The year is coming to an end and 2019 has had its fair share of cyber security blunders. Leading to headlines of hacks, scams, and leaks. Some issues were unavoidable for the public as some were very avoidable. In 2019, we saw a lot of news coming out about leaks, invasion of privacy, and ransomware. This put cyber security front and center and made a lot of people more aware and careful. It’s not about never making a mistake, it’s about learning from them. So let’s go over the biggest cyber security mistakes of 2019 and learn from them.
Cyber Security Blunder: Leaks
Leaks are when someone puts secure information out in public. A hacker will leak out any sensitive information they can. Other times there are holes in the security that becomes naturally available without the use of any hack or malicious intent. Both can be brutal and can put people at risk of losing accounts, and even for identity theft.
Facebook: User Data Leaks
The famous Cambridge scandal showed us not to take the long-winded license agreement for granted. This leak shows how easy your information can be publicly exposed for no reason. Two of Amazons’ cloud service third-party apps had fallen victim to a leak. The apps Cultura Colectiva and At the Pool had over 540 million Facebook users publicly exposed.
Unlike the Cambridge scandal, this does not seem like it was intended. To be fair both Cultura Colectiva and At the Pool both deserve to be on the naughty list, but Facebook not so much. For the users, (besides not having a Facebook account) this may not have been avoidable on their part. No matter how secure you try to be, you can’t stop the people that were given the keys.
First American: Site Bug
Bugs happen, both in the real world and in the virtual world. An infestation of flies or cockroaches can ruin an apartment building’s standing for a time. Likewise, when there is a bug in the virtual world where things get just as messy. American First displayed just how dangerously ugly a virtual bug can be. They accidentally exposed around 885 million records including bank account numbers, social security numbers, and other very sensitive homeowner data.
Bugs are bound to happen and even more so the bigger the site is. That being said, one of America’s biggest real estate title insurances, one aspect of having secure documentation should be debugging 101. This was an oversight that put an incredible amount of people at major risks. Your password for Facebook leaked is one thing. Having your social and bank account number leaked is a different ball game and deserves that company’s 100% attention. They are definitely on the naughty list, but was it a mistake? Yes, however, it was something that should have doubled and tripled checked.
Cyber Security Blunder: Hacks
Hacks are more common than people may know. There were hacks and cyber attacks reported throughout this entire year. You could choose a month and easily get four or five stories. So needless to say, we will not be going over all of them or even most of them. YouTube is one interesting story that we will highlight.
YouTube: Account Hijacks
Everyone knows about YouTube. It is a great platform for entertainment, education, and more. This hack was a coordinated attack that started with phishing emails that lead the users to fake Google sites that people logged into with account credentials. After the hackers have the credentials they re-assign the channels to new owners and then change the vanity URL making it seem like the account had been deleted. The reason for this is so that the hackers can sell the account.
YouTubers make money based on how many subscribers and views they get. Hackers can access this information and can sell it to anyone. These buyers can change where that money goes. They can also get money from the new video views. This shows that you always need to be very careful when you are logging into a website. Just because it says and looks like Google doesn’t mean it is Google. These hackers get on the naughty list this year.
Cyber Security Blunder: Ransomware
Ransomware is a virus that holds a company’s or person’s computers and data as a ransom for some kind of monetary gain. Bitcoin is normally the demanded payout currency. There we quite a few this year, including a school in Cherry Hill, NJ! How does this happen? Generally, this could be because the city’s computers and security software may not have been up to date.
Johannesburg: Held by Shadow Kill Hackers
Demanded to pay a total of 4 bitcoins was the largest city in South Africa, Johannesburg. The hackers threatened to publish sensitive information if Johannesburg did not meet their demands. In 2018, a bitcoin was worth over $13,000. Now they are worth around $8,000, meaning that the ransom was for a little over $32,000. This might seem on the low end to ransom a city. However, ransoms held this way are normally low. The hacker will have a better chance of getting payment from the city. Unfortunately, the City officials did not comment if they were planning on paying the ransom or not.
Demant: The $95 Million Attack.
The effects of a ransomware attack can have devastating effects. Not because of the money they ask for but because they steal IT infrastructure or make a company shut it down. This leads to weeks of trying to get everything back on track, which starts a domino effect that can make your assets bleed or lose out on sales. Demant hasn’t released anything about the attack so we can’t say much on it besides making sure everything is up to date and working properly.
How to Be Ahead of the Cyber Security Blunders
Now that we have scared you all by going over all naughty lists of hacks, leaks, and ransomware attacks, the next steps are to take action. Here at #TechStarters, we provide cyber security and firewall installation to help prevent these attacks from happening. We also offer to filter and keep your business technology up to date. Cyber security is important, a lot of hacks and leaks happen because people may not have updated the computer or changed their password when they need to. In business, there are a lot of things to keep track of. Overlooking these things is very easy. So in conclusion, here is a list of the few tips that we learned:
- Always keep your computer updated, no more leaving it until later.
- Watch what links you are clicking from your emails and other websites.
- Watch where you are signing in, is it a legit site?
Reach out to us today to get the right start on your cyber security needs!