In today’s information-dependent age, lies an increasing vulnerability to the data we store online. Once set in motion, technology advances at a rapid rate, causing software requirements to grow constantly. This results in key infrastructure becoming obsolete at a speed too breakneck for corporations, institutions or governments to keep up with.
Just this year, we’ve witnessed some of the largest meltdowns in cybersecurity history. Depending on the motive of the hacker, data breaches usually result in millions of personal records and sensitive information stolen. This does not only affect the breached organisation, but also every end user whose private records may have been compromised.
In mid-May, a strain of ransomware called WannaCry infected over 200,000 computer systems worldwide, affecting corporations and public services alike. Most notably, the ransomware caused numerous National Health Service (NHS) hospitals and services throughout the United Kingdom to temporarily shut down, locking patient files and postponing vital operations and procedures.
Closer to home, the WannaCry attack left a few hundred Singaporean IP addresses compromised as well; a reminder that geographical boundaries mean little when it comes to cybersecurity.
Once infected, the viral ransomware scrambles data on computers, demanding a ransom of $300 to $600 to restore access. Spread by various methods, including phishing emails and on systems without up-to-date software, WannaCry increases the payment amount with time, threatening loss of data and creating a sense of urgency among its victims.
WannaCry’s reach came about from a previously leaked Windows vulnerability released by Shadow Brokers. The hacking tool, called ‘Eternal Blue’ gives unprecedented access to all computers running on outdated versions of the Windows Server Software. Microsoft has released a patch for the bug back in March, which many institutions had yet to apply by the time the attack happened. This serves as a crucial reminder to organisations and individuals to have their software updated on a regular basis.
Just a month after WannaCry brought chaos to computer systems around the world, another global ransomware attack began causing severe disruption at firms in Europe and the US. Companies affected by the malware include advertising firm WPP, food company Mondelez and Danish shipping firm AP Moller-Maersk amongst plenty others. Once a computer is infected, the malware spreads rapidly across an organisation via the EternalBlue vulnerability in Windows PCs or through two Windows administrative tools.
This huge breach was caused by a new strain in their malware known as GoldenEye, which was associated with “EternalBlue” as well. As such, it operated on a more advanced mechanism compared to its predecessor, WannaCry.
Investigators started suspecting that GoldenEye had to be a deliberate, damage-causing attack disguised as ransomware. Having originated from, and having hit Ukrainian infrastructure particularly hard, research suggests that the malware was in fact a targeted cyberattack carried out by Russian hackers, against Ukraine.
A mere two days before the French presidential elections took place, hackers dumped 9GB worth of torrent files on an anonymous publishing site. Purporting to be an archive of leaked emails from Emmanuel Macron’s party, most of the data were obtained several weeks before from many of his campaign staff’s personal and professional email accounts. Subsequently, the Macron party issued a statement claiming numerous fabricated documents were being released among the authentic files and were being disseminated together on social platforms.
With a data dump timed less than 48 hours before the election, it would have been too late to cause a specific shift in the outcome. Yet the timing could have proved strategic. Since French law forbids candidates to address the public two days ahead of an election, Macron would have been unable to tackle any accusations directly, fabricated or not.
While Emmanuel Macron went on to clinch the presidency, the Macron campaign compared the hacking directly to the targeting of Clinton’s campaign. The hackers were far sloppier this time around, but Macron was also far more prepared than Clinton ever was. The breach had been anticipated by French officials and Macron’s staff who had been receiving phishing emails as early as December the year before. Macron’s team took preliminary cautions against by creating bogus documents and fake email accounts, which served to restrain the hackers, holding them off as they became obligated to verify the documents if necessary.
Be it for politics, profit or otherwise, cybersecurity breaches like the examples outlined above serve as a reminder that we live in a world that’s increasingly dependent on systems, network and digital repositories. As challenging as it might be, the future of cybersecurity lies in ensuring infrastructure advances along with its corresponding technology.
For more business insights, follow Canon Singapore on LinkedIn.