2016 has been a year of tremendous technological achievement. We’ve seen fascinating developments across FinTech, health and 3D Printing. Yet every stride made is counterbalanced by a dark equivalent.
For 2016 has also been the year of some monumental cyber security threats. Here’s a review of the biggest threats we’ve seen over the last 12 months.
The Red Cross Data Breach
In late October, Australia experienced its largest ever security breach. The unlucky recipient of this unwanted honour: The Red Cross. The breach was attributed to ‘human error,’ as highly sensitive information of 550,000 donors was left on an unsecured site, by a third party.
While one would expect a data breach of this nature and of this magnitude to cause widespread concern, backlash and an overall drop in donor numbers, this was (luckily) not the case for the Red Cross. The Canberra Times states that numbers have remained steady. When donors were questioned as to why they chose to stay with the Red Cross, responses ranged from: ‘well breaches happen all the time,’ to ‘this information is probably already out there anyway,’ to the philosophical, ‘at least it wasn’t my bank details.’
These attitudes reflect wider truths about the nature of cyber security: that notions of privacy are evolving and that breaches are inevitable.
Bank of Bangladesh Heist
Even though the Red Cross data breach was the result of human error rather than an attack, targeting health organisations has become a routine occurrence. As Fortune has shown, healthcare data is highly valuable. Another industry that is lucrative for cyber criminals is the finance industry. This industry has a reputation for being leaders in the field of cyber security and innovation, as trust, safety and security are crucial for their customers. If that trust is broken, then the consequences can be very serious.
This was the case earlier in the year when the Bank of Bangladesh (BoB) was left red-faced and reeling when hackers infiltrated the system and (electronically) ran off with USD 81 million. (It would have been more but alarm bells were raised when one of the requests was spelt incorrectly). Wired notes that in cases of financial crime, it is more common for criminals to target the individual user. What was so extraordinary in this instance was that the criminals went after the banks themselves.
Allegedly, the hackers got hold of the BoB Swift codes and used those codes to transfer money (via the New York Federal Reserve) to an account in the Philippines. Getting access to these codes was made easier by the rudimentary safety practices of the Bank of Bangladesh. It’s alleged that the bank didn’t have firewalls. The hackers also timed their attack really well, hitting the bank after staff had gone home for the weekend. When the New York offices queried some of the transactions, there was nobody at the office and so by the time the Bangladesh staff returned after the break, a lot of damage had been already done.
This incident highlights several important things. Firstly, that if there are weak links in a system, be it technology, business practices or a communication breakdown, then that system can be compromised. Secondly, that technology is facilitating a level of crime that is exponential. As Adrian Nish, Head of the Threat Intelligence for Bae Systems has said ‘The trend is moving from opportunistic crime to Hollywood-scale attacks.’
The DDoS Botnet attack
As the Bank of Bangladesh example showed, the advancement of technology amplified the level of attack. As we move into a time where the Internet of Things becomes a reality, we will see a level of interconnectivity unprecedented in human history. This interconnectivity is drastically transforming a number of industries, providing opportunities to elevate their processes, their product and their customer experience.
However, as we’ve seen this technology in the wrong hands can create chaos and vulnerabilities. This was particularly evident with a DDoS attack in October this year that targeted industry giants AirBnB, Netflix, Spotify and Amazon. The attack was also extraordinary because of its method. The hackers had used Mirai, a simple program to launch the attack through a network that leveraged connected machines — cameras, sensors, routers were all vulnerable. When infected, these were used as a botnet to launch an escalated offensive.
Dyn the internet service provider that is responsible for many of these sites’ infrastructure, estimated that there could have been more than ‘100,000 malicious endpoints and there had been reports of an extraordinary attack strength of 1.2Tbps.’ The Guardian elaborated, ‘to put that into perspective, this attack was roughly twice as powerful as any attack on record.’
As such, the attack has drawn attention for the need for the cyber community to pool their resources and experiences to address the vulnerabilities in this technology. David Fidler, adjunct senior fellow for cyber security at the Council on Foreign Relations noted:
'We have a serious problem with the cyber insecurity of IoT devices and no real strategy to combat. The IoT insecurity problem was exploited on this significant scale by a non-state group, according to initial reports from government agencies and other experts about who or what was responsible. Imagine what a well-resourced state actor could do with insecure IoT devices.’
What are the takeaways of these cyberattacks?
The overarching theme in these attacks and breaches is that if there is a vulnerability in the process, be it through the practice or the technology, there is a risk. As the Red Cross example demonstrates, it’s not only about hackers proactively infiltrating an organisation’s network, but breaches can also happen due to simple human error. If organisations don’t have protocols in place for creating good practices, then it it only takes one person with malicious intent to discover that unsecured data and use it to cause real havoc for companies. It is crucial that organisations and governments need to come together to share their knowledge and their resources if there’s a hope to ensuring that the damage caused is mitigated. If you would like to know the actions your business should be taking to prevent cyber security breaches then take a look at the Cyber Security program for CeBIT Australia 2017 today!