Cybersecurity Disaster Of 2017- So Far So Vulnerable
Today, more than half of the world’s population uses the internet. Security experts forecast that by 2020 another 4.1 billion people will be connected to the Internet for the first time. There will be more than 200 billion connected things. Homes, Cities, Schools, Cars, Planes, Trains and who knows even animals too will be connected.
This is how the things are going to be in the coming future since we are putting software in everything and everywhere. As technology becomes an integral part of our lives, we the people are becoming more technology-dependent. So what will one do when technology fails to deliver.
Think about an instance when you’re on the road and suddenly your mobile runs out of battery, think what happens then, you are cut off from the rest of the world. Your contacts are locked, your GPS is off. So it’s important that technology is available all the time and more than that the technology is secure. If not, then you will be left isolated from the connected world.
Cybersecurity and it challenges
We are all positive about technology, but looking at how things are shaping up the future looks bit dim when it comes to security. The cyber threat is here to stay and it is going to affect technology.
As a writer in cyber security one can see that things are not getting any better. As we are depending more on technology, the technology in itself is becoming more insecure. Let’s have a look at some of the biggest cybersecurity disaster of this year 2017. You don’t need to wait to discover the highlights of this year’s though; simply read on below
In the first half of 2017, we have seen a preposterous number of cyber security attacks. It not only attacked the corporates but individuals too. We are in July and there are already reports of ransomware doing the rounds viz-a-viz spy tools from US intelligence agencies. This is just the beginning and we have more to see for the rest of the year.
So, let us go through the biggest attacks of 2017 so far and how the users get a run of goosebumps thinking about the chaos it created in the cyber world.
The Shadow Brokers appeared from nowhere last August, they released a series of vulnerabilities in Microsoft Windows. This mysterious group of hackers stole few disk of National Security Agency and posted secrets on the Internet. They challenged the NSA on its ability on intelligence-gathering. If you ask me how did they steal this information? Well! The answer is: I don’t know.
The vulnerabilities of Microsoft OS, and flaws in Cisco routers, and Linux servers were exposed thus creating ripples among their customers. They helped the WannaCry guys by letting them know the vulnerabilities of Windows, which led to thousands of systems across the world getting choked.
April 2017 marked the most impactful release by Shadow Brokers when they published the attack code-named EternalBlue, which hackers have used to infect systems in two prominent ransomware attack.
Nobody knows who Shadow Brokers are and their identity is still obscure, but their presence has already started the debate about using bugs in commercial products for intelligence gathering.
May 12, 2017, a ransomware called WannaCry hit the cyber world. It started spreading like wildfire attacking hundreds of thousand of systems in the world. As said above WannaCry was inspired by the Shadow Brokers and made use of the exploits in Windows SMB protocol (EternalBlue). Once ransomware infects a system it encrypts all the files on the machines, and in return will ask the owner to pay them a ransom in Bitcoins to decrypt the files.
WannaCry is more of a Windows system bug as it attacked system that was not updated till March 2017. WannaCry had a good success in places like Russia, China and parts of India, holding out banks, public transport systems, Universities, hospitals, and more. Though the virus was contained, that system that still runs the old Windows and has not updated it still vulnerable to attacks.
On May 12, 2017, the WannaCry was stopped with a kill switch- a Microsoft’s emergency patching effort. While we were rejoicing about containing this malicious malware, little did we realize that this method of attacking has been found in other malware, which means a new version of ransomware are likely to hit us at times and gives us the nightmare.
WannaCry matters, because this is the latest in the trend that has shown the way how systems with critical Windows security updates can be attacked. The amount of damage it did to users around the world only makes it mandatory to have better security practices.
Just after a Month of WannaCry release on June 27, 2017, comes a new version of ransomware called Petya. Petya went around worming the systems of the world at an alarming speed. Just like WannaCry, Petya used the same exploit of EternalBlue in Microsoft Windows, which was patched in March 2017.
The organization that is yet to update their Windows for EternalBlue should immediately update their OS. Security experts say that there are chances for Petya to hit back with more vigor and infect large networks.
Unlike other ransomware that creates a custom Bitcoin payment address for each victim, Petya uses the same Bitcoin address for all victim. Petya communicates via an email address unlike others that uses anonymity network ‘Tor’.
WikiLeaks is a giant library of the world’s most tormented documents. WikiLeaks came with a bang when it published extensive documents of alleged spying. Stolen from the CIA, the document contained details about spying operations and hacking tools. It even had a mention about Android, iOS, and Microsoft vulnerabilities. Going further it also detailed about how to convert a high-end TV to a mere audio device.
It’s not sure, though how much of this disclosure about CIA toolbox is true. Assuming if the tools are legitimate, security experts are of the opinion that this has caused major embarrassment for the CIA, both in terms of their reputation and how the public will view their way of operation in future.
Shadow Brokers release of Vault 7 had sparked a debate where question was raised on the inherent risk of the development of digital spy toolbox.
Cloudflare is a popular content delivery network, which offers enhanced performance and security for more than 5 million websites. On February 2017 CloudFlare announced that a serious bug ‘Cloudbleed’ in its software has caused to leak sensitive data like passwords, cookies, authentication tokens to spill in plaintext from its customers’ websites. It was a major security breach from Cloudflare. It was a scary deal.
The Cloudflare-backed websites had been leaking sensitive data for over 6-months before Tavis Ormandy (security researcher, Google) noticed the bug and informed Cloudflare. The name was tossed by Tavis who joked about it and called it Cloudbleed.
Google and Bing crawled the website and cached the errant data from silly to nonsense data to even user’s Uber account password. Even Cloudflare own cryptography keys was cached, making it easy for users to search
The incident was also significant as a reminder of how much rides on large internet infrastructure and optimization services like Cloudflare. Using one of these services makes sites much more robust and secure than they probably would be on average if owners attempted to build defenses themselves. The tradeoff, though, is a single point of failure. A bug or a damaging attack affecting a company like Cloudflare can impact, and potentially endanger, a significant portion of the web.
198 Million Voter Record.
The largest known exposure of voter information in the history of America till date. A large amount of voter data, which includes voter profiling data, personal information of 10 years was found on an unsecured server.
Nearly 198 million records on American voters that were stored by Republican data analytics firm. Deep Root, the targeters in Republican politics used this data to analyze its political client and make a better decision for buying Television spot Ads and airtime. Deep Root Analytics though claimed that the data can only be accessed by Vickery, but there are chances that the data can go to others if they discovered it. So getting all the pre-aggregated information will anyway be a blessing in disguise for criminals.
The EMLEAKS profile on Pastebin had around 9 gigabytes of data. It was not clear who posted these document on Pastebin since it is a platform that allows anonymous document sharing.
After the email leak, the Macron campaign said in a statement, “Intervening in the last hour of an official campaign, this operation clearly seeks to destabilize democracy, as already seen in the United States’ last presidential campaign. We cannot tolerate that the vital interests of democracy are thus endangered.”
Julia Sowells167 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.