Learn From Mistakes: 3 Cyber Security Downfalls of 2017

From what we’ve seen so far this year, we can conclude that cyber criminals are very innovative and adaptive. Despite the top notch security measures which include firewalls, antivirus software, impeccable server and router management and maintenance, still there were dozens of cyber attacks with disastrous consequences.

At first glance, it might seem that we are helpless and unable to fight off cyber criminals. But is it really the case? What did these attacks teach us? Let’s review all major cyber security downfalls of 2017 and see what are the notable takeaways in each one of them.

Ransomware Infections

The year 2017 will forever be remembered as the year of ransomware. Millions of computers and their owners fall victim to this sophisticated cyber attack. All the traces lead back to the group of cyber criminals calling themselves the Shadow Brokers. Allegedly, they’ve stolen sophisticated hacking tools from the National Security Agency (NSA), which enabled them to encrypt data on millions of computers worldwide. The software used for this attack was conveninatly named WannaCry.

Just a few weeks following the WannaCry attack, another wave of ransomware was unleashed on Internet surfers. This one was named Petya – NotPetya. It was more advanced than WannaCry. It infected companies all over Ukraine (airports, the central bank, power companies, etc.), a Russian oil giant, pharmaceutical companies in the US, and a Danish shipping company.

Takeaway: The severity of these two ransomware attacks has mobilized the cyber security public. Cyber security experts in affected companies and organizations successfully cleaned malware from the servers and identified what made it possible for it to happen in the first place: poor patching and vulnerability policies. Regular cyber security architecture assessments are in order if you want to prevent this type of attack on your machines.

HBO Data Leak

Do you remember the infamous attack on Sony that took place back in 2015? Fast forward 2 years and we have the same thing happening to HBO. Only this time, 1.5 terabytes of data were stolen. Among them were entire episodes of shows that were not yet premiered and sensitive HBO documents. Hackers demanded that HBO pays a considerable amount of money if they want to get their data back and prevent hackers from making it public. Aftermath: hackers have released the unaired TV shows and several scripts.

Takeaway: Experts working for HBO have identified the vulnerability that has enabled such an attack. It came as a consequence of HBO’s business model – collaboration and partnership with dozens of 3rd party companies which all have access to sensitive data but don’t practice the same cyber security strategy and methods. If you are collaborating with contractors or outsource companies with access to your sensitive data, make sure they have good cybersecurity practices and employees that have undergone cybersecurity training.

UBER Breach

We have picked the UBER breach intentionally, because their case is a perfect example of what you should definitely avoid doing. If you are not familiar with the UBER case, here is a quick recap. They got hacked a year ago. Hackers have stolen data containing information on more than 50 million service users and UBER drivers. In order to keep the scandal away from the news, Joe Sullivan, the UBER CEO at the time, paid a $100,000 ransom to the hackers. They have deleted the data and the payment was labeled as a reward for a bug bounty program.

One year following this event, Uber reveals that they were victims of this attack.

Take away: If you are running a business that collects data of your users or regular customers, it is important to have a privacy policy and a good crisis management strategy. A crisis management strategy should include the “What if the data gets breached and leaked” section. Paying ransom and firing a CEO and his deputy is definitely not a good way to do it. You are responsible to inform all affected parties in time so that they can do what is in their power to prevent the damage coming their way.

There you go, besides implementing the latest cybersecurity solutions, assessing your architecture and keeping systems up to date, make sure to have a crisis management strategy ready. In the end, it seems that we cannot make our data 100% safe. This is why keeping incremental and regular updates is of the utmost importance.