Security Hacks crippled most Organizations – Can you recall when spam was one of the most common problems IT shops had to deal with?
Hackers seem to get savvier, more sophisticated, and more numerous every year. Due to our reliance on more advanced, data-rich systems, hackers (actors performing security hacks) have their pick of the businesses, systems, and networks they want to hack.
In our analysis, we have listed our picks for the four biggest hacks of 2016, notable not just for their size and scope, but also for the way the attackers used new approaches and twists to reach their end goal, disrupting networks and systems we’ve all grown accustomed to using.
DDoS security attacks were launched against Dyn.
In October, Dyn, a DNS service, was hit by a sophisticated, widely distributed attack involving “tens of millions of IP addresses.” As a result of the attack, which was carried out in three waves, many users were unable to access Twitter, Etsy, Github, Spotify, Reddit, Netflix, and SoundCloud.
While Dyn’s Network Operations Center (NOC) staff mitigates DDoS attacks regularly, it quickly became evident.
You may also be interested in What is a Network Operations Center? and potential security hacks in NOCs.
The Dyn attack was remarkable because it made use of the Mirai botnet to enlist the help of “zombie” Internet of Things devices. A DDoS attack originating from compromised IoT devices demonstrated criminal actors’ increased capabilities when targeting networks, prompting some IoT device manufacturers to recall or review their equipment’s security.
It also raised awareness of IoT device security concerns in general, prompting the House Subcommittees on Communications and Technology and Commerce, Manufacturing, and Trade to convene a joint hearing to determine if government regulation is required to protect the Internet of Things device security.
However, the Dyn attack, as well as later (and a few before) strikes, were significant for their scale. According to Akamai’s Third Quarter, 2016 State of the Internet Security Report, the two largest DDoS attacks in the third quarter, both utilizing the Mirai botnet, were the company’s largest ever, with speeds of 623 Gbps and 555 Gbps, respectively.
A number of our clients experienced Mirai attacks that were well over a terabit in size. It’s also worth noting that the attackers targeted a DNS provider. Many attackers are learning right now that instead of assaulting a target directly, they should hit upstream.
You’re taking down a lot more than just your target if you can take down the DNS provider. It demonstrates a progression in the assailants’ worldview.
Icarus op Security Hack
In May, Anonymous began attacking banks around the world with cyberattacks. Affected banks include the Central Bank of the Dominican Republic, the Central Bank of the Maldives, the National Bank of Panama, the Central Bank of Kenya, and the Central Bank of Mexico. Op Icarus began as a conventional application-layer attack, but it gained notoriety since it was a year-long campaign that went through numerous phases.
It was fascinating to see how [the hackers] progressed from using simple LOIC and rudimentary BPM to using Tor and botnets. They are now in phase five. Because the traffic appears semi-legitimate and is tough to prevent, the techniques they utilize are more difficult to neutralize.
SWIFT and Tesco Security Hacks
The allure of easy money made the banking industry an enticing target this year, as expected.
Criminals exploited SWIFT messaging to help steal $81 million from Bangladesh’s central bank in February, setting a new record. Following the hack, banks in Southeast Asia and other regions of the world began investigating probable security breaches. The investigation used the SWIFT global financial messaging network.
Cybercriminals targeted the SWIFT messaging network in the hopes of delaying or initiating fraudulent transfers and thereby gaining access to cash.
Cybercriminals regularly target banks, but the heists at Bangledesh and Tesco appear to be the first time they’ve successfully withdrawn funds from accounts.
Tesco theft is a “threat to national security” and “undermines public trust in financial organizations,” said Britain’s interior minister, Amber Rudd, at a Financial Conduct Authority conference.
San Francisco Public Transportation Security Hack
On ticket machines, a message read, “You broke into the system. ALL DATA IS SECURE “as well as a contact email address. Therefore, the transit agency opened the gates and provided people with free rides.
In 2016, ransomware became a popular attack method. Cybercriminals also targeted hospitals with ransomware earlier this year, demanding payment to open systems. In Q3, according to Kaspersky’s quarterly IT threat evolution report, there were 821,865 ransomware victims. Ransomware is already very widespread. A coordinated attack on several transit systems, hospitals, or other essential infrastructure appears to be a possibility.
Crypto-ransomware continues to be a serious threat to both private consumers and businesses.
Security companies are detecting intrusions faster, so criminals are creating new malware modifications faster, Sinitsyn said.
Will there be more Security Hacks?
How can we expect hacks in 2022?
The best years of security of our systems may be behind us. If attack surfaces, techniques, and means continue to grow in 2022.
As a result of the continued move away from reflective and amplification attacks, which are relatively easy to block.
Security experts report that attackers have also tried several different protocols. Next year, we will probably see one or two new attack vectors we haven’t seen before. We are trying to figure out what they are doing while these attackers have all day to discover new things.
There is a responsibility on each organization to be aware of and prepared for cyber risks. Both traditional and new, and to devise appropriate strategies and controls for mitigating them.
A cyber security consultant identifies potential threats & security hacks and takes action on them immediately. Schedule a demo with a cybersecurity consultant today!