Despite the ongoing efforts to educate businesses and users about cyberattacks, many still fall victim to such attacks. 2019 saw businesses and entities from different sectors be devastated by hacks, and this trend is expected to rise in 2020. Here's are some of the biggest cybersecurity issues of 2019, and what we can learn from them.
Citrix – The Federal Bureau of Investigations (FBI) got in touch with Citrix last March 6, 2019, to inform them that hackers may have gained access to their internal network. While the FBI was conducting a thorough investigation, reports from thehackernews.com state that an Iranian-backed hacker grouped called IRIDIUM was responsible for the data breach.
The same group also attacked Citrix in December 2018, but this time, they were able to steal around six terabytes of sensitive data that included emails, blueprints, and other miscellaneous documents. IRIDIUM also launched attacks on more than 200 government entities, tech companies, and gas companies worldwide. The FBI believed that IRIDIUM used "password spraying" to infiltrate the Citrix network. Once in, they were able to easily go through the additional layers of security and steal whatever they wanted.
The Wipro breach – On April 15, 2019, Indian information technology (IT) firm Wipro Ltd. was the target of a cyberattack. Hackers were able to infiltrate Wipro's secured network and use its own IT system to launch other attacks on Wipro's customers. Two trusted sources who insisted to remain anonymous told KrebsOnSecurity.com that a state-sponsored hacker was responsible for the attacks.
The sources said that the attacker launched phishing campaigns and netted 23 employees. The investigation also revealed that over 100 Wipro endpoints were seeded using ScreenConnect, a remote access tool. The attacker used this remote access tool on Wipro's compromised system to infiltrate its customer network.
The Dunkin' Donuts attack – Dunkin' Donuts (DD) was also hit by a cyberattack late 2018 and early 2019. The hackers leveraged leaked customer credentials to enter DD perks accounts. A DD perks account is a reward system that offers loyal customers discounts and free rewards in exchange for points. A single account will include a customer's full name, email credentials, and a 16-digit account number or code.
The hackers then sold the hacked accounts on dark web forums and those who bought the stolen accounts used them to redeem the DD reward points. The Dunkin' Donut attack is a good example of a credential stuffing attack, a technique hackers use to bombard a network with stolen credentials to gain access to a specific account.
Toyota data breach – Car manufacturing giant Toyota announced earlier this year that its sales subsidiaries in Japan experienced a data breach. The announcement was made on the company's official website on March 29, 2019, which stated that hackers were able to gain unauthorized access to one of the servers connected to its network. That particular server contained the information of up to 3.1 million customers. Toyota confirmed that the data has not been leaked, and the investigation is still ongoing. One month earlier, Toyota Australia also announced that it experienced an attempted cyberattack.
The hackers, however, were not able to access the private information of Toyota's employees and customers. Security experts believe that the attacks on both Japanese and Australian branches were carried out by a Vietnamese group called APT32. Toyota has not provided any additional details after the attacks.
As we enter the new year, let these cyberattacks remind you of how important it is to take precautionary measures. Cyberattacks continue to emerge and ripple across the globe at an alarming rate. It's no longer a question of if you're going to experience a cyberattack but rather when. The biggest lesson to be learned here is to always be ready.
Ask yourself these questions: Can your company’s current IT setup survive a cyberattack? Are you searching for ways to improve and strengthen your company's network security? Here at F1 Solutions, we will provide you with the expertise, technology, and tools you need to enhance your cybersecurity and protect your business from devastating cyberattacks. Get in touch with us today to learn more about our cybersecurity services.