CyberSecurity Recap for 2017 and Predictions for 2018
Recap: The biggest breach in the history of cyberspace in 2017
Cyberspace has proven to be a blessing to the humanity. It has become a platform for people from different walks of life to socially network and share ideas, regardless of the distance between them and zonal differences.
Sadly, the cyberspace is not all about positivity only; it has its fair share of challenges too. One of such challenges is the abuse it has been subjected to, by cybercriminals who see it as a tool for perpetrating criminal activities. 2017 had its fair share of cybersecurity breaches as organizations and institutions were subjected to serious attacks.
These are some of the biggest breaches the cyberspace experienced in the year 2017:
- Equifax Data Breach
Equifax is an agency that aggregates financial data of hundreds of millions of businesses and consumers worldwide. However, the company detected a serious cybersecurity attack on July 29, 2017 when it detected some suspicious network activity on one of its web portals. Subsequent investigation revealed that the company suffered a massive data breach that eventually affected over 145 million US consumers, almost half of the US population.
The hackers exploited a vulnerability in the company’s security and attacked it on May 13, 2017. When the company eventually discovered the attack, millions of users have been affected as the hackers have already succeeded in creating over 30 backdoors into the company’s systems.
- WannaCry Cyber Attack
Towards the middle of 2017, a ransomeware attack that was considered in some quarters as “the worse ransomware attack ever” was launched. The attack, which started on 12 May, 2017, infected an estimated 300,000 computers in over 150 countries in just four days.
One of the organizations that felt the weight of the attack most was the UK’s National Health Service. About 33% of health trusts in the country, including healthcare services and officers were affected, leading to the cancellation of over 19,000 appointments. Some surgeries were also cancelled in the aftermath of this attack.
- Rasputin Attacks
Although this attack allegedly started in late 2016, it was carried into 2017. The lone hacker, Rasputin, reportedly breached the databases of some 60 government agencies and universities.
The list of Rasputin victims include:
- University of Cambridge
- Rhode Island Department of Education
- Cornell University
- Postal Regulatory Commission and some other dozens of schools and agencies.
- NotPetya Attack
In June 2017, the NotPetya ransomware wreaked havoc in Europe and the USA. One of the hardest hit was Maersk. This shipping giant ultimately lost more than $200 million to the attack because the attack grounded the company’s activities in four countries while the company was rendered inactive for a couple of weeks.
Other companies that felt the huge impact of the attack are FedEx, Merck, and Mondelez. Mendelez recorded a 5% drop in their quarterly sales as a result of invoicing and shipping issues caused by the attack.
These are hands down some of the biggest cyber attacks in the cyberspace in 2017. With billions of dollars worth of damage, the cyberspace seems to belong to the unscrupulous cyber criminals.
Predictions: Cybersecurity Predictions for 2018
As seen in the first part of this article, 2017 was a nightmare for cybersecurity stakeholders. Tons of phishing emails were sent out and millions of people fell victim to cybercrimes. From state-sponsored attack to ransomware such as the WannaCry, there was no peace in the cyberspace. Now the question that arise is: Will this 2018 be a better year?
Here are some of the cybersecurity predictions you should look forward to this year:
- AI-powered attacks
Never has the concept of Artificial Intelligence got more popularity and acceptance than in recent years. It has been deployed in almost all the sectors of the global economy. Cybercriminals are also taking advantage of this to gather more information about their potential targets. They can do this by using AI to collect sensitive intelligence on the target organization prior to the attacks. They can source for such information on external code repositories, support forums, and other places.
We are gradually moving towards the adoption of autonomous transportation system and the integration of IoT into our homes. These are powerful innovations that can also provide cybercriminals with the right platforms for executing cyber-hijacking.
With the powerful tools at their disposal and the amount of information they have access to, it will be a child play for these attackers to highjack a transport or Industrial Control System (ICS) and hold the management to ransom.
Ironically, the attackers have the support of various IoT technologies to carry out these destructive attacks. Most of these technology companies behind these devices do not put the right protections in place to ensure that the devices are hack-proof.
- Attacks on cryptocurrencies and blockchains
Stakeholders in cryptocurrencies should be concerned about the security of their digital currencies. The proliferation of cryptocurrencies and the astronomical growth in their monetary values will make them the target of cybercriminals this year.
The blockchain technology will not be spared either. With the potential to have a permanent impact on humanity in the future, it is another technology that cybercriminals will want to include in their list of conquests.
While the probability of launching successful attacks on Bitcoin is slim, the attackers may target new blockchains and cryptocurrencies. The scammers’ success rates in the recent past serve as a warning that they can dare to do the unthinkable.
International conflicts were taken to the cyberspace in 2017. You shouldn’t expect anything less than that this year. International conflicts will resume in grand style as governments infrastructures are grounded via cyber attacks. This will have a negative impact on the affected governments’ operations. The financial systems will not be spared either.
The fear of a potential attack or a response to such attacks may lead to the erection of cyber-borders that may undermine people’s access to anonymity on the Internet. That will be a huge price to pay when it eventually happens.
- Increased mobile threats
Mobile device users should also expect an increase in the number of mobile threats this year. It is expected that more mobile targeted malware will be released via MMS and SMS or through the Android App Store.
We are just a few days into the New Year and we may see these predictions come true before the year runs out.