How Hacks Happen: Views on the July 4th Ransomware Attack | Hacker Noon

@eduardorochaDr. Eduardo Rocha

Dr. Eduardo Rocha is Senior Solutions Architect & Anti-Fraud Expert at GlobalDots.

First, it was SolarWinds; then over the Fourth of July weekend, a ransomware attack by a Russian hacker group REvil left hundreds of companies’ information susceptible. Now, the hackers are demanding $70 million in Bitcoin to unlock thousands of businesses affected. President Joe Biden has called for cybersecurity to be a top priority.

Previously, two data breaches in Q3 of 2020 left more than 1 billion records exposed to the public per breach—nearly the same amount as the population of China—while four other attacks exposed over 100 billion previously private records. It’s time to heed his words.

Yet time and again, as the headlines die down, concerns about security among decision-makers fade into the background until the next hack. Meanwhile, hackers are quickly evolving from young nerds in their parents’ basements to state-level actors launching sophisticated and dangerous attacks. As attackers become more sophisticated, both in their abilities and tools of deception, when will enough finally be enough?

The attack on SolarWinds went undetected for months in 2020. Malicious code was snuck into software that monitors computers of government agencies and a myriad of large corporations in the U.S. The malware allowed the hackers to obtain insider information by directly accessing the organizations’ networks. Top security advisors are saying Russia’s Foreign Intelligence Service (SVR) is responsible for the SolarWinds attack, but Russia denies any responsibility.

The hack didn’t just corrupt government organizations—it also left multiple Trump administration members vulnerable, including the head of the Department of Homeland Security. According to FireEye executive Charles Carmakal, “dozens of incredibly high-value targets were compromised.” 

And unbeknown to most, this type of attack is not unprecedented. Large corporations saw a rise in data breaches beginning in 2019, and the trend continued through 2020. At the beginning of 2020, a data breach at Microsoft left 280 million people’s email addresses, IP addresses, and support case details out in the open. Not only do these hacks target company information, but they expose personal information as well. As attacks become more sophisticated, privacy is becoming increasingly important and having the right security on connected devices is half the battle. 

Companies with mad security still can’t get it right. Why?

COVID-19 accelerated the rush to the cloud, and digital transformation increased the scope of cyberattacks. Many companies that used to keep all sensitive data on-site now hold it in a cloud ecosystem. As all the data is now processed and stored in public cloud environments, it’s easier for hackers to obtain more valuable data, like user credentials that one uses across various apps and services. 

As technology improves, so do the hackers. Hackers are using automated tools, AI, and scripts for reconnaissance to look for multiple entry points and infiltrate the company’s security.

On top of the newfound sophistication, many companies haven’t updated their security systems during the move to the cloud, which continually makes it easy to hack into their private servers.

State-sponsored attacks are continuing to increase as some countries use offensive cyber espionage to attack others. These state-attacking organizations are well-funded, and the attackers are very organized, working in teams and shifts with the goal of finding a breach and exploiting it. 

How do we stop the cycle?

So what happens when this information falls into the wrong hands? As cybercrimes become the new standard of warfare, people need to be careful with their information. These state actors are continuously gathering information and monitoring everyone, not just those high up in the government. 

The U.S. isn’t the only country with cyber in mind. The European Council recently adopted new conclusions for the EU cybersecurity strategy, allowing for autonomous choices on cybersecurity measures. The decision highlighted a number of areas the council will focus on within the next 10 years, including a network of security operation centers and an EU joint cyber unit, and it discusses the need for stronger cooperation between nations to keep other non-EU countries from being able to infiltrate into their government networks. The U.K. and Australia have also recently released new cyber strategies after reports showed their government computers were susceptible to cybercrimes.

As hackers get smarter and more sophisticated, government bodies and corporations need to continue to invest in research and evaluation of new security technologies, keep their security teams up-to-date, and adjust their security measures to the Cloud infrastructure. The world is continuing to become more digital, and everyone has privacy on their mind. No one wants their information—ID, social security number, or bank account information—in the wrong hands, and it’s up to these bodies to make sure our data stays safe in the long run. 

About the Author

Dr. Eduardo Rocha is a Senior Solutions Architect & Anti-Fraud Expert at GlobalDots. He obtained his Ph.D. in Network Security from the University of Aveiro. Rocha has more than 10 years of experience in the field of network security and botnets’ identification and mitigation. He specializes in innovative anti-fraud, identity management, and zero-trust solutions. Rocha is responsible for scoping customers’ requirements while devising and integrating the most appropriate content delivery and security solutions for a wide portfolio of state-of-the-art solutions.


Join Hacker Noon

Create your free account to unlock your custom reading experience.

read original article here