By Jericho Gonzales
Online attacks are becoming more sophisticated and more pervasive nowadays, and cybercriminals are not showing signs of stopping any time soon. In fact, several large-scale attacks have already happened this year.
Here’s a recap of some of 2017’s biggest cybersecurity disasters so far (in chronological order).
1.National Security Agency (NSA) data is stolen.
On April 14, the anonymous hacking group called Shadow Brokers released to the public 300 MB worth of exploits that targeted Microsoft systems. The files included malware, hacking software, anti-firewall tools, and so much more.
Shadow Brokers stated they stole the files from the NSA—a claim that cybersecurity company Kaspersky Labs reviewed and confirmed to be most likely authentic (due to similarities in code).
It’s worth noting that this is not the first attack by Shadow Brokers. The group first made itself known in August of 2016 after it released data stolen from the Equation Group, a hacking team said to be operated by the NSA. The April 2017 data dump was simply part of the Shadow Brokers’ initial NSA hack.
2.French politician is hacked.
Two days before the second round of the French presidential elections (no one was elected during the first round), candidate Emmanuel Macron was hacked. Nine gigabytes’ worth of his campaign emails were released via Pastebin.com, a popular public file-sharing website.From there, the documents spread to other sites and even become a trending topic on Twitter dubbed #macronleaks.
The leaked files contained tens of thousands of emails as well as other documents, and reports indicated there were also fake documents combined with authentic ones. Macron’s team said this was done in order to deliberately provide the public with false information and harm the politician’s chances of winning the election.
The attempt was unsuccessful, though. With a 66.1% share of the total vote, Macron was elected President of France on May 7, 2017.
3.WannaCry ransomware infects users everywhere.
A type of ransomware called WannaCry spread like wildfire on May 12. It infected hundreds of thousands of users in over 150 countries, demanding them to pay $300 ransoms with Bitcoin, a type of virtual currency. The amount would double to $600 in three days if the ransom wasn’t paid. In the end, though, the hackers only made less than $100,000.
WannaCry crippled corporations and utility companies across the globe. It even interrupted day-to-day business operations in the United Kingdom to the point that some government hospitals had to delay many medical procedures. As a result of the disruption, panic spread among patients throughout the UK.
Companies that were also infected included American courier service FedEx, Spanish telelcommunications conglomerate Telefónica, and German railroad company Deutsche Bahn AG.
Although WannaCry had a significant impact, further damage was prevented after a flaw in the ransomware’s code was discovered. Cybersecurity experts took advantage of the said flaw and made WannaCry ineffective.
A month after the WannaCry fiasco, a different type of ransomware called Notpetya (AKA GoldenEye) made waves. Originating from the Petya ransomware that first caused problems in 2016, Kaspersky Labs came up with the term NotPetya in order to differentiate the two. Both types of ransomware share similarities, but the cybersecurity company says the way NotPetya functions sets it apart.
It is believed that the Ukraine was the primary target of NotPetya because a vast majority of the attacks affected Ukrainian companies and public utility systems. These included Boryspil International Airport, Ukrainian Railways, and the National Bank of Ukraine.
The proliferation of NotPetya was a worldwide event, so companies in other countries were also hit, namely US pharmaceutical conglomerate Merck & Co., Danish shipping giant Maersk, and British consumer goods manufacturer Reckitt Benckiser.
5.Global attack on the energy sector
On September 6, Symantec reported that energy sectors in North America and Europe were the targets of cyberattacks. According to the security software company, a group known as “Dragonfly” was behind the hacks, and that they started as far back as December of 2015.
Symantec investigated and found that the attacks affected energy sectors in the US and Switzerland, among other countries. Dragonfly used different methods to hack into their systems including sending Trojans and attaching malware to emails.
So far, the hacks have caused minimal damage. Nevertheless, Symantec says it should still be a cause for alarm since the Dragonfly has the potential to disrupt the power and electricity of entire countries. To help combat the threats, Symantec has advised energy sectors and governments across the US and Europe on how to deal with the attacks.
How to protect yourself on the Internet
The aforementioned events prove that the internet can be a very dangerous environment, and that no one is immune to cyberattacks. However, there are a variety of ways you can protect yourself and your information online such as:
- Use high-quality Virtual Private Network (VPN) software, even if you have to pay for it.
- Use anti-virus/security software made by well-known and trustworthy companies (Kaspersky Labs, Norton, Avira, Symantec, etc.).
- Never download files or any other documents from unreliable sources.
- Never open suspicious emails.
- Avoid logging on to unsecure websites (URLs beginning with just “http:”). Always check if the URL begins with “https:”.
When it comes to your online security, always remember that vigilance is the key.
Tags: Biggest Cyberattacks of 2017, Boryspil International Airport, cybersecurity, Emmanuel Macron, Equation Group, fake documents, Kaspersky Labs, NSA, Online attacks, ransomware, security software company, Shadow Brokers