Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
This Week in Breach: The 10 Biggest Impact Breaches of the Year & Their Takeaways.
The Hack Heard Round the World: Colonial Pipeline
Exploit: Ransomware
Colonial Pipeline: Fuel Pipeline Operator
Key Takeaway: Cyberattacks against infrastructure targets have become a hot topic, and companies that own and operate them should be cognizant of their elevated risk.
An International Incident: Microsoft
Exploit: Product Vulnerability (Nation-State Hacking)
Microsoft: Software Developer
Key Takeaway: This incident had an impact that is still being measured. Companies that quickly patched the flaw fared better than companies that didn’t. This incident is a reminder that risk can come from unexpected directions at any time.
Food for Thought: New Cooperative & Crystal Valley Cooperative
Exploit: Ransomware
New Cooperative & Crystal Valley Cooperative: Agricultural Services
Key Takeaway: Ransomware attacks that against industries that are both under pressure and in essential economic positions became a regular occurrence during 2020 and that trend is continuing.
Hactivism at Work: Epik
Exploit: Hacking
Epik: Webhosting
Key Takeaway: Hacktivists have the power to do big things quickly. ENISA ‘s 2021Threat Landscape Report predicts that the focus of hacktivists’ activity will remain regional although new movements are gaining traction that are likely to develop hacktivism side-tactics and attract wider public participation for online protest and disruption.
Invasion of the Data Snatchers: Accenture
Exploit: Ransomware
Accenture: Consulting Firm
Key Takeaway: Companies that store large amounts of data like financial records or PII were high on cybercriminal hit lists in 2021 because that data was an especially valuable commodity in the booming dark web data markets.
Stealing Straight from the Source: Electronic Arts (EA)
Exploit: Ransomware
Electronic Arts (EA): Video Game Maker
Key Takeaway: Cybercriminals are hungry for data and that includes proprietary data about projects and products. This trend also tracks with medical research and pharmaceutical data.
A Meaty Haul for Cybercriminals: JBS SA
Exploit: Ransomware
JBS SA: Meat Processor
Key Takeaway: Industrial production of all sorts from food to computer chips was firmly in cybercriminals sights in 2021 as part of double and triple extortion ransomware operations, and that likely won’t change in 2022
Stopping Traffic: Transnet
Exploit: Hacking
Transnet: Port Authority
Key Takeaway: Cybercriminals took shots at the maritime and freight transportation/logistics sectors all year long, likely looking for quick ransom payments from companies that might have low security but needed to remain operational at all times, and they were frighteningly successful. That bodes ill for those sectors in 2022.
Theft from the Rich and The Poor: Robinhood
Exploit: Hacking
Robinhood: Financial Services Platform
Key Takeaway: Stock trading became trendy with meme stocks gaining traction on social media as new investors entered the market quickly and easily through apps like Robinhood. But FinTech and similar sectors also caught the eye of cybercriminals who stepped up their hacking efforts looking for quick scores of cryptocurrency and financial data.
System Shock: Newfoundland and Labrador Health
Exploit: Ransomware
Newfoundland and Labrador Health: Healthcare System
Key Takeaway: Hacking and ransomware against everything medical was the big trend of 2020 as COVID-19 treatment and research data became valuable in dark web markets. Bad actors will continue to hunt for data from medical sector targets because it often results in a quick harvest of valuable PII and financial information.
Tales of Crypto Crime: BTC-Alpha
Exploit: Ransomware
BTC-Alpha: Cryptocurrency Exchange
Key Takeaway: Everything crypto is under siege by cybercriminals as they vie to take control of cryptocurrency assets. That trend will continue and may expand into NFTs.