As we look back at the intense year we had in cybersecurity, here are our insights on major hacks and grinches that have reshaped the cyber-attack landscape.
Ransomware is on the rise: Ashley Madison
Personal data is being targeted for ransomware, not just for identity theft. The major breach linked to ransomware is the Ashley Madison hack. The online dating portal for extramarital affairs was hacked by a group calling itself the Impact Team. 10GB of its customers’ personal data, including their names and email addresses, was held ransom and eventually leaked, followed by another leak releasing another 20 GB of corporate sensitive information.
The hacking of AdultFriendFinder, a casual dating website, leaked email addresses, usernames, postcodes, dates of birth, IP addresses, sexual orientation and marital status of over 3.5 million of its members to the dark web. Once online, users were exposed to extortion through ransomware. It appears that the hacker attempted to blackmail the users to extort $100,000 before publishing the data online.
In the second quarter of 2015, 4 million samples of ransomware have been identified, including 1.2 million that were new. These instances are expected to grow in 2016. The main reasons for the increase in ransomware is accessibility to ransomware as-a-service malware and the fact that many times victims to are willing to pay, making it a lucrative scheme.
Since corporate ransomware is expected to grow, avoid becoming the next victim by backing-up your files and investing in solutions such as the one offered by Deep InstinctTM that protects endpoints, mobile devices, and traffic by accurately detecting and blocking known and zero-day attacks.
Beware and be aware of Phishing: Anthem
Phishing remains a major attack vector because once hackers gain access to employee information, they use the data to infiltrate into the organization, bypassing security measures that protect the organization’s perimeter. Governmental bodies have become prime cyber-attack targets due to the massive amounts of personal data they hold that is used for phishing and identity theft.
Health insurance giant Anthem disclosed it was breached in February 2015. Social Security numbers and other personal data across all its Blue Cross business lines was stolen, impacting nearly 80 million customers.
In May 2015, Premera Blue Cross, an insurance carrier that participates in the Federal Employees Health Benefits Program, disclosed a breach affecting its 11 million customers. Unlike the Anthem breach, the incident at Premera also exposed clinical medical information in addition to personally identifiable information. That same month, Carefirst Blue Cross also disclosed a breach impacting 1.1 million customers. Clues unearthed by researchers point to the same attack infrastructure and methods used in the Anthem and Premera breaches.
Analysis of the Anthem attack revealed that the sophisticated attackers gained access to Anthem’s data by stealing the network credentials of at least five employees with high-level IT access, most likely through phishing. Moreover, despite the finding that the sensitive data was not encrypted, since the credentials and keys were compromised, encryption would have done little to protect the data that was accessible once the attackers gained access into the system
In addition to raising employee awareness about phishing, companies must invest in cybersecurity solutions that can block in real-time malicious executable files that are attached in phishing emails, which enable attackers to penetrate the system.
Third party provides may pose major risks: Experian and T-Mobile
In October 2015, Experian, the world’s biggest consumer credit monitoring firm disclosed a massive data breach that exposed sensitive personal information, including names, addresses, birth dates, Social Security numbers, driver’s license numbers and passport numbers of 15 million people who applied for telecommunication services with T-Mobile. T-Mobile is partially at fault for having entrusted its data to Experian. Furthermore, it has been found that Experian has been hacked in the past and T-Mobile continued to use its services via its credit protection services. Both companies are now facing lawsuits for negligence and violations of consumer protection laws.
Cybersecurity does not stop within the protected perimeter of the company. It extends to third parties. Companies must thoroughly check their vendors’ data security measures to avoid breaches via these external parties. Companies must also review who has external access to their sensitive data, restricting and monitoring access as much as possible.
The Tip of the Iceberg
Companies such as Vtech, TalkTalk, LastPass, Scottrade, Uber, Hanes Brands, Care First, and the IRS have made the headlines this past year with severe data breaches, causing economic and reputational damage.
But even the Grinch eventually got into the Holiday spirit, so we will end this post with positive news. New technologies are being applied to cybersecurity to create powerful solutions that can effectively block all types of cyber threats. Deep InstinctTM is the first company to apply deep learning to cybersecurity, protecting endpoints, traffic and mobile devices in real-time from zero-day threats and APT attacks. Applying the Deep InstinctTM solution together with employee training, data backups, and proper cyber-hygiene can make 2016 a safer year.
Learn more about the innovative cybersecurity solution that Deep InstinctTM offers.