Question 2 (42 marks) These days, we depend on computers for everything from onl

Question

Question 2 (42 marks) These days, we depend on computers for everything from online shopping and investing to banking and communicating with others. For instance, sectors like government, military, hospitals and other businesses compile and store an enormous amount of confidential information on computers daily. There are group intruders such as hackers, attackers or crackers who are interested in getting control of the computer to attack others. In the year 2017, there were multiple cybersecurity disasters happened in various sectors. There has been viral cause data leakage, leaks of spy tools, campaign hacking and state-sponsored ransomware. You are required to identify SEVEN (7) most significant cyber incidents that occurred in that year and discuss the chaotic that hackers have done in the specified areas (referring to the above bold area). (Tips: WannaCry, Petya)

Explanation / Answer

7 Biggest hacks of 2017

1. Equifax

Cybercriminals penetrated Equifax (EFX), one of the largest credit bureaus, in July and stole the personal data of 145 million people. It was considered among the worst breaches of all time because of the amount of sensitive information exposed, including Social Security numbers.

The company only revealed the hack two months later. It could have an impact for years because the stolen data could be used for identity theft.

The Equifax breach raised concerns over the amount of information data brokers collect on consumers, which can range from public records to mailing addresses, birth dates and other personal details.

2.  The WannaCry Attacks

EternalBlue, a code execution vulnerability from the Shadow Brokers NSA hack, was used to launch two of the worst cyber attacks of 2017. The first one was WannaCry, the largest ransomware attack in history. WannaCry infected hundreds of thousands of computers in 150 countries. The worst part is that all of these attacks could have been prevented. About 98% of victims were running Windows 7. While this OS is quite old, Microsoft still supports it, and they’d issued a patch for the Eternal Blue vulnerability about two months before WannaCry. However, a lot of users never downloaded it and ended up learning, the hard way, about the importance of keeping operating systems and software updated.

3. The NotPetya Attacks

On the heels of WannaCry came NotPetya, another attack made possible by EternalBlue. However, unlike WannaCry, NotPetya didn’t just encrypt files; it destroyed Windows machines’ master boot record (MBR), doing irrevocable damage to the system. Because the release of NotPetya coincided with a national holiday in Ukraine that is not observed in other countries, it appeared to have been aimed squarely at computers in that country, where it hit organizations ranging from shipping companies to the infamous Chernobyl plant. NotPetya ranks among the worst cyber attacks of 2017 both for its destructiveness and the fact that it may have been a “trial run” for a much larger future attack

4. The Uber Hack

In 2016, hackers stole the data of 57 million Uber customers, and the company paid them $100,000 to cover it up. The breach wasn't made public until November 2017, when it was revealed by new Uber CEO Dara Khosrowshahi.

Now Uber is facing questions from lawmakers. Three senators introduced a bill that could make executives face jail time for knowingly covering up data breaches.

5. NiceHash Bitcoin Theft

In July 2017, cryptocurrency investors were on edge after two Ethereum ICOs were hacked within a week of each other, and a few days later, smart contract coding company Parity’s Ether wallet software was breached. In all, over $45 million in Ether was stolen. In December, the cryptocurrency world suffered another black eye when digital currency platform NiceHash was hacked; this time, hackers made off with at least $70 million in Bitcoin.

6. Epidemic of AWS Breaches

Amazon Web Services (AWS) is perfectly secure – if customers configure their AWS servers properly. Problem is, a lot of organizations don’t, so near-daily AWS breaches ranked among the worst cyber attacks of 2017. Amazon itself even sent out a mass email to customers with unprotected AWS S3 buckets, imploring them to review their security settings. Notably, most AWS breaches involved the smaller third-party vendors of very large organizations, such as Verizon , etc.

7. Bad Rabbit

Another major ransomware campaign, called Bad Rabbit, infiltrated computers by posing as an Adobe Flash installer on news and media websites that hackers had compromised.

Once the ransomware infected a machine, it scanned the network for shared folders with common names and attempted to steal user credentials to get on other computers.

The ransomware, which hit in October, mostly affected Russia, but experts saw infections in Ukraine, Turkey and Germany.

Related Questions

Navigate

• Browse (All)
• Browse Q
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.