Moving into a new decade does not mean the problems from the old decade will not exist anymore. The size and impact of breaches have increased overtime. Every sector is being impacted and there is no discrimination on who malicious attackers decide to attack next. True indeed the defense of the nation is more important than ever before and cyber enabled espionage seems like the most dominate threat during this time. During the past decade, many events were caused by the stealing of intellectual property to influence and/or to disrupt processes.
Top hacks include:
In 2013, Yahoo had one of the largest hacks. Over three billion accounts were compromised making them the largest hack in history. It took them about three years to even realize they were hacked. Information stolen included customer names, email addresses, passwords, birth dates, phone numbers and security answers. All information stolen was sold on the Dark Web by malicious hackers. Since Verizon was financially affiliated with them during that time, both companies had to share the liability for the incident.
In 2014, Sony Pictures servers were hacked by a foreign military group who exposed a weak internal system. Emails were also leaked and they exposed discussions about big name celebrities, which in turn hurt Sony the most.
In 2017, Equifax (one of the largest credit bureaus in U.S.A) was compromised. Attackers stole birth dates, driver license numbers, social security numbers, and addresses. More than 200,000 credit cards were exposed and 182,000 documents were personally identified by cyber criminals all because one employee failed to process an update.
In 2018, Marriott Hotels went four years before they noticed hackers gained access to their Starwood system. Causing approximately 383 million accounts to be exposed with credit card numbers, addresses and more.
Advice for the new decade:
- Do your homework– research internally for future plans and externally for new technologies
- Align business, IT and Cyber priorities– trust business partners who offer clear-based alternatives and deploy the right level of security
- Lead the charge– security teams need to be in the room of all strategic initiative for the 2020’s. Cyber experts need to be involved in every stage of the development and production process
Cyber-attacks geographic:
Between 2009-2018 there was a 440% increase in global cyber warfare attacks
30% of the attacks originated in China or Russia
26.3% targeted the U.S.A
27% of the attacks in the U.S.A occurred in 2018
Conclusion
Overall, many threats from a decade ago still exist today, but it is up to leads to ensure they are doing their homework, aligning their business with trusted partners, adding the security team in every part of their process, keeping their systems up-to-date and performing random audits to ensure the information on their servers is being protected the way it’s intended to be. Equifax hack helped proved that relying on one person to get the job done was not enough and there should have been someone behind that person to check and make sure the job was done. Without doing so, threats could last a life time, cost will continuously rise and risk will continue to increase over the current 440%. Utilizing advanced technologies could help tremendously, educating one another on prevention methods and performing checks and balances could all help as well. Staying aware of what’s going on is not always enough but researching and learning from case studies that are creditable is what will benefit businesses the most. Again, there is no discrimination when it comes to cyber-attacks; leaders should treat their infrastructure as if it could be attacked to help protect the future of the business.
References:
https://www.techrepublic.com/article/the-10-most-important-cyberattacks-of-the-decade/
https://www.govtech.com/security/Cybersecurity-Leaders-Prepare-for-a-New-Decade-of-Threats.html
MillerOnCyber 