In the past eight months, most of the things have changed beyond recognition – the way we live and work. Due to the pandemic, the use of the internet and the cybersecurity incidents have increased tremendously. Since the beginning of 2020, there have been more than 445 million cyberattacks reported, which is double when compared to 2019.
While the IT environment is becoming more complex, cybercriminals are getting better at identifying and targeting the intrinsic weaknesses. Nearly 40% of IT security, line-of-business, and data management specialists cited the rising sophistication of attacks and the increasing complexity of managing and supporting security products as significant challenges, according to IDC’s Data Services for Hybrid Cloud Survey.
Attackers benefit from complexity, which may lead to configuration weaknesses and user ignorance. The thing is most of the companies are already aware of the weaknesses in their system. If they take proper steps, then they can avoid cybersecurity incidents better.
Below are a few cybersecurity incidents that took place in 2020. The rankings are based on the impact the security breach caused to the company.
Here are the top 10 cybersecurity incidents that happened in 2020
The following list of recent cyber attacks 2020 had an impact on millions and billions of people. They show how cyberattacks can affect a company and expose an astonishing number of user records.
Impact: Records of 386 million users stolen from 18 companies.
Till July, numerous cybersecurity incidents happened. About 386 million user records from 18 different companies were stolen. The hacker who believed to have stolen the data posted links to the databases of companies, where anyone could download for free. The hacker, named ShinyHunters is believed to have made a lot of money by selling the data online.
After hackers steal the data, they usually sell it privately first, with prices ranging from $500 to $100,000. Once the data is no longer useful, hackers generally publish them on hacker forums to increase their reputation in the community.
Take Action Now: Use a strong password for your system and update it frequently.
Impact: Records of 24 million people and 793,749 businesses’ data stolen.
Experian, a consumer credit reporting agency, suffered a major breach, impacting nearly 24 million South African consumers and about 793,749 business entities in August 2020.
The agency further revealed that an individual fraudulently claiming to be one of its clients requested services from the company, prompting the release of the information. Soon, after the breach, the company reported the incident to the local authorities. Eventually, the misappropriated data was secured and deleted.
Experian said that the data was not used for fraudulent purposes before being deleted. Also, it further said the cybersecurity incident did not compromise its own infrastructure, systems, and customer database.
Take Action Now: Strengthen your company’s security policy.
#3 MGM Hotel
Impact: Details of over 10.6 million users revealed.
In February 2020, the personal details of more than 10.6 million guests who stayed at MGM Resorts hotels was leaked on a hacking forum.
The information leaked included names, phone numbers, addresses, birth dates, and email addresses of users ranging from tourists, CEOs, celebrities, and government employees. However, the details of the credit cards were not breached.
This cybersecurity incident started in the mid of 2019. Then, the MGM employees discovered unauthorized access to a server. From that day, the stolen information was being shared in several hacking forums.
After the cybersecurity incident got revealed, immediately MGM notified the impacted individuals. In February, once again there was a data breach and as a result, information of MGM hotel users was published openly, on an accessible forum.
Take Action Now: Protect your data with continuous assessment of your system.
Impact: Disruption of client services, revenue and impact on margins. The company paid $50-70 M for ransom.
On April 18, 2020, Cognizant Technology Solutions (CTS), was hit by Maze ransomware cyber-attack, which resulted in service disruption of company’s clients.
The tech giant confirmed the breach on its website. It took steps to contain the cybersecurity incident and notified its clients about the breach and measures to take to further secure their systems.
During a ransomware data breach attack, attackers generally infect the company’s systems with the virus, steal the data, and demand payment from the company to restore the data. But, in case of Cognizant Maze ransomware, attackers threatened the company to pay the ransom or they would publish the breached information online.
Later, in May, Cognizant revealed that it paid a ransom of $50-70 million to cyber attackers to restore its services.
Take Action Now: Always keep your systems updated. Employ an effective way to defend against ransomware attacks.
Impact: A ransom of $1.14M paid.
On June 1, University of California, San Francisco, was attacked by cyber criminals. This was again a ransomware attack and hackers demanded $3 million. The leading medical-research company negotiated the ransom amount and paid $1.14 million as the information encrypted in the attack was critical to the school.
Cyber criminals penetrated the university’s system through a malware that eventually encrypted multiple servers. The university officials later said that no data was compromised, and their development progress was not completely hampered.
Take Action Now: Backup your data- locally, or in the cloud.
Impact: 250 county employees and 25,000 citizens records affected; $300,000 paid for ransom.
