2020 was a difficult year for many reasons, and not the least; violations and hacks that visited pain at end users, customers and the organizations targeted. The threat to ransomware has dominated headlines, with an endless stream of compromises hitting schools, governments and private companies as criminals demanded ransoms in the millions of dollars. There was also a steady stream of data breaches. Several takeovers of mass accounts have also appeared.
The following are some of the highlights. To a good extent, we also throw in some notable hacks that, while not actively used in nature, have been extraordinarily impressive or have pushed the boundaries of safety.
The SolarWinds Hack
2020 saved the most devastating transgression for the last time. Hackers backed by the Russian government, according to several government officials, began by compromising the software distribution system of SolarWinds, the maker of network monitoring software used by tens of thousands of organizations. The hackers use their position to deliver a backdoor update to approximately 18,000 customers. From there, hackers had the ability to steal, destroy, or alter data on any of customers’ networks.
It’s going to take time for investigators to assess the damage. This is because not everyone who installed the malicious update received follow-up attacks. Security firm FireEye has so far said the hackers sought information about its government customers and also stole red-team tools used to test customers’ security defenses. U.S. officials, meanwhile, said dozens of e-mail accounts from the Treasury Department had also been hacked.
Although the full consequences of the breach will not be known for several months, it’s already clear that the SolarWinds hack is one of the most damaging espionage hacks in the US over the past decade, or not of all time. visited. This was done by attacking a software supply chain that is essential for some of the largest companies and government agencies in the world. Attackers then used the pipeline to dig deep into the networks of the most interesting entities.
Aside from losing so much valuable data, the SolarWinds hack is notable for the best brand it has used. According to Yahoo News, the attackers took control of SolarWinds’ update system no later than October 2019. They started pushing out malicious updates in March. The compromise on the industry did not come to light through government agencies that had to discover such things, but rather because of the investigation that FireEye did.
Mass compromises of Twitter, Nintendo accounts
In July, Twitter lost control of its internal systems by hackers waging a Bitcoin scam. The offense was notable because it jeopardizes the accounts of politicians, celebrities and business executives, many with millions of followers.
Although the damage was modest – about $ 100,000 in fraudulent Bitcoin promotional payments and some personal data stolen from some account holders – a hack like this could be used to do much worse things (think a government announcement or business leaders manipulating the stock market or fueling geopolitical tensions).
Another thing that made this offense significant was the people who did it and the tactics they used. Authorities charged a 17-year-old, a 19-year-old and a 22-year-old with the use of a spear-phishing attack that stole an administrative password from a Twitter employee leaving home. work during the COVID-19 pandemic.
A runner-up for another hack that led to the big compromise of accounts was the Nintendo that was hit in April.
Ransomware attacks on Düsseldorf University Hospital, Garmin and Foxconn
These are separate offenses, but together they highlight the cost of ransomware attacks, not only on the targeted organizations, but also on the millions of people who rely on them.
During a break-in at one of the hospitals near Düsseldorf, Germany, a patient seeking life-saving treatment was turned away and died while trying to obtain services from a remote institution. It is possible or even likely that the patient would have died anyway, but the compromise nonetheless illustrates the potentially fatal role that ransomware and other types of malicious hacks can play.
The Garmin attack, meanwhile, caused a four-day outage that cut off GPS services to millions of people, some of whom did pilot-in-flight planning and mapping.
Another ransomware attack that caught attention was the violation of electronic giant Foxconn. Attackers demanded $ 34 million for the return of the data, making it the highest ransom ever.
Data breaches hit Marriott and EasyJet
It was also separate brackets, but it led to the compromise of personal data of hundreds of millions of individuals.
For Marriott, the loss of information for 5.2 million guests was the second time in three years that it had picked up a heel of the scale. The breach of EasyJet affected nine million passengers.
A zero-click exploitation on the iPhone and the extraction of an Intel CPU crypto key
Not all hacks are bad. Often they are done by the good guys. And sometimes they are so elegant that you just have to admire them for the ingenuity that goes into them.
This year’s most impressive hack comes from Ian Beer, a member of Google’s project team for Project Zero Vulnerability. He devised an attack that, until Apple released an update, gave him full access to every iPhone within reach of his malicious Wi-Fi access point.
His attack did not require the iPhone user to do anything, and it was wormy, meaning that exploits could spread from one nearby device to another. The exploitation is one of the most impressive burglary practices in recent memory and shows the damage caused by a single vulnerability in the garden. Apple detected a buffer overflow error after Beer reported it privately.
Another top hack this year was the extraction of a secret key used to encrypt microcode on an Intel CPU – a first in the annals of security and reverse engineering.
The key makes it possible to decrypt the microcode updates that Intel offers to fix security issues and other types of bugs. If you have a decrypted copy of an update, hackers can enable it to redesign it and learn exactly how to exploit the hole. The key could also allow parties other than Intel, say a malicious hacker or a hobbyist, to update chips with their own microcode, though the customized version would not survive a reload.
There is an old saying in security circles that attacks only get better. 2020 has proven that the saying is once again true, and no doubt 2021 will do the same.