2017 was a terrible year for cybersecurity.
Ransomware became more professional and more mainstream. State-sponsored sabotage efforts caused huge devastation. Billionaire businessman Warren Buffet even declared that cyber crime is the biggest problem facing mankind.
Here is a look at some of the most business-crippling cybersecurity disasters of 2017:
The WPA2 KRACK Vulnerability in 93% of all Wireless Networks
In October, security researchers revealed a glaring fault in the WPA2 encryption algorithm used by 93% of all wireless networks.
And if you haven’t updated your router firmware recently, you might still be vulnerable.
KRACK is a proximity-based attack that allows the attacker to read all traffic on the network, and potentially to forge traffic as well. That can mean reading emails, snooping passwords and injecting malware.
To be clear: this is not just a problem in certain implementations of the encryption protocol. This was a hole in the encryption protocol itself.
Hardware and software companies have raced to patch it. And if you’ve applied these updates, you’re probably safe – using your own network at least.
But it’s very hard to say how many public wireless networks are still vulnerable. Many less sophisticated computer users never upgrade their router firmware – or even realise that that’s a thing.
In 2018, the WPA2 KRACK vulnerability remains a ticking time bomb for many businesses of all sizes.
The WannaCry Disaster
WannaCry was a ransomware attack in May that infected 230,000 computers in four days.
Originally thought to be the work of cybercriminals, intelligence agencies later traced the malware to the North Korean government.
WannaCry exploited a vulnerability that Microsoft had already patched in March. This exposed just how many workplaces don’t always apply these patches as they’re released.
Many of the machines impacted including those at Britain’s National Health Service – were still using Windows XP, which Microsoft long ago had stopped supporting with security patches.
The punchline to WannaCry is that it might have yielded just 52 bitcoins in ransom payments – worth around $130,000 at the time. Given the sheer scale of this attack, that’s an astonishingly small payday.
Cloudbleed
In February, it emerged that the Cloudflare content delivery and DDoS protection network was leaking private data. Claiming a 35% market share, Cloudflare is one of the world’s largest content delivery networks.
This affected big names like OkCupid, Fitbit and Uber.
This bug saw Cloudflare save data transferred by an https connection which even allowed search engines to crawl, index and cache the content. This data could include passwords. This means that Cloudbleed is not just a problem for those companies whose websites were compromised, but for everyone else who uses them. That’s especially true if you use the same password for more than one website.
Cloudflare fixed Cloudbleed within 7 hours after discovering it. However, for those whose data was leaked, the damage was already done.
NotPetya
NotPetya hit in June. This might have been the most destructive ransomware attack of all time.
It’s called “NotPetya” because it was disguised to look like Petya – a ransomware attack from 2016 that spread through phishing emails that tricked the receiver into installing ransomware.
NotPetya was different though. It used the same vulnerability as used by WannaCry to spread from machine to machine without needing to trick any humans into running the software.
NotPetya mostly struck Ukraine, but damage spread across Europe and worldwide.
NotPetya was similar to WannaCry in another respect too: for all the damage it caused, it raised hardly any money. It relied on an email address to communicate with victims, fortunately this address was swiftly disabled. This was such a lazy effort to collect money. that it’s widely believed that the real intent of this attack was to cause as much damage as possible.
How Secure is Your Network?
If you’ve followed along this far, you probably noticed that a lot of these attacks succeed not so much because of bad code, but because of decisions taken by IT professionals and businesses.
For instance, both WannaCry and NotPetya spread far and wide through a vulnerability that Microsoft had already patched well before the attacks hit.
But these attacks worked as well as they did because so many workplaces were still relying on Windows XP, which Microsoft had ceased supporting.
Others used an operating system that still had support, but weren’t applying the security patches – probably because their infrastructure had grown complex enough that applying them might mean that programs would stop working or devices would stop talking to each other.
Many business owners and IT professionals have accepted this as a calculated risk – that the greater security vulnerability was worth it when set against the work required to apply all the updates – and yet this is exactly the sort of collective decision making that creates such an incentive for these attacks.
So perhaps it’s time to spend two minutes going over this network security checklist to see how you stack up. It could save you so much trouble.
“The opinions expressed by BizWitty Contributors are their own, not those of BizCover and should not be relied upon in place of appropriate professional advice. Please read our full disclaimer."
