It's hard to believe, but we're almost at the end of 2022. This year was a big one for cybersecurity, with many notable incidents making headlines. Let's review some of the biggest stories of the year.
2FA bypass led to Crypto.com hacking
Cybercriminals hacked the cryptocurrency trading platform Crypto.com by bypassing its two-factor authentication system. This enabled them to withdraw almost $35 million in Bitcoin, Ethereum, and other cryptocurrencies from at least 483 user accounts. The company was forced to fully refund the victims after previously denying that any customers lost funds.
Red Cross breach exposed data of half a million vulnerable persons
In January, the International Committee of the Red Cross (ICRC) discovered that they became a victim of a highly sophisticated cyberattack after their third-party data storage contractor was targeted by hackers.
The breach exposed confidential information about 515,000 individuals, many of which are vulnerable victims of war — potential witnesses — from around the world. This data could be sold to international crime rings, which frequently target such types of people. So in the same month, the ICRC released a statement that they are willing to speak "directly and confidentially" to the hackers to keep the stolen data from being misused.
Axie Infinity's blockchain hacked with a LinkedIn-based phishing scheme
Using LinkedIn, cybercriminals offered fake job opportunities to employees of Axie Infinity developer Sky Mavis. Those employees went through a series of job interviews and received highly attractive job offers from a company that did not exist.
When one senior engineer clicked on a PDF supposedly detailing the official offer, the hackers were able to compromise that engineer's computer and then other devices used to validate financial transactions on Sky Mavis’ Ronin blockchain. This allowed them to steal Ethereum and USD Coin tokens, equivalent to around $625 million. Sky Mavis was forced to raise funds to help reimburse the affected victims.
2 Million patients impacted by Shields Health Care Group data leak
Massachusetts-based medical services provider Shields Health Care Group experienced a data breach affecting nearly two million US patients. Their investigation revealed that the stolen data included patients' full names, Social Security numbers, diagnoses, insurance numbers, and other medical or treatment information.
Ex-employee caused Cash App data breach
In April, payment tool Cash App disclosed that a disgruntled former employee accessed the company's servers without permission and stole information, such as names, brokerage account numbers, and stock trading activity of over eight million US users. The company reported that no personally identifiable data like Social Security numbers and birth dates were stolen.
Google blocked the largest DDoS attack to date
A Google Cloud Armor customer experienced a series of distributed denial-of-service (DDoS) attacks, which escalated up to 46 million requests per second (RPS). This is the largest Layer 7 DDoS attack ever recorded — almost 80% larger than the previous record of 26 million RPS that Cloudfare experienced.
The DDoS attack on Google lasted 69 minutes and the attack traffic came from 5,256 IP addresses from 132 countries.
Personal Google account hack led to Cisco network breach
On August 10, the Yanluowang ransomware group announced that they have successfully attacked Cisco and would release their victim’s files. Two hours after this announcement, Cisco reported that the threat actors managed to take over a Cisco employee’s personal Google account and use that employee’s synced Chrome browser passwords to log into Cisco’s network.
Afterward, the ransomware group gained remote access to Cisco’s systems via a virtual private network, enabling them to elevate administrative privileges and later drop multiple tools to harvest credentials, move laterally within the network, and conduct other malicious activities.
Despite how sophisticated the attack was, Cisco denied the threat actors’ claim of having had access to the company’s classified documents, technical schematics, and source codes.
Misconfigured ad tracking script resulted in a massive data breach
US healthcare provider Novant Health suffered a data breach affecting 1,362,296 people.
It started when Novant ran Facebook ads on COVID-19 vaccination. To measure the performance of these ads, they added the Meta Pixel ad tracking script to their website. Meta Pixel was misconfigured on the website, so it mistakenly collected personal health information and transmitted that data to Meta and its advertising partners.
These are just some of the top cybersecurity stories of 2022. Keep your company safe in 2023 by leveraging SpectrumWise’s security services. Schedule a FREE consultation with us today.