Biggest cyber attacks in 2020
The Year 2020 is becoming one of the remarkable year due to COVID-19 and the exponential growth of cyber attacks. Due to the COVID-19 pandemic, most of the organizations have shifted their focus towards the health crisis. The work-from-home mechanism has opened up number of opportunities to the cyber criminals. According to the statistics of Security Boulevard, Number of data breaches in 2020 has almost doubled with 3,950 confirmed breaches against 2,103 recorded breaches in 2019. Within first six months of 2020, number of well known companies were attacked, and their account credentials, sensitive data, confidential and financial information were exposed.
Lets have a look at the biggest cyber attacks in 2020 so far.
1. Twitter breach
On 15th July 2020, 130 twitter accounts were hacked including some high profiles such as, Tesla CEO - Elon Musk, Microsoft co-founder - Bill Gates, Former US president - Barak Obama, Current US president Joe Biden, Amazon CEO -Jeff Bezos and Mike Bloomberg. It all started with a phone spear phishing attack to twitter employees in order to get their credentials to access to the twitter account management system. After attackers got access to the accounts, they post a tweet noted “All Bitcoin sent to the address below will be sent back double! If you send $1000, I will send back $2000 [the link]. Enjoy!”
Cryptocurrency research companies reveled that within 24 hours of this tweet, bitcoin wallets got a value of $120,000 through 518 transactions. Attackers took further step to download private messages, email accounts, address books, images & videos up to 8 user accounts. This cause a huge damage to the reputation of twitter and stock market values went down dramatically.
2. Software AG Ransomware attack
Software AG is Germany’s second-largest software vendor and one of the largest software vendors in Europe. On 3rd October 2020, the IT infrastructure of Software AG was affected by a Clop ransomware attack. Clop ransomware is designed to encrypt the data and rename each file by appending the ".Clop" extension. Attackers demand US$23 million ransom in order to provide the decryption key. Although the customer-facing cloud services were not affected by this attack, employee personal information and confidential files from Software AG’s internal network were compromised. Since Software AG was not agreed to pay US$23 million ransom, criminals have publicly released some of the data obtained during the attack.
3. Marriott Data Breach
Marriott International is an American multinational diversified hospitality company that manages and franchises a broad portfolio of hotels and related lodging facilities. On 31st March 2020, they disclosed a security breach that impacted to 5.2 million hotel guest records. Hackers have accessed to the customer records using login credentials of two Marriott employees. The accessed data consist of names, birth dates, telephone numbers, travel information, and loyalty program information of Marriott customers. Still, the hotel has not disclosed about how the login details of its employees were compromised and who carried out the attack.
4. New Zealand stock exchange goes offline
New Zealand’s Stock Exchange Market (NZX) suffered cyber attacks for four days in a row and forced to close on the fourth day of the attacks. According to Zealand’s cyber-security organization, NZX was first hit by a distributed denial of service (DDoS) attack which disrupted the cash and debt markets as well as the Fonterra shareholders market, including its derivatives. The source of the cyber attack was said to be originated from offshore and the exact source is still unknown.
5. Easy Jet cyber attack
Easy Jet is a British multinational low-cost airline group.On 19th May 2020,They revealed that, they were attacked by a group of unnamed Chinese hackers. The hacking tools and techniques used for the attack are still under investigation. Easy Jet admits that millions of passenger data including email addresses, travel details were robbed. Criminals have accessed more than 2000 credit and debit cards of Easy Jet customers. The airline said they were reaching out to all customers who had been affected to warn them to be wary of any phishing attempt.
