Those of us in managed services work every day to strengthen cyber security for our clients. We consider things on both a macro- and micro-level; that is, we track the IT news as it affects the industry as a whole, but keep a close eye on how each story may affect our individual clients. This has been an interesting year for cyber security, as criminals continue to find ways to crack the code of company firewalls and protection.
2019 cybersecurity stories include everything from ransomware attacks to stolen medical records and US military breaches. Here is a brief look at the challenges we faced over the last 12 months.
Biggest 2019 Cyber Security Stories Revealed
Many people think of cyber crime as stolen money, but stolen information is by far the bigger risk. Personal data which is stolen by criminals can wreak havoc on someone’s life, as the hackers use stolen identities in a growing number of ways. Ask Cyber Security, an online source of news and education, reports the following attacks on corporations in 2019.
Quest Diagnostics: Nearly twelve million patients’ were victimized in this massive cyber attack which spanned the period between August 1, 2018 and March 30,2019. Personal information and payment data were stolen from a third-party collections vendor. The stolen information included credit card numbers, personal bank account information, health savings plan account information, and Social Security numbers.
Perceptics: This US technology firm specializes in license plate readers, electronic toll collection and border security technologies. The May 2019 hack included personal vehicle information, images, business plans, HR data, financial figures and other personal data. Approximately 65,000 files and hundreds of gigabytes of motorist data – including files are associated with government agencies like U.S. Immigration and Customs Enforcement – were stolen.
Baltimore Ransomware Attack: In May of 2019, the city of Baltimore was crippled by a ransomware attack which halted customer service for city public works and other city offices. Residents were unable to pay utility bills or access their financial accounts, and Public Works email accounts and phone lines were not functional.
Instagram: The social media giant was not immune to being included in the 2019 cybersecurity stories when they were targeted with this phishing scam. In April 2019, Instagram users were notified that they were on a fictitious “nasty list” and prompted them to click a link to view. Once the link is clicked, all followers of the hacked account receive the same message via direct message from the trusted user.
Oregon Department of Human Services (DHS): Early in 2019, clients of the Oregon DHS were victims of a data breach when two million emails were compromised. The attack stemmed from a “spear phishing” campaign, and allowed the hackers to access employee emails which contained information on 350,000 clients of Oregon DHS welfare and children services. The entire attack was carried out through only 9 compromised accounts.
Citrix Systems: This data center and business software provider was victimized by an Iranian-backed group known as Iridium. There were actually two breaches, one in late 2018, and another in March of 2019. Six to ten terabytes of corporate data were stolen from Citrix servers, which handle sensitive projects for White House communications, the U.S. military, the FBI, and private companies. The FBI were the ones to flag the attack.
LinkedIn: Malware transmitted fake job offers through LinkedIn direct messages and emails in this February 2019 attack. Cyber criminals gathered increasingly personal data, such as personal email accounts; messages and emails with malicious attachments were subsequently sent. The hackers were able to con unsuspecting users into divulging increasingly personal data through the course of the attack.
The biggest 2019 cybersecurity stories prove that no industry or sector is safe from cyber crime – no matter how big the company, or how trusted the platform. To protect your company, you need to continually monitor new threats, perform regular software updates, and keep your employees trained on how to avoid inadvertently opening a doorway into your company data.
If this all sounds daunting, make a New Year’s resolution for 2020 – call Alliance IT and let us help. Our experts are ever vigilant and on top of the evolving risks – and we can help to ease your mind.
