Perhaps, it is like the worst is yet to come. The half-year of 2019 is on the books already, and there have, for the most part, been six months harbingers of cyberwar, supply chain manipulations, data breaches, state back hacking campaigns to show for it.
Corporate and U.S. government security is in confU.S.ion, geopolitical issues are rising worldwide, and ransomware is an increasing, progressing threat. Here are the lists of some of the major cybersecurity incidents this year.
Border Protection and customs Contractor Perception
Hackers stole photos of travelers and license plates linked to about 100,000 people in May of this year because of a breach in the surveillance contractor for U.S. Customs and Border Protection. The Perceptics, a Tennessee based contractor and Customs and Border Protection (CBP) affiliate, also lost circumstantial info about its surveillance hardware and how Customs and Border Protection oversees it at several U.S. airports and seaports.
The first Perceptics’ breach was reported by The Register and officials of the CBP. They later revealed the incident to The Washington Post. The CBP was doubtful to admit that Perceptics was the contractor that suffered the breach. Thus, the agency sent a Microsoft Word document to the Post named “CBP Perceptics Public Statement” in its first reply. Later, hackers posted the stolen information to the dark web. Then the Customs and Border Protection omitted Perceptics from federal contracting, though no specific reason.
Two decades past and CBP spent building up its use of border surveillance technologies, and there appears to no end of it. For instance, CBP wants facial recognition scans to get standardized in airports in the U.S. by 2021. However, privacy advocates and civil rights say that these hostile initiatives put danger to U.S. citizens and the global community.
The Perceptics breach is regarded as a vivid example of those threats. According to Jeramie Scott, a senior counsel at the EPIC (Electronic Privacy Information Center), the CBP merely shouldn’t get this confidential info if it can’t protect it.
Supply Chain Attack
A reliable software maker provides to users legitimate software updates. However, it is undoubtedly a lethal tool of cyberwar, which causes the supply chain attack. The most known was the NotPetya attack in 2017 when Russian hackers sent catastrophic malware, jeopardizing the Ukranian accounting application’s update mechanism. To date, this kind of destructive hacking has been a unique and significant signature in 2019.
A research report in March from Kaspersky, states that Asus, a computer maker, revealed a supply chain attack in 2018’s second half that destroyed the Live Update tool of the company, sending malware its customers. Asus devices accepted the infected software since the hackers installed it with an authentic, original Asus certificate.
Although the hackers jeopardized multiple machines, specifically victimizing about 600 computers, attacking with a second malware attack. Experts called the group ShadowPad or Barium. There is hardly any information about the group. However, it’s known to be Chinese-speaking.
This group was closely associated with another popular and renowned supply chain hack of the computer cleanup tool CCleaner in 2017. The researchers in Kaspersky also found out indications that Barium utilized a supply chain attack to the development tool visual studio of Microsoft days after the Asus attack.
As a result, planted openings into the products of three videogame companies that utilize Microsoft’s Visual Studio in their codes, enabling hackers to send malicious content in some games and eventually infecting more.
Ransomware
Attacks are nothing new at this point, but 2019 Ransomware attacks is a year for them. Criminal groups keep targeting local governments, health care providers, and businesses with these hacks, wherein malware are used to encrypt data in a system and then demand a great amount of money to decrypt it, deceiving individuals of billions of dollars annually in the process.
According to the FBI in an interview with WIRED, there is an increase in targeted malware attacks. Cybercriminals will get money from any network in any means.
Ransomware is not just attacking small businesses and hospitals in 2019. In fact, a lethal strain called LockerGoga has particularly been targeting manufacturing and industrial firms, at times, pushing manufacturing plants to go to manual control creating extensive damage in systems.
As of the moment, LockerGoga is used only by money-motivated criminals. It is straightforward to visualize how this kind of attack could be used by hackers that are state-sponsored on crucial infrastructure, specifically how the geopolitical agenda created both Russia’s NotPetya and North Korea’s Wanna Cry.
First American
For the most part, not all data security incidents are data breaches. Sometimes data is poorly stored and publicly accessible; it can be exposed but not stolen. First American, the huge title insurance and real estate company, serves as a warning of how treacherous information exposures can be.
Security journalist Brian Krebs discovered in May the incident that exposed 885 million sensitive customer financial information dating back to 2003. This information was accessible to everyone using the website of First American. However, it is not recognized whether anybody actually discovered and obtained the data prior to the lockdown of the company. However, it was tremendously uncomplicated to obtain. Wire transaction receipts, mortgage and tax documents, bank account numbers and statement, driver’s license images, and Social Security numbers from millions of U.S citizens were all in the trove.
First American as an insurance provider in both the lender and buyer sides of real estate deals, thus, if anyone steals this info, they would have access to critical data for financial scams, spying, and identity theft.
Take away
Cyber attacks are a huge problem because it affects the global community in terms of medical records, bank history, and even espionage. We must always take extra care in using websites for it may bring destruction not only to ourselves but to the world we are living. Thus, using a vpn is one of the many solutions to protect yourself and your personal information against malicious threats.
Author’s Bio:
Tyler Pack is a real estate consultant and journalist, with a passion for smart homes technology. He is keen on writing about home and property security, and cybersecurity.