Security hacks too big to ignore: how to better prepare for cyber attacks in 2018
Image from Author Colin, found on Wikimedia Commons, source link: https://bit.ly/1JdwEkD (CC 4.0), image cropped and filtered.
While the advent of the internet has completely revolutionized how we communicate, interact, and do business with customers, it has also come with plenty of drawbacks, and some are just too big to ignore. Unfortunately, the more information that becomes accessible via the internet, the more people seem to be banding together to take control of it. Learn more about some big security hacks, past, and present, as well as how you can prepare you and your company for potential cybersecurity breaches in the future.
Dutch hackers hacking Russian hackers
Just today, some shocking news regarding the lack of cybersecurity involved with the 2016 election polls was released. As you’re probably aware, leading up to President Donald Trump’s election into office, a swarm of allegations pointing to Russian election poll-hackers emerged. These hackers were creating fraudulent accounts on social media platforms and spread propaganda that is speculated to have a significant impact on the 2016 election results.
Today, we’ve found out that it goes a bit deeper. It turns out that the Netherlands’ Joint Sigint Cyber Unit (JSCU), a Dutch intelligence team, obtained significant knowledge about the Russian hackers since 2014, and had even been hacking them actively to gather more information about the Russian cyber assailants known as “cozy bear.”
It was also noted that JSCU, with this newfound and highly valuable information, had been sharing that information with the CIA throughout the entirety of the election. International cyberintelligence cooperation should serve to provide some comfort to those who are concerned about the Russian security hacks: other parts of the world are looking to locate and put an end to this group of hackers; we are not alone.
Security hacks from the past
Nevertheless, the reach of cybersecurity breaches is vast. Not only can they have influence on large-scale world events such as political elections, but also, and more commonly, impact businesses. And that’s exactly what we saw too much of in 2016/17. Let’s take another look at the specifics of last year’s most destructive security hacks:
- Equifax. This is the big one, and probably the one some of your friends told you to “check on your account” after it occurred. Halfway through last year, hackers successfully penetrated the security of Equifax, one of the largest credit organizations in the world. In this attack, criminals were able to gain control over the personal and financial data of over 140 million users. This data included strictly private information, such as social security numbers.
- WannaCry. This hack made use of a previously leaked NSA discovery, which unveiled a critical vulnerability in older versions of
Windows used in machines all across the world. The hackers then leveraged the first wave of infected devices to infect and ultimately lock down over 250,000 additional computers with ransomware. Essentially a hostage situation, the hackers offered to sell back the locked files in exchange for large sums of money.
- Uber. So Uber didn’t hack anyone, but they did something arguably worse: after being hacked they tried to cover it up. Back in 2016, Uber was penetrated causing them to lose control of the data for over 50 million customer accounts. Not only did they try and pay off the hackers with $100,000, but they also waited for months before even letting their customers know about the loss of data.
These are just a few, of many, horrifying stories of cyber attacks that have occurred in the last one to two years, all of which had profound impacts on the companies they targeted and their customers. I included the last two incidents in particular because they share a common theme: they companies waited long periods of time to address the issue publicly.
This is important because, well, what if they hadn’t waited? Could we have started the right response at an earlier time? Could we have invested more into searching for these individuals and bringing them to justice? While we don’t know the answer to these questions specifically, we do know that the hackers have our attention, and finally, companies are rising to the challenge of fighting them back.
Call in the right backup for imminent security hacks
Help is on the way. Just this week, Google launched a new side-project with the goal of doing the world a whole lot of good. Chronicle, a new cybersecurity startup essentially nursed by Google, provides businesses with the opportunity to more efficiently and readily detect and prevent security breaches and hackers. While companies like IBM have already made this sort of movie, it’s still another big step in the right direction. Another company has decided to pick up the sword and shield against these hackers, instead of just trying to cover up their existence.
The company will offer two services to start: 1) its security and intelligence platform for businesses, and 2) VirusTotal, a virus scanning software that they had previously owned. While these beginnings sound relatively humble, don’t be so sure; an entire security and intelligence platform developed by Google is certainly nothing to scoff at, and I look forward to seeing its integration with businesses shortly.
As for taking care of your business’s digital commerce platform, Episerver is an excellent software company that holds a great emphasis on establishing effective security for its clients. The software offers a wide variety of security capabilities, Support of SSL and Anti-Fraud/Forgery systems to name a few. Here at Luminos Labs, we’ve been proud partners of Episerver for years, and so we can attest to the strength of its integration into developing your business’s digital commerce platform, as well as keeping that platform effectively secure.
Getting better prepared for the future
As you strive to improve your company’s digital presence and digital commerce platform, be wary of the risks that are out there. As we’ve touched on today, cyber attacks can be devastating to the private information of both businesses and their respective customers. Being such an abundant source of this information, digital commerce spaces are becoming more of a prime target for such attacks. Now more than ever, it’s of the utmost importance to prepare accordingly.
If you have more specific questions about cybersecurity at your organization, we’d love to hear from you. Please don’t hesitate to contact us. For more on this and other topics related to digital commerce, please check back often and subscribe to our email newsletter for regular updates.