The past year was one, I’m sure will never be forgotten. We witnessed one of the largest pandemics in history while being introduced to a wide range of new technologies. Many of which we hope will shape the way we live forever.
The unfortunate reality is that these shifts, as a result of the situation, led to cybercriminals coming up with new and improved ways to compromise businesses. We witnessed a huge surge in the number of ransomware, malware, and other cybersecurity attacks, with many cybercriminals coming in to take advantage of our increased reliance on digital technology.
Below I’ve listed a number of the most significant cyber attacks in recorded history.
1. WHO Cyber Attack
During the worst period of the global pandemic, there were a series of cybercriminals that went as far as to launch attacks on the credibility of many of the world’s leaders in the health industry. More than 25,000 emails were sent out containing leaked passwords and addresses, belonging to a range of groups, all of which worked in the health industry, fighting to maintain sanity during the height of the pandemic.
In these emails, there was information specifically on the WHO (World Health Organization), US CDC, Gates Foundation, and NIH. This went on to be confirmed by the WHO, that confidential information about many of their staff members, had in fact been leaked online, although they argued that much of the leaked data was outdated, and thus, didn’t pose as much as a risk to the staff members and organization; WHO reacted to this incident by improving the security of the organization.
2. Zoom Credentials Hack
Since the introduction of the pandemic, in early 2020, Zoom has emerged, establishing itself as one of the most important and valuable companies around. But this is not without a couple of problems. Specifically, the Zoom video conferencing software was hugely popular amongst these cybercriminals in the past year, and in a very short time, the software became a liability, vulnerable, to a wide range of security threats. By April 2020, there were reports that over 500,000 passwords had been stolen – all of which were from the Zoom program.
These criminals then proceeded to put this confidential data from Zoom, up for the highest bidder on the Dark Web. This led to many unscrupulous individuals logging into other people’s private meetings and acting out of pocket. The hackers were also able to obtain personal information about the different individuals participating in the Zoom conferences.
By July 2020, one of the most popular social media companies around suffered a breach. This breach was carried out by three individuals, the end result of which, led to the hijacking of a number of very high-profile accounts on the Twitter service. The actual attack utilized social engineering, which was later confirmed to be phone phishing, by Twitter themselves.
The attackers or hackers were able to steal confidential data about the employees, which they used to gain access to Twitter’s information management system. A fairly significant number of high-profile accounts were compromised as a result, these include Barack Obama (former American President), Elon Musk (CEO of Tesla and SpaceX), and Jeff Bezos (CEO of Amazon). The cybercriminals then used their unauthorized access to these accounts to tweet out bitcoin scams, which fetched them an additional $100k.
Less than a month later (three weeks to be precise), the three culprits were arrested and later charged. The leader was a 17-year-old Graham Ivan Clark, who went on to be charged as an adult, for an attack, he supposedly led, based on authority reports.
4. Marriott Hotels Attack
When Marriott went on to acquire Starwood Hotels group, a cyberattack was almost inevitable. This later came to light by 2018, sometime after the initial attack. Prior to this period, cybercriminals had unfettered access to the personal details of the company’s guests. This was close to 340 million people – all of which had their personal affix compromised. The end result was a fining of Marriott Hotels, to the tune of £18 million by the United Kingdom’s Data Privacy Watchdogs.
5. Software AG
In October 2020, this software giant from Germany became the victim of a significant extortion attack. This resulted in the company’s internal systems being shut down and a large amount of company data being leaked. Through the utilization of this Clop ransomware, large amounts of company data were encrypted and stolen. According to different sources, the ransom for the data was put at around $20 million, which, naturally Software AG refused to pay.
Because of the company’s refusal to pay, the hackers went on to do what they threatened to do, which was to publish the confidential information on a data leak site. This data contained information such as employee’s passport details, financial information, and internal emails. The perpetrators of the Clop ransomware attack were not the only group carry out these double extortion attacks.
Throughout the remainder of 2020, these kinds of attacks, these name-and-shame tactics became increasingly popular. We can argue that it’s now the modus operandi for ransomware gangs today.
6. Wishbone Data Breach
Wishbone is another popular social media app, primarily amongst teens, and in May of 2020, they witnessed a major data breach where hackers had obtained and sold the company’s user records, containing over 40 million accounts, on the dark web. Due to the reputation of the dark web and the general age of the user accounts that had been compromised, there was a lot of fear and worry for the victims.
Up to today, there has been no follow up information, detailing exactly how they were able to access these records, but this massive data leak led to a wide range of information being revealed, such as social media profile data, gender of the users, home and mobile phone numbers, personal emails and even geolocation being exposed. Experts did however note that this problem could have been avoided if better encryption software had been used by the company.
This post was written by our guest member “Uchenna Ani-Okoye,” you will find him and his work on his own website below. Thank you Uchenna Ani-Okoye for your contribution to GadgetBond.com
–GUEST AUTHOR INFO—
Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website https://www.compuchenna.co.uk.