This year, on January 22, the Tillamook County’s IT government systems were infected by a malware attack. Hackers penetrated the county’s computer and phone systems through encryption malware. Consequently, the county’s systems were shut down. Their website that hosts numerous departments, was also turned off.
Following the cybersecurity incident, the computer systems were disabled for almost two weeks or possibly longer. The attackers told the county officials that their files were encrypted and won’t be recovered without their decryption service. The attackers demanded $300,000 ransom to let the county regain the data and threatened to double the ransom if not paid on time.
The county officials made every effort to avoid the ransom payment, including recovery through data backup; however, their critical data could not be restored. In the end, the county officials paid the ransom to the cyber attackers.
Impact: 25,000 email addresses and passwords stolen.
Among the cybersecurity incidents so far in 2020, stealing data from important organizations who are fighting the COVID-19 pandemic is particularly shocking.
On April 19, some 25,000 email addresses and passwords were leaked online belonging to several groups working to fight the coronavirus pandemic, including the WHO, NIH, the US Centers for Disease Control and Prevention (CDC), and the Gates Foundation.
Later, the WHO publicly confirmed that some credentials belonging to its staff were leaked. However, the data stolen was not recent, and therefore, the data breach did not pose any risk to the organization. It also did not disclose how the attackers might have obtained the information. The WHO, in a statement, later noted that they were migrating the affected systems to a more secure and authenticated one.
Take Action Now: Step up your security. Choose a modern cybersecurity solution over traditional ones.
Impact: 10 TB data stolen, and $10.9 M demanded.
The Portugese multinational energy company, Energias de Portugal (EDP) faced one of the most threatening cybersecurity incident in April 2020.
A ransomware attack, named RagnarLocker successfully targeted EDP. The cyber-attackers demanded a ransom of $10.9 million to unlock its files. The files contained critical data, including contracts, billing details, transactions, client’s and partner’s personal details like names, passwords, etc.
In a ransom note on the site, the hackers claimed that they will publish the information on public blogs or websites if the ransom goes unpaid.
RagnarLocker ransomware has the potential to infect a system and prevent virus detection, and severely damage the infrastructure of a company. The energy firm, however, has not disclosed if they paid the ransom, or steps that it took to investigate the attack.
Take Action Now: Keep backups of all the critical data.
#9 Zoom App
Impact: Reputation and brand image damaged.
In April 2020, Zoom, a famous video conferencing app, was amid a controversy.
During coronavirus, as stay-at-home orders were put into practice across the globe to limit the spread of the disease, the use of video conferencing apps increased, and Zoom was among the most used ones.
In April, there was an attack, Zoombombing, where people with bad intentions could join the private meetings, read conversations, and screen share images of whatever they wanted, mainly sort of offensive, like adult or shock videos.
There were a lot of other security concerns in the Zoom app. The company later updated its iOS app to stop sending user data to Facebook. Zoom later improved the security of their Zoom meetings as well.
Take Action Now: Know your security settings. Use tools to block unauthorized access.
Suggested Reading: Zoom vs Microsoft Teams: Which video conferencing app is better?
Impact: 200 MB files stolen.
In January 2020, Mitsubishi Electric reported a data breach in their systems. An intrusion on the company’s network was detected months earlier, on June 28, 2019. Later, it was found that roughly about 200 MB files were stolen from the company’s systems.
The breached data mainly contained information such as applicant information (1987 people), employee data (4566 people), and retired employees’ data of affiliate companies (1569). There was also data related to technical and sales materials.
The cause behind the cybersecurity incident was a bug in their antivirus. The Chinese hackers were believed to use a zero-day in the Trend Micro Office Scan antivirus, which allowed them to access the initial entry point.
Take Action Now: Use a highly advanced cyberprotection solution.
Cybersecurity problems and solutions – be prepared
This is not the end. There’s a huge list of cybersecurity incidents that are taking place every other day in different business sectors and through different means.
So, how to prevent cyber-attacks? You can start by updating your systems, software on a regular basis. Then, you can assess your current security posture, detect vulnerabilities, and fix them quickly to protect yourself from hackers. There are free tools available online. We recommend the Acronis CyberFit Score tool by ZNetLive as this is free, easy, and quick to use.
It is important to take a regular risk assessment to ensure you have a robust security baseline. We also recommend that you should use modern cybersecurity solutions so that you don’t lose data. Also, go for strong antivirus software to protect your system from malware attacks.
Overall, look closely at the security needs of your organization and employ only the best solution for your business.