The Big Hacks that Shook the World

Hackers are international criminals. The Internet allows them to operate anywhere in the world without risking discovery. And the IT laxity of companies, authorities and institutions means that they can slip in everywhere, without being detected.

Image: Michael Dziedzic, Unsplash

The result is usually stolen data, a company that goes bankrupt, a factory that has to stop production, a tax office that loses all personal data or an airline that loses lots of customer data. And it happens over and over.

Or, you may take the easy way out and pay the blackmailers. About 40% of IT managers interviewed believe that this is cheaper than stepping up IT security. Until it explodes next time.

The Big Bangs

Below is a very small selection of the major attacks, mistakes and IT nonsense that has hit the world lately.

6/27/2017 Giant attack on Ukraine’s banks, power grid, post offices, authorities, media companies, Kiev airport and Chernobyl nuclear power plant. During the attack, passwords and system privileges were stolen, logs were deleted and files were encrypted or deleted. Part of Kiev blacked out. At the same time, some special servers and networks were left alone, which is why experts believe that the attack was much more carefully planned than ordinary malware attacks are. The infection was also reported from France, Germany, Italy, Poland, Russia, England, the United States and Australia.

9/27/2019 Around this date, Twitter regretted that it “accidentally” happened to use the phone numbers and e-mail addresses provided by users for account security, in targeted advertising. Twitter admits that it sold the information to third parties.

10/7/2019 Using malicious code in a payment form, hackers obtained personal information for customers of the American department store chain Macy’s. The attack was of the MageCart type which means that the hackers injected Javascript in various parts of the website, mainly the Checkout and MyWallet pages. All payment information provided at these pages, such as credit card numbers and customer information, was forwarded to the attackers’ server.

10//28/2019 A cyber attack on most of Georgia knocked out about 2,000 websites, and many of them had their front pages defaced with a picture of former President Mikhail Sakaashvili and the text “I’ll be back”. Both government and private websites were affected. Two TV stations were closed.

1/6/2020 The website of the US Federal Depository Library Program (which publishes government documents free of charge) was cyber-attacked by Iran and had its front page changed to a bloody image of President Trump.

3/6/2020 Virgin Media, one of England’s largest Internet and cable TV operators, admitted that it had left a database with over 900,000 subscribers open, without password protection on the Internet. It contained, among other things, customers full names, dates of birth, telephone numbers, IP addresses, applications for blocking gaming and porn sites, IMEI numbers for stolen telephones and various subscription information.

April 2020 The Zoom video conferencing system became one of the biggest IT scandals of 2020. The corona crisis saw the number of daily users of Zoom increase from 10 to 200 million. The randomly generated user ID for each work session is all too easy to guess and pirates get in and show porn (zoom bombing). Apple had to remove Zoom from all Macs in 2019 due to security flaws. Among other things, Zoom gained unauthorised access to the computer’s camera. Personal information is leaked to both advertising companies and Facebook and crypto keys and data are sent to servers in China, where Zoom has (or perhaps, had) a development department.

4/20/2020 Cognizant IT Service Company was infected with the Maze hostage-taking malware and the problem transferred to the company’s customers. Cognizant is a huge outsourcing company with around 300,000 employees, apparently with poor control over their own IT security. Maze is an advanced hostage program that can steal and encrypt data, as well as backups. It attacks in the good old way, through phishing, exploit kits and remote desktop connections via weak passwords.

5/19/2020 EasyJet Airline admitted that hackers had obtained personal information such as email addresses and travel data of 9 million customers. The attack is said to have taken place as early as January 2020. At least 2208 customers have had their credit card data stolen.

And the road goes ever on and on.

Backup

The solution to most of these problems is ridiculously simple, and yet no one cares about it.

  • Have a constantly updated backup of all company data, in a place where you can access it and touch it with your own hand, without the need for the Internet. A backup that you cannot touch, you do not have.
  • Instead of having routines for returning to PAP (Paper And Pen), you should have routines for automatically checking the integrity of the backup and automatically restoring it on all company servers and workstations in the event of a disaster.
  • The backup must be duplicated. One copy may become destroyed or inaccessible.
  • No one should be able to escape backup.
  • When the company is restored, the entire company should be restored. No one should be able to escape.
  • Train staff.

Why will no one care about IT security? Least of all, politicians. It is an educational issue. Do yourself a favour and read more on Hidden24 and be wiser.