Cyber attacks got bolder in 2016

Cybercrimes have really progressed in 2016, threatening not only big companies, but also the ordinary consumer. This makes it one of the biggest concerns of the world moving forward into the next couple of years and the coming decade.

Since cyberspace technically knows no barriers, the globe is wholly connected, and respects only walls that are well-built and protected against the incessant attacks of cyber criminals.

Last year gave us a glimpse of what travesties await those who use the internet without the necessary precautions, both on the side of consumers and businesses. Some have been limited as yet as local concerns, like the case of the leak of personal information of 50 million Filipino voters, but most are already on a global scale.

Top 10 cyber attacks

Consider the following 10 biggest harrowing experiences in 2016 that affected multinational companies and governments that were compiled by www.techrepublic.com:

1. If you’re a Yahoo email user, you may have noticed in recent weeks how insistent it has been in reminding you to change your password. Yes, Yahoo had been attacked in 2014, but  the attach was revealed only last year.  A group known as Pease allegedly exposed the private information of more than half a billion accounts.

2. If you followed the last US Presidential elections, soon-to-be proclaimed president-elect Donald Trump had raised so much fuss about his rival, Hillary Clinton, about using a private email account to carry on sensitive government communication.

Well, it appears the emails and other data as well from the Democratic National Committee, the Clinton Foundation, and other accounts related to Hillary Clinton were hacked in early 2016. The hacking had been exposed via the Guccifer 2.0 website and Wikileaks, and resulted in key staff changes within the Democratic party.

3. If you’re a Dropbox user who likes the convenience of the cloud as a storage bin for some of your computer files, you may have heard of the attack by an unknown hacker group on nearly seven million Dropbox user accounts.

Usernames and passwords were reportedly exposed and sold on the Dark Web market TheRealDeal (link requires Tor), although Dropbox has been quick to qualify that the passwords illegally acquired were expired. Several Reddit users, however, said that some of the passwords still worked.

4. Yes, the Bangladesh cyber heist involving more than $80 million from the Bangladesh central bank and laundered in the Philippines made it to the list of 2016 cyber notables.

A security loophole had been pounced upon by the masterminds in February 2016 also involving SWIFT, a communications platform used by banks around the world. Since the initial hack, banks that continue to use SWIFT have been targeted by copycat attacks.

Internet blackout

5. In what is now regarded as the biggest denial-of-service (DDoS) attack recorded to date, a vast number of internet users in Europe and North America were unable to connect to major websites including Twitter, Amazon and Netflix on Oct. 21, 2016.

Using a malware called Mirai, the lightning speed botnet attack was aimed at systems operated by Domain Name System (DNS) provider Dyn via infected printers, IP cameras, residential gateways and baby monitors. The groups Anonymous and New World Hackers claimed responsibility for the attack.

As a DNS provider, Dyn provides to end-users the service of mapping an Internet domain name to its corresponding IP address. The DDoS attack was accomplished through a large number of DNS lookup requests from tens of millions of IP addresses, causing the internet in the affected areas to shut down.

6. If you dabble in bitcoins, currently the world’s largest digital currency, you may have heard of the hacking of Bitfinex, regarded as one of the largest bitcoin exchanges operating globally today.

When hackers were found to have stolen over 100,000 bitcoins valued at around $65 million from Bitfinex users’ wallets, trading on the exchange was halted. Bitfinex is back online, but bitcoin trading has suffered a confidence blow because of fears of criminal attacks.

Two years before, MtGox, then the largest bitcoin exchange in the world, lost $460 million. Since then, bitcoin exchanges have sought to restore user confidence by adding more security precautions. But the latest attack on this cryptocurrency has been a significant setback causing the bitcoin value to drop by as much as 20 percent just after the Bitfinex attack.

Bitcoin is regarded as a revolutionary currency system that has the potential to change global finance. But with crytopcurrency continuing to be a magnet of attack by cybercriminals, the future looks bleaker.

7. The Philippine government was not alone in experiencing successful attacks on its internet-based systems. The US National Security Agency’s cyber-munitions, defined as weaponized, malicious codes that spy on and sabotage target systems.

Techrepublic.com says a group known as The Shadow Brokers stole and auctioned allegedly hacking tools created by the Equation Group, the NSA’s hacking arm.

8. American multinational technology conglomerate Cisco Systems’ Professional Careers mobile employment portal was exposed to an attack when an “incorrect security setting” supposedly resulted in exposing “a limited set of job application-related information.”

The damage was limited, but the fact that it happened to Cisco showed just how sensitive information may be subjected to misuse when corporate security walls are sloppily handled.

9. Over 412 million users of adult dating and entertainment company Friend Finder Network were exposed, including 339 million from AdultFriendFinder.com, which is described as the “world’s largest sex and swinger community.”

10. Last of the biggest attacks last year was on fast-food restaurant Wendy’s. US consumers who bought food with a credit card likely had their data stolen in July last year, when the company announced that malware had likely infected computers in 1,025 of its 5,144 franchise stores.

Next column: What to expect and what to do in 2017.

Facebook and Twitter

We are actively using two social networking websites to reach out more often and even interact with and engage our readers, friends and colleagues in the various areas of interest that I tackle in my column. Please like us at www.facebook.com and follow us at www.twitter.com/ReyGamboa.

Should you wish to share any insights, write me at Link Edge, 25th Floor, 139 Corporate Center, Valero Street, Salcedo Village, 1227 Makati City. Or e-mail me at [email protected]. For a compilation of previous articles, visit www.BizlinksPhilippines.net.