Here’s the article GSWS is providing for the San Diego County Optometric Society November 2017 newsletter (The San Diego View) ‘The Tech Corner’.
THE BIGGEST CYBERSECURITY DISASTERS OF 2017 (SO FAR)
By Dave Tuckman from Golden State Web Solutions, Inc. (www.GSWS.com)
2017 has seen an inordinate number of cybersecurity meltdowns. And these aren’t just your standard corporate breaches, we’ve seen state-sponsored ransomware, leaks of spy tools from US intelligence agencies, and full-on campaign hacking. And that’s just the beginning. This article recaps and highlights some of 2017’s biggest cyber-incidents so far serve as a reminder of just how chaotic things have become.
- SHADOW BROKERS/NSA
Shadow Brokers is a hacking group that reached notoriety in 2016, with claims they breached the spy tools of the elite NSA-linked operation known as the Equation Group. In April, they released a trove of NSA tools, including a Windows exploit known as EternalBlue. Eternal Blue below (see WannaCry & Petya below), as this was the catalyst to other events we’ve seen this year.
- WIKILEAKS CIA VAULT 7
On March 7, WikiLeaks published a data trove containing 8,761 documents allegedly stolen from the CIA that contained extensive documentation of alleged spying operations and hacking tools. WikiLeaks claimed s that Vault 7 revealed “the majority of [the CIA] hacking arsenal including malware, viruses, trojans, weaponized ‘zero day’ exploits, malware remote control systems and associated documentation.”
Cloudflare offers performance and security services to about six million customer websites (including heavy hitters like Fitbit and OKCupid). In February, they announced that a bug in their platform caused leakage of potentially sensitive customer data. While the leaks were infrequent and only involved small snippets of data, they drew from an enormous pool of information.
On May 12 a strain of ransomware called WannaCry spread around the world, walloping hundreds of thousands of targets, including public utilities and large corporations. This is the Malware outbrak that impacted over 10,000 organizations, 200,000 individuals, more than 150 countries within a 24 Hour Period. Same incident I covered when presenting at SDCOS earlier this year.
A month or so after WannaCry, another wave of ransomware hit targets worldwide. This malware, called Petya, NotPetya (among other names) was more advanced than WannaCry. While it infected networks in multiple countries, it is suspected that the ransomware actually masked a targeted cyberattack against Ukraine. The ransomware hit Ukrainian infrastructure particularly hard, disrupting utilities like power companies, airports, public transit, and the central bank, just the latest in a series of cyber assaults against the country.
- 198 MILLION VOTER RECORDS EXPOSED
On June 19, researcher Chris Vickery announced a discovery that would give even the most jaded security expert pause. He had discovered a publicly accessible database that contained personal information for 198 million US voters—possibly every American voter going back more than 10 years.
With 2 months left to go in the year, Equifax currently is our gold medal winner. From initial mismanagement, to whom it’s impacted and what they have done post-incident has been a textbook example of how NOT to do things. Rather than rehash/relive those details, please check out last month’s SDCOS article on the topic: http://www.sdcos.org/newsletter/2017-10/#techcorner
Got questions or want help?
Please let us know if you have any questions. We’re here to help. You can reach Dave directly at (619-905-4468) or email dave@GSWS.com.