Cybersecurity breaches have increased with the increase in Internet users and technology. Last year, we saw some of the largest attacks in the cybersecurity history. We saw some of the attacks on Mark Zuckerberg, political parties like DNC and even one of the largest hosting provider like DYN. To stop these attacks, the first thing we need is to understand what exactly is going around the world of cybersecurity. With that being said, let’s take a look at some of the top cybersecurity breaches in 2017.
Somewhere in Mid-May, thousands of Windows-based devices were hacked by the global ransomware cyber-attack “WannaCry”. The cyber-attackers locked the computers and demanded users to pay them in Bitcoins in order to unlock the computer.
According to the stats of Europol, around 200,000 computers were hacked in more than 150 countries. Some of the victims include FedEx, Russian Railways. That was not the end.
A few days later, it was also found that Honda factory in Japan was infected by WannaCry. This attack forced Honda to shut their plant in Sayama for a day. This hack was considered to be one of the top cybersecurity breaches which shook the world.
2) Pirates of the Caribbean
Another ransomware attack on Disney’s Pirates of the Caribbean on May 15 which threatened Disney to release 20-minutes from an unnamed movie unless they are paid a heavy ransom in Bitcoins. However, Bob Iger (CEO, Disney) said that company would not be paying any kind of ransom and would work with federal investigators.
On 25th May, Iger said “To our knowledge we were not hacked. We had a threat of a hack of a movie being stolen. We decided to take it seriously but not react in the manner in which the person who was threatening us had required.”
3) Dallas’ Emergency Sirens
On 7th April night, around 11:15 PM, all 156 weather emergency sirens of the city started blaring and lasted for an hour and a half to 1.3 Million residents. Eventually, sirens were turned off by the city officials. They ruled out the technical glitch and named the event a hack.
Later that day in a news conference, City Spokeswoman Sana Syed said: “It does appear at this time it was a hack, and we do believe it came from the Dallas area.” Also, Mike Rawlings, Mayor of Dallas said: “will work to identify and prosecute those responsible.”
Our list of top cybersecurity breaches cannot be completed without this hack as it seems to be still active. High-effective phishing scheme discovered by the hackers that fooled the users into entering their login credential on hackers’ phishing page. The hacker usually disguising as a close contact, sent emails with an attachment in the format of PDF.
Clicking upon victims were led to Gmail Sign in a page (Fake). Though the address bar showed “data URL” at the beginning, most people didn’t notice and filled out their credentials, handing their email out to the Hackers.
5) World Wrestling Entertainment (WWE)
After being the leader of big-time harmless hacks in 2016, hacking group OurMine started with WWE in 2017. On January 28, all official twitter accounts related to WWE were hacked. Such as WWE NXT, WWE Universe. They also hacked into wrestler John Cena’s account as reported by Mashable.
Later OurMine informed WWE about their low security and offered them security services to help on the same. “We’re just testing your security,” was posted by OurMine which is known as their tagline.
Next day of hacking WWE i.e. 29th January, OurMine hacked into CNN official Facebook pages CNN International & CNN Politics. Again these hacking were harmless they posted that they were just testing the security and left their logo on the post.
7) IndiGo Airline
India’s IndiGo Airline was hacked twice this year. Recently, the company’s Twitter account with more than 100,000 followers, got hacked by someone and changed the handle to @activevibezzz1. The company faced a lot of challenges in getting back their old handle @IndiGo6e as someone else took the ownership of the handle.
Few days before this incident, hackers broke into their account and tweeted offensive tweets.
8) Chitpole Restaurant
For those who visited Chitpole restaurant between March 24 and April 17, their credit card details might be subject to hackers. On 26th May, Chitpole discovered and announced about the malware behind the hack. The company said that most of their locations were hacked.
Chitpole also released a tool where customers can check if their visited stores were hacked.“The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS device” stated the company.
In mid-May, Indian food-tech company Zomato faced a security breach and caused stealing of 17 million user records. These records had email addresses and hashed passwords of the users. Later the data was put up on sale for $1000 on Dark Web Marketplace.
In the blog, Zomato explained that hackers got one of the developers’ credentials from the hack of hosting company that took place in 2015. Zomato contacted the hacker and found that he was only interested in Zomato’s bug bounty program.
Just after the month of WannaCry cyber-attack, a new malware came up and shut down the computers across the globe and made it to the top cybersecurity breaches list. GoldenEye - Part of Petya ransomware has hit the devices more than 65 countries. Their major targets are large firms and they have successfully hacked Food Company Mondelez, Advertising agency WPP, Spanish Law firm DLA Piper. They are not attacking only businesses though.
This attack began from Ukraine’s electrical grid, government offices, and airport. After Ukraine attack went global. This ransomware takes over the computers through the Microsoft Windows Vulnerability “Eternal Blue” and asks for $300 bitcoins from the victims.
In a lot of ways, we ought to be thankful for these incidents because they come in the form of opportunities for us to learn and defend ourselves from bigger disasters. Nobody took seriously the threats hacking posed a few years ago, but today, security has become more than a luxury companies adopt, it's become an absolute necessity.
In today's world, hacker have progressed to using more complex methods of hacking. There are newer channels of exploitation which are opened every single day, mobile apps, SDK and API to name a few. Any list you see about top cybersecurity breaches is incomplete because of the anonymity of the hacks. These are just a few of the top cybersecurity breaches which gained public eye. It is safe to say that this list goes on and on and as for more breaches in the future? It's an assumption we can certainly expect to hear a lot more from.