2017 has been a landmark year for cybersecurity – if only in terms of how sophisticated and massive the attacks have been on our computers and servers. And while there isn’t a specific attack that affected our own devices, trends indicate that it’ll only be a matter of time, and content access is the battleground.
But life – and the internet – still goes on. And in order for to still comfortably and securely use the cyberspace we call our virtual home, it’s important to stay vigilant and up to date with the latest developments and security issues that have happened so far.
So here are the three biggest cybersecurity disasters so far this year, ranging from malware to information leaks to simple cyber disruption.
Ransomware has been one of the earliest cyberattacks developed in hackers’ arsenal, but the caveat of being traceable via the ransom demand made it a very unusual attack vector and was rarely seen for the past decade.
However, with the proliferation of untraceable online currency such as BitCoin (whose value continues to rise over time,) ransomware has returned with a vengeance, attacking the most vulnerable industries. In particular, two attacks come to mind: WannaCry and the Petya malwares.
WannaCry was a malware that used an exploit in the Windows system called EternalBlue. While the software giant released a patch for this vulnerability, plenty of systems didn’t install it and were ended up getting hit as a result: in particular, institutions like hospitals in the UK. The Petya ransomware followed a month after, and while based on the same attack vector that WannaCry had, it was sufficicently more sophisticated and localized: attacking only connected systems within the country of Ukraine.
While the biggest leak of information in happened to do with the US presidential elections last year, this kind of attack has continued to affect the political and social landscape of other countries.
In particular, two days before the French presidential runoff this year, hackers targeted En Marche!’s frontrunner (and now President) Emmanuel Macron’s campaign, releasing a compilation of emails and other confidential information that threatened to compromise the party and his own legitimacy.
Fortunately, Macron’s campaign had been keeping a close eye on what happened with the US’s own experience with such an attack, and while the leak was timed when En Marche! and all the other parties were barred from letting their candidates publicly speak, Macron was able to issue a response via his campaign condemning the attacks, as well as cautioning the public against being swayed by such measures.
At the heart of these attacks lie covert operatives or organisations that seek to sow confusion and paranoia among the internet’s users, either for personal gain or to influence the geopolitical landscape of the world.
Such organisations have normally been based around the greater Asiatic region – for example, Chinese hackers attempting to infiltrate Western security systems and North Korean hackers being the suspected masterminds for some of the aforementioned ransomware attacks.
One particular group called the Shadow Brokers made their biggest step in April of this year, releasing a batch of tools that would allow other criminal groups to take advantage of vulnerabilities within software systems for their own purposes. Some of the tools in this release was used to develop the ransomwares WannaCry and Petya – pointing to one further theory that more attacks may be coming.
These three attacks aren’t the only vulnerabilities that have been discovered and exploited this year. There are plenty more that have happened, and it’s reasonable to assume that more are on the their way. But perhaps by knowing these attacks and what led to their rise, users can protect their systems and their data much better.
Hotspot Shield is a VPN that packs a punch when it comes to internet security. With our VPN, you can gain access to any restricted website on the internet. Hotspot Shield also comes packed with a ton features for your privacy and security online such as data encryption, anonymous browsing, malware protection, and Wi-Fi security.