The covid-19 pandemic has turned out to be more than just an attack on human lives. It has also been responsible for a significant increase in the number of cyber attacks and security breaches. With a newly remote workforce and a lack of adequate protection for thousands of businesses around the world, the environment was ripe for exploitation by cybercriminals. This is exactly what they did. According to reports Issued by the Identity Theft Resource Center (ITRC), the number of data breaches through September 30, 2021 exceeded the total number of events in the year (AF) 2020 by 17%. Between politically motivated hacks and disruptive attacks on supply chains, cybersecurity has become a household word that affects almost everyone.
Here’s a roundup of the 8 biggest security holes of the year.
1. Volkswagen data theft
Volkswagen reported a data breach by an unauthorized third party in June. With an impact on over 3.3 million customers, an electronic file left unsecured by their marketing provider was the cause of the breach. The file contained customer data that was used for sales and marketing purposes between 2014 and 2019. The hacker was identified by the alias “000” and wanted to sell the database content for approximately $ 5,000. The information disclosed included names, street addresses, cell phone numbers, social security numbers, driver’s license numbers, tax identification numbers, as well as makes and models of vehicles purchased / leased / surveyed.
2. SocialArk data breach
SocialArks, the China-based platform that leads marketing, branding and social management of customers, suffered a massive data breach in January. The leak is due to a misconfiguration of the cloud that exposed 318 million records consisting of 400 GB of public and private profile data – including celebrity and influencer profiles – from 214 million social media users of the whole world.
All data exhibited was obtained from users’ Facebook, Instagram and LinkedIn profiles and contained their names, country of residence, contact details, position, subscriber data and direct links to their profiles. The attack was launched through a vulnerability in their Elasticsearch database which exposed their server without any username or password to protect the data it stored.
Image source: istockphoto
3. Kaseya ransomware attack
In July 2021, IT security and management software company Kaseya suffered a ransomware attack by the Russian hacker organization REvil demanding $ 70 million. The company’s remote monitoring and management (RMM) solution has been targeted due to an SQL vulnerability that has affected nearly 1,500 businesses – including schools, hospitals and a Swedish supermarket chain – by the ‘attack.
The hackers used a zero-day exploit to bypass authentication protocols and run arbitrary commands in Kaseya’s virtual system administrator. Then a malicious payload was injected into their customers’ systems via a fake software update. Up to a million systems have been encrypted and held for ransom.
4. ParkMobile data breach
The ParkMobile cashless parking app suffered a data breach in March, compromising the personal information of its users. The breach was due to a vulnerability in a third-party software integration that resulted in the leak and sale of critical customer data such as phone numbers, email addresses, license plate numbers, vehicle nicknames. and addresses of 21 million customers on the dark web. Although hackers gained access to the encrypted passwords, the encryption keys needed to read the passwords were not.
5. Colonial Pipeline ransomware attack
Image source: istockphoto
In April, Colonial Pipeline, a critical fuel supplier, suffered a ransomware attack that disrupted its gas supply chain. A hacking organization called DarkSide targeted the company’s billing system and internal corporate network and stole nearly 100 gigabytes of data.
The company’s old VPN system lacked multi-factor authentication, which made it easily accessible via a single password without the need for a second step of verification via text or email to prevent hackers from entering. enter after they find out the password. The ransomware attack shut down the line for several days, causing gasoline prices to skyrocket, fuel shortages and panic buying.
6. Android data breach
In May, the personal data of over 100 million Android users was exposed due to numerous misconfigurations in third-party cloud services. The personal information was found in insecure real-time databases used by 23 applications, with downloads ranging from 10,000 to 10 million. All sensitive data – names, email address, chat messages, date of birth, gender, photos, location, passwords, phone numbers, payment information, and push notifications – can be viewed by anyone. The cause of this breach was misconfigured cloud services – something a company as large as Google can be sensitive to.
7. T-Mobile data breach
Telecommunications giant T-mobile was the subject of a data breach that compromised the personal information of nearly 54 million people in August. There were two sets of data exposed. The former included clients ‘social security numbers, dates of birth, addresses, and driver’s licenses, while the latter contained clients’ IMEI and IMSI numbers. The hacker responsible for the attack gained access to T-Mobile’s internal infrastructure through an unsecured router.
What can we learn from these data breaches?
Enforce endpoint protection
Businesses need to properly identify and secure all of their devices and systems with endpoint protection. They must also monitor every device connected to their network.
Check third-party providers
Before partnering with third party vendors, companies should make sure that they are legitimate and trustworthy. Access controls to third-party software within organizations should be monitored and maintained frequently.
Encrypt sensitive data and use RBAC
It is essential to encrypt sensitive data and store it in secure locations. Businesses need to control who has access to sensitive data. And controlling access to important data includes both physical and digital access to systems and data. All systems and physical locations should be protected by multiple layers of security and should be accessible only to authorized personnel.
Keep systems up to date
Organizations should perform regular system checks to detect vulnerabilities and install patches automatically.
Train employees, partners and users in security
Businesses need to ensure that their employees and users make secure online decisions and take responsibility for their cybersecurity posture. It is important that organizations select all of their current and potential employees. They should also put in place effective training for their employees to teach them best security practices as well as ways to minimize damage in the event of a breach.
Use multi-factor authentication
The use of multi-factor authentication is essential to ensure the security of users, whether they are end users or employees. It is easy to implement and is one of the strongest guarantees against an attack.
Data breaches are always a question of when, not if, as they can occur due to a wide variety of attack vectors where each is equally dangerous. Organizations need to stay ahead of attackers to protect user information and other sensitive data. This article highlights some of this year’s major violations while also serving as a guide to learning from them.
Featured Image Source: istockphoto
Views of the publication: