Cyberattacks continue to become more sophisticated, and in 2022 they are more frequent than ever before. This is due to both the increasing number of internet connected devices, and to the advanced skills of professional hackers. As technology advances and we become more reliant on it for our personal and professional lives, the more risk we incur.
Cyberattacks happen across all verticals including healthcare, government, and even humanitarian. With October being Cybersecurity Awareness Month, we will dive into some of the largest cyberattacks of 2022 as well as the current attack on U.S. airports.
Crypto.com: Crypto Theft
On January 17th, 2022, close to 500 people’s cryptocurrency wallets were targeted. In this case, the hackers were successful at stealing $18 million worth of Bitcoin, $15 million worth of Ethereum, and other cryptocurrencies. The hackers were able to bypass two-factor authentication and access the user’s wallets, which is largely due to poor password strength or lack of password changes. Therefore, utilizing a password management tool can be extremely beneficial in protecting any account that stores financial or personal information.
Crypto.com initially dismissed this attack as a simple incident, but later confirmed that money had been stolen and the affected users had been reimbursed.
The Solution: The company announced that it had audited their systems and worked to improve their cybersecurity. While this is great news, cryptocurrency is a relatively new product (and technology), so it is important to protect yourself by doing your research and ensuring that any sensitive data is encrypted.
Red Cross: Data Breach
In January 2022, hackers attacked the Red Cross servers that host the personal information of over 500,000 million people. These servers contained data on the organizations Restoring Family Links services. This part of the organization focuses on reconnecting individuals separated by war, migration, and violence. This resulted in halting the Red Cross’s ability to locate missing people and reconnect families – a crucial service that has been protecting vulnerable populations for over 150 years. While they never definitively identified the attacker, it was assumed that it was a nation state.
The Solution: The Red Cross took their servers offline and then relaunched with additional security enhancements, which include two-factor authentication and advanced threat detection.
Microsoft: Data Breach
On March 20th, 2022, Microsoft was targeted by a hacking group called Lapsus$. The group posted a screenshot indicating that they had hacked Microsoft, compromising Bing, Cortana, and several other products. While the group was able to obtain some data and information, Microsoft was able to stop the attack immediately with only one account being compromised. There was no customer data stolen and Microsoft received a lot of publicity for their effective and efficient security response. Since Lapsus$ has previously targeted other large companies such as Samsung and Nvidia, Microsoft’s cybersecurity team was prepared.
The Solution: Microsoft had cyberattack detection practices employed, and their team was quick to notice the breach. This is an example of how important cybersecurity is.
Twitter: Data Breach
Twitter has a long history of cybersecurity attacks dating back to 2009. These breaches include everything from hijacked high-profile accounts to Bitcoin scams. However, in 2022 a hacker using the alias ‘devil’ posted that they had obtained the personal information of 5.4 million users. This information included users email address and phone numbers. The hacker had exploited a vulnerability in Twitter’s server and then posted the data for sale at $30,000. This breach occurred on July 21st, 2021 and was not discovered until a white hat hacker identified the vulnerability in January 2022.
The Solution: Twitter investigated and patched the vulnerability and attempted to notify all accounts that had been affected. However, they were unable to confirm all the accounts that had been breached.
U.S. Airports: Pro-Russian Hacking Group Attack on Airport Websites
This is a current cyberattack happening at the time of this publication in October 2022.
A pro-Russian hacker group called ‘Killnet’ has taken responsibility for knocking out major U.S. airport websites across the country. The group is known for DDoS (distributed denial-of-service) attacks, which is where a network is flooded by simultaneous data transmissions. The group posted a list of airports on Telegram urging hackers to participate in these widespread DDoS attacks. The call to action includes airports in the following states: Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, and Missouri.
While it is not currently clear how many of these airports were or (will be) hit, the following airports have reported disruptions as of October 11th, 2022: LaGuardia, Des Moines, LAX, Chicago O’Hare, Denver, and Atlanta.
Since this is an ongoing situation, we cannot yet say what the goals of the attacks are or what the solution will be. However, the FBI and Cybersecurity and Infrastructure Security Agency (a department of Homeland Security) are aware of and investigating these attacks.
If you have questions about cybersecurity best practices or are interested in implementing cybersecurity practices for your business, reach out to us at ContactUs@Matrix-NDI.com or call 763-475-5500.