The Worst Cyber Attacks of 2017
With the growth of the technology industry, cyber assaults have been nothing short of an increasing issue over the years. As expected, 2017 was one of the most detrimental years for IT security due to some pretty savage attacks.
Equifax Data Breach
WHEN IT WAS
In late 2017, Equifax announced to the public that its data system had been breached, causing the information loss of 143 million consumers.
THE PURPOSE
As the hackers were not found and given Equifax’s shadiness regarding the matter, we can only assume the worst. These guys could have sold off all of our social security numbers, bank account, credit, identification, and legal info and we wouldn’t even know.
HOW BAD WAS IT?
While not the largest data breach in history, it is without a doubt one of the most detrimental to have occurred for people around the world. The sheer amount of information that these hackers attained could utterly ruin anyone’s life, including my own as I was affected as well.
Shadow Brokers
WHEN IT WAS
If stealing the source code for some of the NSA’s operatives best spy software wasn’t enough; in April, the notorious hacker group called the Shadow Brokers decided to offer up some more stoen tools created by the government oriented hacker organization known as The Equation Group.
THE PURPOSE
The SB was clearly in it for the money as they only offered sample code, proving the legitimacy of the exploits for free, such as EternalBlue. However, I personally believe these hackers had a larger motif that we may not just be fully aware at the moment.
HOW BAD WAS IT?
As far the the average person goes, this was not a concerning issue as it was clearly a “hacker to hacker”assault. In all honesty, the Shadow Brokers exposed some of the nasty truth behind the National Security Agency and their motifs as well. What this does raise in to question is the practicality of implanting intelligence software in corporate products. Considering agencies don’t like to inform the companies of these bugs, the bugs are not fixed and this exposes millions of individuals when an exploit is found.
Yahoo!
WHEN IT WAS
Putting aside the hacks in 2013 affecting over 500 million users and in 2014 affecting over 1 billion; in October, Yahoo! the mega email and search giant announced that all 3 billion of its users information had been fully compromised.
THE PURPOSE
I can only imagine that the hackers were looking for important financial or personal info as all of the usernames and password had been leaked as well.
HOW BAD WAS IT?
This was just pathetic to be honest. Yahoo! had already failed twice in the past at protecting its users information before and had also been proven to be providing backdoor information to government servers. I’d be surprised to find out that everyone has moved away from Yahoo but if you are reading this post right now and you are still using Yahoo I’d advise you switch your email provider and delete your account immediately as I think it is time for Yahoo to hang up the coat and find a different industry… like shoes. Or maybe they would fail to make those safe too.
SEC Hack
WHEN IT WAS
In September, the Security and Exchange Commission announced that their corporate electronic filing system EDGAR had been breached for some time in 2016.
THE PURPOSE
The SEC stated that it believed this information was used for illegal stock trading. This really brought in to question the cybersecurity of the U.S. government.
HOW BAD WAS IT?
This was actually a tremendous ordeal and should put quite a lot of fear in to those who would think that their own government would be trustworthy enough to hold their funds. If the SEC’s system was breached who’s to say other weren’t as well? Who’s to say the market hasn’t been further manipulated by hackers even more than we know?
Wannacry Attacks
WHEN IT WAS
Scotland and England citizens received quite a rude awakening when they woke up one morning in May to find out their own National Health Service had been taken hostage and held ransom by a ransomware program called Wannacry.
THE PURPOSE
The hackers internal purpose is unknown but to release a large amount of important files that had been frozen on the system, they wanted over $500,000.
HOW BAD WAS IT?
Within a matter of hours the infection had spread to over 100 other computers on the network before being halted. While no patient data was compromised, this exposed a huge security flaw in the information system.
Uber Hack
WHEN IT WAS
In November, Uber appeared in the headlines once more for being breached in October of 2016.
THE PURPOSE
While the purpose of the hackers is unknown, Uber’s handling of the situation was horrible to say the least, as they attempted to pay off the hackers with $100,000.
HOW BAD WAS IT?
This put Uber in a tough situation as they had already been focusing on several other allegations and if matters hadn’t already been bad enough, attempted to hide the entire thing by channeling their payment through their bug bounty program. Where the hell can I get $100 G’s to compile a bug fix, because wherever that is, sign me up!
NotPetya Attacks
WHEN IT WAS
In June a large array of international companies were attacked by ransomware named Petya, launched by hackers from the Ukraine. However, this version of Petya had been so specially designed that it was was given its own title, NotPetya.
THE PURPOSE
While the true motifs are unknown, IT and security specialist have come to a theory that the attack was politically driven.
HOW BAD WAS IT?
While this may not have affected many consumers, if any at all, it does bring in to question how trustworthy our political systems and representatives truly are. I mean, I’ve always believed everything politicians and the government says, who wouldn’t…? #sarcasm
NiceHash Bitcoin Theft
WHEN IT WAS
Cryptocurrency investment came to an abrupt stop in July when investors found out that not one, but two Etherum ICO’s were hacked within 7 days of each other. To make matters worse, days later a smart contract coding company by the name of Parity’s Ether had its digital wallet software breached as well. In December, came one final attack to the platform NiceHash.
THE PURPOSE
Between all three attacks, over $115 million in Etherum and Bitcoin was stolen.
HOW BAD WAS IT?
This caused a staggering shakeup in the cryptocurrency market and with the rising popularity of these currencies, the ICO breaches are expected to return with even more ferocity and advanced technique throughout 2018.
AWS Breaches
WHEN IT WAS
Almost ever day, Amazon receives a complaint that one of its subscribers of it’s Web Serviceplatform has been attacked or compromised of some sort due to poor security. This has resulted in a large amount of hacks over a years span.
THE PURPOSE
The reasons for these attacks can vary as these servers are run by various businesses but nonetheless can result in unrecoverable losses.
HOW BAD WAS IT?
While the damage taken can also vary with mileage, these incidents show the importance of correctly setting up and optimizing servers to function correctly. If the right security protocols are not implemented, even incredibly secure services such as AWS can be taken down. Small franchise vendors for large corporations such as Verizon learned this the hard way.
Dun& Bradsheet/ LexisNexis
WHEN IT WAS
In mid 2017, two of the largest data brokerage companies, Dun & Bradsheet, and LexisNexis had their databases breached by a notorious group of hackers, leaking tens of millions of documents.
THE PURPOSE
The group of hackers who stole this information are known for selling it in return for money, so we can only assume this was their purpose as well.
HOW BAD WAS IT?
Unlike some other breaches, this attack was pretty detrimental to those who were affected and needed more media coverage in my opinion. Many people do not realize how massively large and orchestrated these data furnishes are. LexisNexis alone contains information on hundreds of millions of individuals in the world, including social security numbers, employment, credit, past application, rental, and legal information.
WHEN IT WAS
In May, a large phishing attack was launched, targeted at nearly 1 billion Google Gmail users.
THE PURPOSE
The attack would send an email alerting users to click a link directing them to fake Google Docspage where the phishing page would then record keystrokes of typed login information, causing the user to give out their username and password for their Google account.
HOW BAD WAS IT?
This was really bad for Google. I’m not saying that phishing attacks are rare because they’re not… but the fact that Google actually let this slip through their fingers is not expected of the incredibly powerful tech giant. Ironically, while the big G takes incredible measures to protect its users accounts, it can be quite a pain to restore an account once it has been hijacked, sometimes impossible.