To lean on the cliché, these unprecedented times have brought about significant challenges for everyone. Practically every organisation, person and industry has been forced to make unexpected changes and significant sacrifices in a variety of different forms.
The rush to equip organisations and employees with the tools needed to work from home has greatly exacerbated the already underlying condition of poor cybersecurity hygiene. While businesses and individuals were focused on staying safe and operational, cybercriminals were taking advantage of the chaos on commotion to ply their trade. Unfortunately, 2020 has resulted in some of the worst data breaches and cyber incidents of recent history. In fact, the total cost of ransomware and cyber-extortion payments doubled during the first half of the year alone. With the number of cyber incidents rising, and a concerning trend of cybersecurity shortcomings, it is clear that cybersecurity must be at the forefront of business leader’s minds in 2021 and going forward.
With this in mind, lets take a look at some of the cybersecurity events that rocked the world in 2020, and see what the experts have to say.
Marriott
Back at the start of the year, the hotel chain Marriott disclosed a security breach that impacted more than 5.2 million hotel guests who installed the company’s loyalty program application. An investigation into the activity revealed that the login credentials of two Marriott employees had been used to access “an unexpected amount” of guest information.
Chris Clements, VP of Solutions Architecture at Cerberus Sentinel:
“This highlights the criticality of multifactor authentication, passwords simply aren’t enough. It took Marriott over a month to detect that the attackers had access to their systems and a further month to alert customers. During this time, the attackers could have leveraged their access to at least 5.2 million customer account information to do very targeted phishing campaigns with impunity. Detecting breaches stemming from compromise of an authentic.”
Richard Bejtlich, principal security strategist at Corelight:
“If you are a high-profile target that operates a network – particularly in the hospitality and transport industry — you must secure it. The fastest, easiest, least disruptive way to get visibility is to deploy a network security monitoring solution to passively observe and audit the traffic entering and leaving a site. If Marriott had better visibility to know if and when intruders accessed their site, what they did there, and if response and remediation efforts were successful then this breach would have had a smaller impact.”
MGM
10.6 million people who had stayed at MGM Resorts have had their personal data published on a hacking forum, it was revealed this week. According to the breach notice, the leaked personal data included names, addresses, phone numbers, emails and dates of birth. It is thought that the recent breach stems from an earlier incident which occurred last year, whereby unauthorised actors were able to access MGM’s internal cloud and therefore the personal information of previous guests.
Felix Rosbach, product manager with data security specialists comforte AG:
“While this is a key takeaway for end users, there is also something in it for enterprises that process this critical data. While there is no sure-fire way to prevent attackers from getting access to an enterprise network, there are solutions that protect valuable customer information. Being able to not only protect passwords but also related personal data reduces the risk of misuse of data and resulting reputational damage drastically. Companies should look to deploy data security tactics such as stateless tokenization to protect the privacy of their customers.”
David Kennefick, product architect at Edgescan:
“As with any breach there will be a tendency to look for specific high-profile people whose information will be included in data dumps such as this. We have no information about how the breach happened, but it appears to be confirmed by MGM Resorts. The only concern I would have with this is it’s taken nearly a year for this to become public knowledge, I would hope that they have already contacted the impacted customer and allowed them keep an eye out for general fraud and potential phishing/spear phishing attacks.
Going forward, when booking a hotel room, we should set a standard of being able to do this while providing as little information as possible.”
Another shock this year was when several high profile social media users were targeted by malicious cybercriminals who gained access to their account in order to defraud their followers in a Bitcoin scam. One of the world’s first, the hack which resulted after a highly targeted spear phishing campaign, proved that no one is above a cyber incident, regardless of notoriety, wealth or fame.
Niamh Muldoon, senior director of trust and security at OneLogin:
Those Twitter users considered “High-Value Targets” must stay security conscious around the clock and make decisions to protect themselves and limit their personal risk. I wonder how many of these High-Value Targeted individuals in the Twitter breach are security conscious and actively making personal risk based decisions daily when signing up for new online and social media apps, accessing apps and sharing data via these online and social media apps? These individuals need to make sure they adhere to security best practices such as password hygiene, limiting access to their accounts to as few devices/individuals as possible and applying two-factor authentication on all loops, tools and logins.”
Fire Eye
In perhaps the most concerning cyber event of 2020, FireEye, the cybersecurity agency for many government institutions around the world, fell victim to a sophisticated cyberattack. Currently the prime suspect of this attack is Russian-backed nation state cybercriminals. The firm said that hackers had used “novel techniques” in order to make off with its own tool kit, which could help them to mount new attacks across the world.
Dan Panesar, Director UK & Ireland, Securonix:
“The hackers have claimed a real treasure trove during this audacious raid. They’ve stolen an espionage kit that targets vulnerabilities across a whole raft of enterprise software products. This hack is a stark reminder to the entire cyber security industry, on the importance of working together to defend against these sophisticated, well funded groups intent on cyber Armageddon”
