2017 Cyber-security Review
2017 was a year that started with much promise, the presence of Ransomware across 2016 had launched data protection into the forefront of many people’s minds and protection against cyber-attacks was looking up. However, 12 months later and it seems some organisations weren’t so lucky. A number of high-profile organisations became victims of large-scale data breaches including HBO who had episodes of the hit TV show Game of Thrones stolen, in the build up to the show being aired.
Ransomware was one of the most prominent cyber-threats in 2016, many hearing of it for the first time. In 2017, it showed no signs of slowing down and continued to be a threat to many major organisations. Cyber-criminals have favoured this method as it is relatively easy to spread and thanks to cryptocurrencies, such as Bitcoin, payments are largely untraceable. By selectively targeting organisations with sensitive data, ransomware cyber-criminals have improved their chances of success and have reportedly extorted ransoms topping $1 million from a single attack.
One Friday in early March, the WannaCry strain of ransomware started rapidly infecting networks across the globe. The strain exploited a known Windows vulnerability that had been patched, but many organisations had failed to patch machines. Included in the estimated 150,000 organisations infected was a large portion of the NHS in the UK, Renault, Deutsche Bahn and reportedly the Russian interior ministry. Unlike previously seen strains of Ransomware, WannaCry utilised an additional piece of code that acted as a worm, allowing the infection to spread more quickly, spreading from one system to the next.
Hacks and Breaches
In addition to numerous ransomware attacks across the year, there has been a series of hacks and data breaches that have affected large organisations. Global credit firm Equifax suffered a data breach over a two-month period from May to July that affected over 140 million customers in the states alone. Data stolen included credit card details, addresses and names. CEO Richard Smith, released an initial statement saying,
“This is clearly a disappointing event for our company, and on that, strikes at the heart of who we are and what we do”.
The breach raised “cause for concern” with the ICO, and the FBI also stated that they would investigate.
While Yahoo may not exist as its own entity anymore, it hasn’t stopped the company from playing victim to a major data breach. The breach in question initially took place in 2013 and at the time was thought to have involved some 500,000 customers with Yahoo accounts. Several years later and the true scale of the breach has been identified to have affected every account held with Yahoo at the time, an estimated 3 billion accounts.
High-tech taxi firm Uber has had it’s fair share of issues with regulations over the last few years, many related to how its cars are licensed and how they operate in large cities; London recently placed a ban on Uber in the city. But in November 2017, it was revealed that the firm had suffered a major breach a year prior and paid off hackers to keep quiet. The breach affected some 57 million customers and drivers.
Protecting against cyber-threats
Cyber-security should be a top priority for IT teams, with threats increasing and the value of data rising the volume of attacks is likely to increase. Ensuring protection will not only help to improve business processes and efficiencies but will allow for maximum uptime and ensure that no costly ransoms must be paid. Above all else it is vital to ensure that a secure, off-site backup of data is kept so that the organisations can recover following an infection or attack. To find out more about Redstor’s Backup Provisions and to get your data protection ready for the New Year, visit here.