Big cyber breaches happen every day — some hit the headlines, and some so not. Jacky Fox, managing director of Accenture Security in Ireland, says that for every major cyberattack we hear about, there are countless others we so not as companies decide not to disclose the potentially damaging news that its data has been compromised.
In January of this year, Crypto.com, was forced to admit that almost 500 of its users had been affected by a major incident that led to unauthorised withdrawals of bitcoin and Ether worth more than $35 million. The company had originally said $15 million was taken in the heist.
“A lot of people are dabbling in cryptocurrencies and typically you have to authenticate yourself very well to get access to that money but a group of hackers worked out how to get rid of the two-factor authentication,” Fox says. “The hackers were able to get into people’s wallets and take the money. Crypto.com had to block access from everybody while they fixed what was wrong in the background but it just shows that even with that security in place it could be bypassed.”
And increasingly, significant attacks are taking place that have motivations other than financial. “We are seeing more politically motivated attacks,” Fox says. Back in February, NewsCorp saw many of their journalists’ email accounts hacked in what was widely believed to have been an espionage operation linked to China. “Journalist accounts being hacked is particularly concerning because it may prevent people from disclosing important information to them,” Fox says.
The ramifications of the HSE ransomware attack in May 2021 are still being felt, but healthcare groups are regularly targeted by cybercriminals, as the sensitive nature of the data makes them prime targets for hackers. In 2021 as many as 45 million people in the US were affected by healthcare attacks, up from 34 million in 2020. In June, the Massachusetts-based Shields Health Care Group disclosed that it had suffered a data breach in March affecting roughly two million people, with the stolen data including medical information such as diagnoses and medical record indicators. Also this year, a major cyberattack on the NHS 111 system left patients unable to get urgent appointments and ambulance call-outs. A crucial system was shut down by hackers who were feared to be linked to a hostile state.
Ransomware attack
Aviation is another major target by criminals seeking valuable personal information and a recent report noted that there had been a 530 per cent year-on-year rise from 2019 to 2020 in reported incidents across the aviation industry. In April of this year a large ransomware attack on SpiceJet saw hundreds of passengers stranded at airports across India, while Canadian low-cost airline Sunwing Airlines experienced four days of extensive flight delays after the third-party software system it used for check-in and boarding was breached by hackers.
As cyberattacks become more sophisticated, they are also more disruptive. In what was a historic and unprecedented attack, the Russia-linked cybercrime gang known as Conti managed to wreak havoc on the entire nation of Costa Rica in April, with the disruption lasting several months. The attack on the ministry of finance paralysed Costa Rica’s import-export businesses, costing the country tens of millions of dollars a day and leading Costa Rica’s president to declare a “national emergency”, making it the first country to do so because of a ransomware attack. A further attack in May saw the country’s healthcare systems paralysed.
The digital extortion gang Lapsus$ went on a high-profile rampage of hacking during the first months of 2022, managing to steal source code and other valuable data from increasingly prominent and sensitive companies such as including Nvidia, Samsung, and Ubisoft and subsequently leaking it in extortion bids. The gang was later found to consist of a handful of teenagers from the UK and Brazil and is now believed to be dormant.