Blog

January 11, 2018

2017: Revisiting the Biggest Cyber Security Disasters

Exploring the Top Headline-Making Security Breaches

Coming off a particularly unfortunate year for reported data breaches in 2016, a relentless stream of high profile hacking schemes continued to be carried out all through 2017. While the cyber attacks that generally become headline news are those that hit the biggest companies, there are several lessons all businesses can take away and put into practice.

To improve your cyber security for the New Year, work with a managed security service provider who can provide you with all the management tools and support to keep you and your business protected.

2017 Cyber Attacks in Review

No matter how vigilant you are regarding cyber security, there are always risks to inputting and storing corporate and personal information online. With 2017 behind us, take a look at some of the top data breaches of the past year:

  • Equifax – Late last summer, Equifax suffered one of the most damaging security breaches in recent history. As one of the 3 largest credit agencies in the U.S., sensitive data including social security numbers, driver’s license numbers, home addresses, and other personal information was stolen from 143 million consumers. The hack, which exploited a vulnerable point in website software, took place over the course of several months from May to July.

  • WannaCry – One of the worst ransomware attacks to ever happen occurred in May 2017. Unlike other ransomware, WannaCry was able to encrypt the data of an estimated 300,000 computers worldwide, with hackers demanding a significant Bitcoin payment in return for the stolen files. Once a computer was infected, WannaCry used the connected local area networks and wide area networks to find and seize other hosts. As a result, the ransomware rapidly spread, igniting a global epidemic.

  • NotPetya – Not to be confused with the Petya ransomware attacks of 2016, the malware called NotPetya closely followed the WannaCry attack that took place earlier in the year. While the technology behind this cyber attack was more sophisticated than WannaCry, there were still some flaws, including an ineffective payment system. The hack impacted several countries but particularly affected Ukraine’s infrastructure, disrupting utilities such as airports, public transit, power companies, and financial institutions.

  • Shadow Brokers – A mysterious hacking group called Shadow Brokers first emerged in the summer of 2016. Since then, they have leaked stolen NSA data with their most impactful release occurring in April. The leak included NSA tools such as Windows exploit EternalBlue. This release was especially significant considering EternalBlue was used in at least two other major hacking schemes last year. The identity of who the Shadow Brokers are remains unknown.

  • Deloitte – In an ironic twist, one of the best cyber security consulting firms was affected by a breach back in March. Since Deloitte failed to implement two-factor authentication, hackers were easily able to access all areas of the company’s email system from a single password. Investigators believed that Deloitte’s most high profile clients were the targets; however, the company insists only a small number of clients were actually affected.

How an MSSP Can Help Protect Your Company’s Future

If 2017 is any proof, cyber attacks are reaching new heights. Fortunately, no matter how big or small your company’s IT network is, you can be proactive and take steps to protect your organization from a security breach. At GlassHouse Systems, our IT experts have developed the most comprehensive security products and services to help you identify external threats and stop them in their tracks before they affect your business.

Contact us to learn more or leave a comment below to learn how you can protect your personal information online in the New Year. Furthermore, our managed security experts are happy to offer consultations to discuss cyber security best practices, and more.

TAGS: cyber security, MSSP, Managed Security Services, 2017