The first half of the year has seen an inordinate number of cybersecurity meltdowns. And they weren’t just your standard corporate breaches. There’s been viral, state-sponsored ransomware, leaks of spy tools from US intelligence agencies, and full-on campaign hacking.
According to the 2017 Ponemon Cost of Data Breach Study, sponsored by IBM, the average total cost of a data breach is $3.62 million. That is not a loss most companies can afford to take. The study also found that one in four companies will experience a breach.
Let this recap of 2017’s biggest cyber-incidents so far serve as a reminder of just how chaotic things have already gotten.
Table of Contents
Voter Records Exposed
Researcher Chris Vickery, on June 19, announced that he discovered a publicly accessible database that contained personal information for 198 million US voters – possibly every American voter going back more than 10 years. The conservative data firm Deep Root Analytics hosted the database on an Amazon S3 server. The group had misconfigured it, though, such that some data on the server was protected, but more than a terabyte of voter information was publicly accessible to anyone on the web. Misconfiguration isn’t a malicious hack in itself, but it is a critical and all-too-common cyber-security risk for both institutions and individuals.
On May 12 a strain of ransomware called WannaCry spread around the world, walloping hundreds of thousands of targets, including public utilities and large corporations. Notably, the ransomware temporarily crippled National Health Service hospitals and facilities in the United Kingdom, hobbling emergency rooms, delaying vital medical procedures, and creating chaos for many British patients. Though powerful, the ransomware also had significant flaws, including a mechanism that security experts effectively used as a kill switch to render the malware inert and stem its spread.
Macron Campaign Hack
Two days before France’s presidential runoff in May, hackers dumped a 9GB trove of leaked emails from the party of left-leaning front-runner (now French president) Emmanuel Macron. The leak seemed orchestrated to give Macron minimal time and ability to respond since French presidential candidates are barred from speaking publicly beginning two days before an election. But the Macron campaign did release statements confirming that the En Marche! party had been breached while cautioning that not everything in the data dump was legitimate.
The mysterious hacking group known as the Shadow Brokers first surfaced in August 2016, claiming to have breached the spy tools of the elite NSA-linked operation known as the Equation Group. The Shadow Brokers offered a sample of alleged stolen NSA data and attempted to auction off a bigger trove, following up with leaks for Halloween and Black Friday in 2016. In April 2017, though, marked the group’s most impactful release yet. It included a trove of particularly significant alleged NSA tools, including a Windows exploit known as EternalBlue, which hackers have since used to infect targets in two high-profile ransomware attacks.
Petya/ NotPetya/ Nyetya/ Goldeneye
A month or so after WannaCry, another wave of ransomware infections that partially leveraged Shadow Brokers Windows exploits hit targets worldwide. This malware, called Petya, NotPetya and a few other names, was more advanced than WannaCry in many ways, but still had some flaws, like an ineffective and inefficient payment system. It infected networks in multiple countries – like the US pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosnoft.
Worldwide Cyber Attacks
Display panels at the main railway station had gone black when cyber attackers targeted German railways in Frankfurt am Main, Germany on 13 May 2017. This worldwide cyberattack broke down ten thousand computers of companies, institutions, and users.
Wikileaks CIA Vault 7
On March 7, WikiLeaks published a data trove called “Vault 7” containing 8,761 documents allegedly stolen from the CIA that contained extensive documentation of alleged spying operations and hacking tools. Revelations included iOS and Android vulnerabilities, bugs in Windows, and the ability to turn some smart TVs into listening devices. These revelations have detailed individual tools for things like using Wi-Fi signals to track a device’s location, and persistently surveilling Macs by controlling the fundamental layer of code that coordinates hardware and software. WikiLeaks claims that Vault 7 reveals “the majority of [the CIA] hacking arsenal including malware, viruses, trojans, weaponized ‘zero-day’ exploits, malware remote control systems and associated documentation.”
In February, the internet infrastructure company Cloudflare announced that a bug in its platform caused random leakage of potentially sensitive customer data. Cloudflare offers performance and security services to about six million customer websites, so though the leaks were infrequent and only involved small snippets of data, they drew from an enormous pool of information. Google vulnerability researcher Tavis Ormandy discovered the problem on February 17, and Cloudflare patched the bug within hours.
Fuelling the increase in cybercrime or cybersecurity is the growing role of digital devices and data storage play in people’s lives. Criminals follow the money, and for them, data means dollar signs. What can be done to avoid these crimes and make the web more secure?