We’re going to focus on some of the highest-profile cyber attacks that affect everyday people. Cyber attacks generally target the companies that hold thousands, if not millions, of stored data relating to unsuspecting consumers. For example, although it’s very much a blessing, the reliance on fintech online banking solutions has created a sharp rise in the number of identity fraud cases as hackers use the platform to steal sensitive data.
Below, we’ll look at some of the most recent highest-profile cyber attacks in recent years and what the learning points from them are.
Acer Ransomware Attack
Acer is a massive company with hundreds of employees and a database filled with sensitive information about thousands of customers. According to reports, Acer did pay out the $50 million ransomware fee that hackers demanded for them to return the database as it was – but despite paying, financial spreadsheets, bank balances, and communications.
The Acer ransomware attack taught us that even the tech giants have cybersecurity vulnerabilities that need addressing. Acer reported they were completing a thorough investigation into their cybersecurity measures and urged other companies to do the same. It also highlighted that despite paying the ransomware fee, sensitive information was still leaked, proving that paying the fee might not be enough.
SolarWinds Open-Source Coding Supply Chain Attack
The SolarWinds cyber attack was one of the highest-profile attacks in recent years, if not ever. Hackers exploited vulnerabilities in open-source coding and targeted several government-level organisations and big tech companies like SolarWinds. The attack, in fact, started with SolarWinds. A lack of application security testing and software vulnerabilities allowed hackers to insert malware into software updates released by SolarWinds.
The SolarWinds attack taught those within the industry that open-source coding can create vulnerabilities without the correct testing, especially when releasing updates that alter coding and can, therefore, result in vulnerabilities. The attack also highlighted that hackers can use sophisticated technology to infiltrate even the most robust supply chain software packages – the result was damage to thousands of businesses worldwide.
JBS Ransomware Attack
JBS is a Brazilian farming company that quickly became the world’s largest meat processor. Daily operations see thousands of pieces of meat processed and packaged to be shipped worldwide. Similar to the SolarWinds hack, the attack on JBS was a supply chain attack that resulted in the temporary closure of operations in the US, which had a knock-on effect on businesses worldwide.
Again, the attack highlighted that ransomware is becoming a huge problem. JBS paid a fee of $11 million as a request by the hackers. Despite government advice not to pay the ransomware fees, sophisticated hackers are now forcing companies to do so. It highlights the need for companies operating within a supply chain to consider whether there are vulnerabilities within the software that controls the supply chain.
Hackers continue to find ways to infiltrate companies and exploit the various vulnerabilities across supply chains. Hackers are developing or gaining access to sophisticated technology and coding to infiltrate companies you think would have the best cybersecurity defences. Hackers tend to work in groups worldwide, especially in countries like Russia.