1(630)802-8605 Ravi.das@bn-inc.net

In the last few months, I have written about Cyber threats and attacks, but more on an individual basis.  I try to find those headlines that will have the most impact on you, my readers.  I try not to rehash the same news stories every day, I try to bring out something fresh.  I could spend every day writing about a company that has been hacked into, with customer data being stolen, etc.

While this is truly unfortunate, we keep hearing this every day.  So goes today’s headlines.  There are at least 8-10 different headlines saying the same thing, but with different companies being impacted.  So today, we will do something a little different:  Let’s talk about the top Cyber threats so far in 2018, now that we have hit the halfway mark for the year.  Here we go:

The Russians

Yes, like the attacks on companies, we keep hearing about the Russians every day.  Whether it is meddling in the 2016 elections or something else going on in Syria.  But, this country also poses a real Cyber threat also, just like China and North Korea.  But back in 2017, Cyber security researchers did raise the alarm bell when Russian based Cyber attack groups were probing around the vulnerabilities and weaknesses of US based power companies, and our electrical grid. In fact, there was even evidence that the Cyber attackers had direct access to a US based utility’s control systems.  Unfortunately, it wasn’t until later this year  that the US government began publicly to acknowledge the Russian’s involvement in these actions, especially that of the NotPetya malware, deemed to be one of the most dangerous ever created.

US Higher Educational Institutions

In March of this year, the DOJ charged nine Iranian Cyber attackers on hacks placed at over 300 universities.  These individuals have been charged with infiltrating 144 US universities, 47 private companies, and even the DOJ itself.  Apparently, these Cyber attackers stole 31 terabytes of data, valued at $3 billion in intellectual property.  The prime Cyber attack vehicle used in this scenario?  Spear Phishing based E-Mails.  Over 100,0000 victims were targeted, and out of that, the Cyber attackers were able to gain credentials for about 8,000, with 3,768 of those at US higher educational institutions.  The culprit for these Cyber attackers has been pinned upon the  Mabna Institute, which was founded in 2013.

Frequent Data Exposures

There is often a lot of confusion when it comes to data loss, data exposure, or any term that has data in it.  For purposes of this blog, a data loss can be defined as:

“When data is stored and defended improperly such that it is exposed on the open internet and could be easily accessed by anyone who comes across it.”

(SOURCE:  https://www.wired.com/story/2018-worst-hacks-so-far/)

This often relates to data that is stored in the Cloud, and the prime example of this is that of  the marketing and data aggregation company known as  “Exactis”.   Over 340 million records were exposed were made publicly accessible, and  2 terabytes of very personal information on US adults were exposed.  The problem supposedly has been fixed, but now, Experis is facing a huge lawsuit.

The UnderArmour Mobile App

Mobile apps are always a prime target for the Cyber attacker, and this is best exemplified by the breach from UnderArmour.  Over 150 million users accounts were compromised, which included usernames, email addresses, and passwords.  This is incident occurred on March 25th of this year, and within a week, the company had disclosed that it was a victim of a major Cyber attack.  The company had actually used a very strong cryptographic based hashing mechanism called “bcrypt”, to protect some of the passwords.  The rest of them were hashed with a much weaker hashing algorithm called the SHA-1.  It is known that this one does have its security flaws and vulnerabilities; thus, the Cyber attackers who launched this attack were able to prey upon this and cause the havoc that they did.

The VPNFilter Malware

This is the latest major Cyber attack to have transpired, with the last occurrence happening back in May, once in again from Russia.  Over 500,000 routers worldwide were impacted, and it can be used to launch network manipulation or E-Mail spam campaigns all the way to stealing sensitive data. The worst part about this malware is that all major router models can be affected, which include:   Netgear, TP-Link, Linksys, ASUS, D-Link, and Huawei.  Also, the VPNFilter can be used to launch a wide scale botnet attack, in which one impacted router can be used to affect millions of others worldwide.

So there you have, the top Cyber attacks thus far in 2018.  Of course, there have been many others, but these have made the top five.  Each style of attack is different, but theme is common:  The lack of human awareness when it comes to opening up phony E-Mails, and the need for businesses and corporations to implement the strongest layers of encryption possible.

There is no excuse to use outdated hashing algorithms, the most recent ones should be used.  If the leadership at these companies are not sure which ones to implement, then all they have to do is make one phone call to a Cybersecurity company in order to get good advice on what to do.

What will the rest of the year hold?  Well, find out on my blog post to be written on 12/31/2018!!!