The year 2020 has become remarkable in many ways, especially when it comes to the surge in cyber attacks. The Covid-19 pandemic has given an unprecedented opportunity to cyber attackers to hack and break down the organizations’ IT infrastructure. The work-from-home working module adopted by such organizations has been attributed to the rise of cyber attacks.
The security gap between the home and office network has played a key role to make way for the data breaches in 2020. This issue has resulted in the theft of confidential information, leading to the loss of millions of dollars for breached organizations.
Today, cyber attackers have come up with more innovative ideas to set a new trend in phishing, cryptojacking, ransomware attack, IoT attack, etc. According to a security research firm, 81 global firms from 81 countries reported data breaches in the first half of 2020 alone.
In fact, 80% of firms have seen an increase in cyber attacks this year. Coronavirus is alone blamed for a 238% rise in cyber attacks on banks. Phishing attacks have seen a dramatic increase of 600% since the end of February.
Whereas due to pandemic, ransomware attacks rose 148% in March and the average ransomware payment rose by 33% to $111,605 as compared to Q4 2019. (Source: Fintech News)
The Top 5 Cyber Attacks of 2020
We discussed how cyber attacks have dramatically increased today. Let us walk you through the five major cyber attacks that have happened in 2020 till now. These staggering cyber attacks have crippled some famous organizations across the world.
Software AG Ransomware Attack
The second-largest software vendor in Germany and the seventh-largest in Europe, Software AG has been reportedly hit by a ransomware attack in October 2020. ZDNet reported that the German tech firm has been attacked by the Clop ransomware and the cyber-criminal gang has demanded more than $20 million ransom.
The report also says that the company has still not recovered from the attack completely. The company disclosed that the ransomware attack disrupted a part of its internal network. But services to its customers, including cloud-based services, remained unaffected. The company also tried to negotiate with the attackers but it all went in vain.
As per the statement released by Software AG, the company is in the process of restoring its system and database for resuming orderly operation.
Sopra Steria Ransomware Attack
French IT service giant Sopra Steria was attacked by ransomware on the evening of 20th October, as confirmed by the company. Its fintech business, Sopra Banking Software, identified the virus which is a new version of the Ryuk ransomware and previously unknown to cyber security providers.
Sopra Steria claimed that it was able to confine the attack to a limited part of its IT framework, even though it caught the attack after a few days. However, following an in-depth investigation, the company did not identify any leaked data or damage caused to its customers.
Ryuk is one of the most inventive ransomware which has already targeted organizations like EWA, a US defense contractor, and Prosegur, a Spanish logistics firm.
In September 2020, hackers gained access to Telegram messenger and email data of some big names in the cryptocurrency business. Hackers used Signaling System 7 (SS7), which is used for connecting mobile networks across the world, to hack the data.
According to cyber security experts, the hackers were most probably after two-factor authentication (2FA) login codes. They spoofed the short message service center (SMSC) of mobile network operators to send a request on location updates to at least 20 targeted high-profile victims.
This attack is believed to have occurred to obtain cryptocurrency. This type of cyber attack is well known in the cryptocurrency community but the users are generally aware of such requests.
Therefore, there are better authentication methods than just SMS or call-based 2FA in the cryptocurrency community. Cyber security experts think telecom standards must move away from using protocols like SS7, which cannot resolve modern issues.
Seyfarth Shaw Malware Attack
Chicago based leading global legal firm, Seyfarth Shaw LLP became a victim of an “aggressive malware” attack. This attack was later confirmed by the firm as a ransomware attack. The cyber attack reportedly took place on October 10, 2020, and downed the firm’s email system completely, as per a statement published by the company.
The firm claimed in its statement that there was no evidence of client data or firm data unauthorized access or removal. However, many of its systems were found encrypted, following which the firm shut down all of those as a precautionary measure.
The global legal firm notified law enforcement and the FBI has already started investigation. Apart from this, no further information was revealed on how the attack occurred and what family of ransomware hit the firm.
Carnival Corporation Data Breach:
The world’s largest cruise line operator, Carnival Corporation reported a data breach due to a ransomware attack that took place in the month of August 2020. Hackers stole confidential information of customers, employees, and crew members at the time of the attack.
On August 15, 2020, the company detected the ransomware attack that breached and encrypted one of its brand’s IT infrastructure. Following the attack, the cruise line operator notified law enforcement and hired legal counsel and cyber security experts and launched an investigation.
Though the company claimed that no misuse of exposed personal data has come to light, the type of ransomware and how the attack happened have remained unrevealed.
How to Secure Your Organization Against Cyber Attacks?
The global transition to the work-from-home culture has made a way for cyber-criminals to execute incredibly advanced cyber attacks. Moreover, ransomware, phishing, DDoS, malware, etc., are amongst the most prominent forms of cyber attacks that we have experienced this year, till now.
Here are some of the “must follow” measures to secure your organization against emerging cyber attacks:
- Conduct VAPT periodically to check for exploitable security vulnerabilities in the IT infrastructure of your organization.
- Back up all the sensitive or confidential data and store it separately from time to time.
- Keep all the systems, software, and applications up to date with the latest security patches.
- Restrict employees from sharing passwords at work openly and encourage them to use unique and strong passwords.
- Block email spoofing, spam, and BEC attack by securing your email domain with email authentication protocols like DMARC, SPF and DKIM.
- Run a cyber attack simulation campaign to assess the level of cyber awareness among employees. Then train them accordingly with the best in class security awareness training tool.
- Make sure to implement the practice of using multi-factor authentication to maintain security and privacy.
- Restrict IT admin and access rights to limited employees. Ensure that they are adequately trained on the safe usage and encrypted storage of sensitive data.
Did you find this blog helpful? Leave a comment below if you have more points to add or have any related information to share!