most visibly, local governments with these brash hacks, in which malware is used to encrypt a system’s data and then demand a ransom to decrypt it while at the same time, swindling the victims of billions of dollars a year in the process. It would mean no justice if said that the ransomware is just targetting the hospitals and small businesses. A malicious strain called the LockerGoga has specifically been victimizing industrial and manufacturing firms—at times forcing production plants to switch to manual control or exacting long-term damage in systems that control physical equipment. As of now, the incident responders say that LockerGoga is being used only by financially motivated criminals. It is pretty easy to imagine, though, how this type of attack could be used by state-sponsored hackers on critical infrastructure, especially given how both North Korea’s WannaCry and Russia’s NotPetya were ransomware-like worms crafted with each country’s geopolitical agenda in mind.
The Supply Chain Attacks – A cyber war takes place when a legitimate software vendor pushes out what resembles a trustworthy software update to users, but it’s really a destructive instrument. This is known as the evil genius of the supply chain attack. The most renowned example is likely 2017’s NotPetya attack when the Russian hackers spread destructive malware in part by compromising the update mechanism for a Ukrainian accounting application. And honestly, this type of malicious hacking has been a particular signature of 2019 so far. In March this year following a research report from the well-known threat intelligence firm, Kaspersky, the computer maker Asus disclosed a supply chain attack sometime in the second half of 2018 that had compromised the company’s Live Update tool to push malware to almost 1 million customers. The victim devices, on the other hand, accepted the tainted software because the attackers signed it with a real Asus certificate (used to verify the legitimacy of new code).
American Medical Collection Agency Breach – Seriously speaking of the concerning one, the most concerning corporate data breaches so far this year is that of the American Medical Collection Agency, a massive health-care-related debt collector. The company had discovered that it had been breached in March, and filings with the US Securities and Exchange Commission indicate that the intrusion on AMCA’s systems lasted from August 2018 through March 2019 not letting people know. The incident was first publicly reported at the starting of June after the medical testing firm LabCorp said that 7.7 million of its customers had data exposed because of AMCA, and Quest Diagnostics said it had had records from 12 million patients that have been exposed. AMCA said that the compromised information included first and last names, dates of birth (DOB), phone numbers, and addresses, dates of medical services, health care providers, and data on balances due. The stolen information did not include insurance ID numbers or Social Security numbers, however.
First American – Data exposure does not only refer to the data breaches but also if the data is improperly stored and as well as publicly available. First American, the massive real estate and title insurance firm, on the other hand, offers a crucial cautionary tale of how dangerous data exposures can be. Having been discovered in May 2019 by security journalist Brian Krebs, the incident exposed 885 million sensitive customer financial records going back to 2003. They were accessible to anyone on the First American’s website. It isn’t known whether anyone actually found and stole the information before the company locked it down, but it was extremely easy to grab the information. Social Security numbers, driver’s license images, bank account numbers and statements, mortgage and tax documents, and wire transaction receipts from millions of Americans were all included in the trove of the data breach.
One to Watch, Iran – Ever since President Donald Trump has withdrawn the United States from the 2015 Iranian nuclear agreement last year, international relations and cyber security experts have been warning that the move could, however, escalate tensions between the two countries, particularly in the cyberspace. This appeared to hold true in the second half of 2018, and the first six months of 2019 as well have seen even more marked escalations. Iranian hackers have ramped up the campaigns around the world, and particularly against US targets, as the two countries clash more openly in the physical world every now and then.
Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.