Cyber Warfare – Us Versus the Hackers

The recent surge in cyber-criminal and hacking activity worldwide is alarming, and we all need to remain vigilant to protect ourselves from becoming a victim.

^Pixabay

The magnitude of major data breaches occurring in 2017 were a wake-up call for corporations where security systems and protocols were sub-par. We have seen a rise in automated bot attacks and witnessed the first AI-powered cyberattack detected in India.

Cyber security industry professionals predict that 2018 will have more data breaches and will be deemed the year of AI-powered cyberattacks.

 

The CEO of Ward Solutions, Pat Larkin summed it up this way:  

"2018 will see cybersecurity threats increase further in sophistication and the amount of damage that they can potentially cause."

''Furthermore, as state-sponsored groups increase their attacks on countries’ national infrastructures, civilians could begin to suffer as essential services come under strain… Continued attacks on nations by cybercriminals will build legitimacy for national cyber response teams, and 2018 marks the tipping point when those targeted nations escalate their response to cyberattacks, which they now classify an act of war."

"Cyberattacks represent a very real threat to national security, and so expect countries to devise official coordinated defensive responses, utilizing both cyber and physical, military force to protect their interests."

 

Hackers are said to be developing huge botnets to attack IoT networks and devices, and the security industry will have its work cut out trying to fend them off. IT security gurus are constantly scrambling to try and keep up with the threats.

 

^Pixabay

 

Major cyber-attacks carried out recently:

•      In sept 2017, Equifax reported a major data breach affecting up to 145 million people.


•      In 2013, 3 billion Yahoo accounts were compromised.


•      Major retailer Target was itself a target of hackers in 2013, when 40 million customers’ data was stolen.


•      360 million Myspace user names and passwords were hacked, apparently by a Russian hacker, in 2016.


•      Reportedly this same Russian hacker stole 117 million LinkedIn passwords in 2012.


•      In April 2017, InterContinental Hotels, the company that owns a dozen hotel brands including the Holiday Inn and Crowne Plaza, reported that hackers had installed malware at 1,200 of its hotel locations to swipe customers’ credit card data.


•      In May 2017, WannaCry ransomware hit thousands of businesses in a massive global cyberattack. The virus infected between 400, 000 and a million devices worldwide.


•      Last November, Uber revealed that it paid hackers $100,000 to delete stolen data and conceal a hack that stole the personal information of 57 million customers and drivers.


•      In June, ransomware attack Petya hit large companies across 65 countries in two days, including Merck, DLA Piper, Maersk, and a Chernobyl power plant.


•      Recent ransomware attacks have hit San Francisco’s Light Rail Network, FedEx and even Britain’s National Health Service


•      In the U.K., the number of cyber-attacks against financial services companies reported to the Financial Conduct Authority (FCA) rose by more than 80 percent in 2017. Nearly seven in ten large businesses identified a data breach or cyber attack.


•      Criminal gangs of hackers organized by North Korea are targeting banks and financial centers.


•      Critical, exploitable flaws have been discovered in WordPress, Grammerly, even Firefox browser and Adobe Flash Player.


•      Active since at least May 2017, Smominru botnet has already infected more than 526,000 Windows computers to secretly mine Monero cryptocurrency.


•      Security researchers recently disclosed that processors from Intel, AMD and ARM used in modern PCs, servers, smartphones and even smart tvs are vulnerable to the Meltdown/Specter malware. Intel had released firmware patches but those were halted due to those patches causing affected PCs to crash or malfunction.

^Pixabay

Hacker target list grows

 Cybersecurity company Fortinet reported,

"The rate at which the cybercriminal community is targeting known vulnerabilities is clearly accelerating, with the WannaCry and NotPetya exploits serving as perfect examples of the need to patch vulnerable systems as soon as possible."

"Which is why our concerns were raised when we recently learned about some of the largest vulnerabilities ever reported—ones that affect virtually every processor developed since 1995 by chip manufacturers Intel, AMD, and ARM."

 

As we have seen, the cyber-attacks are not limited to corporations and individuals, hackers within foreign governments do it for political reasons as well. Hackers from Israel recently discovered that Russian spies were using the popular Kaspersky Lab antivirus software to spy on American intelligence agencies, according to reports by

The New York Times and The Washington Post.

After the discovery, the Department of Homeland Security to remove Kaspersky Lab software from government computers.

 

^Pixabay

 

 

Small businesses are becoming popular targets for cyber attacks, and the U.S. Government is getting involved. From securityinfowatch.com :

"Earlier this week, the United States House Committee on Small Business hosted a hearing titled, "Small Business Information Sharing: Combating Foreign Cyber Threats" that discussed H.R. 4668, the Small Business Advanced Cybersecurity Enhancements Act of 2017. Congressmen and agency officials from the FBI and DHS examined how federal agencies are facilitating greater information sharing with small businesses that find themselves vulnerable to foreign-backed cyber attacks."

"Small businesses across the country are finding that they have suddenly emerged as potential targets of both nefarious solo hackers looking to steal personal information or engage in ransomware scenarios, as well as foreign-backed agents bent on stealing proprietary company information, disrupting supply chain logistics and weakening national security."

 

Personal Security for Home and Business:

• Use and regularly update firewalls, anti-virus, and anti-spyware programs.
• Properly setup, update and patch operating systems, browsers, and other software programs.
• Change passwords often and use two-step authentication methods. Secure your passwords.
• Lock your computer/laptop when you leave it and configure it to automatically lock after a short period of inactivity.
• AVOID ACCESSING PUBLIC WI-FI for secure transactions, banking or shopping.

^Pexels

• Always check for the https:// when accessing online accounts or making purchases.
• Be very careful when clicking links in emails, tweets, texts or posts. They could be malicious.

 

Since recently observed cryptocurrency mining malware attacks have been found leveraging EternalBlue, which was already patched by Microsoft last year, users are advised to keep their systems and software updated to avoid being a victim of such threats.

It is up to each and every one of us to remain vigilant and exercise caution at all times when making transactions, downloading files, clicking links, transferring data, accessing and using apps, etc. We cannot end criminal cyber activity, but we can make a difference collectively in making it harder for hackers to succeed.

May you and your data remain secure at all times!

 

Read more about Cyber Security

This article only skims the surface of Cyber Warfare. Here are links to a few highly informative articles I found if you would like to read more about the current cyber threat environment and steps you can take to lessen your chances of being targeted by cyber-criminals:

 

Study: 70 percent of US oil, gas companies hacked last year 

 

 Over 75% of health care industry has been infected with malware over last year

 

North Korean Hackers Were Behind a Recent Major Cyber Attack

 

Ransomeware Attacks Rise 250 Percent in 2017, Hitting U.S. Hardest

 

World Economic Forum: Cyber-Attacks Third Most Likely Global Risk in 2018

 

State of Cyber Attacks 2018, A big Overview about Cybercrime [Infographic]  

 

21 Mindboggling Cyber Security Statistics