If there’s one thing you need to know about cyber security, it’s that it constantly evolves. Threats never stop changing – so your defensive strategy can’t stagnate, either.
This is no exaggeration. In 2023, attacks happened around once every 39 seconds. With script-based attacks accounting for about 40 percent of all incidents, bad actors have no shortage of resources. IT professionals and managed service providers (MSPs) need to stay wary.
To help, we’ve rounded up some of the most significant cyber security threats and vulnerabilities from recent history. Here’s what the changing landscape means for those with an eye on security.
What is cyber security?
Cyber security is a catch-all term for mitigating the dangers of digital attacks. Organizations practice adequate cyber security by using various controls, processes, and technologies to:
- Protect data, applications, networks, hardware, and other assets from real-time unauthorized access and exploitation
- Analyze potential threats
- Simulate hacks and practice emergency response techniques
- Set policies to promote the safe use of technologies and information
How do cyber security threats and vulnerabilities work?
Bad actors gain unauthorized access to vulnerable information in many ways.
Many incidents exploit existing weaknesses. For instance, hackers might leverage a well-known bug to gain backdoor access. Or they could discover new vulnerabilities related to how you use technology. Either way, these events often come with ransom requests, legal risks, and negative PR.
Not all bad actors are movie-style hackers operating from some shadowy den of cybercriminals. From disgruntled employees and rogue states to terrorists and corporate spies, anyone can cause a breach – even a careless contractor. It’s best to have strong safeguards in place before that happens!
Here are some of the most significant threat events from the latest headlines:
#1 Twitter Email Leak
The Twitter data breach happened just a few days after the end of 2022. Long story short, over 200 million Twitter users had their email addresses posted on underground hacker sites. More than 400 million Twitter accounts were impacted.
Hackers started collecting the data in 2021 by exploiting the Twitter API vulnerability. This vulnerability, back in 2021, was exploited by different hackers and resulted in multiple ransomware attempts and leaks in 2022.
This leak is one of the most significant data breaches in history.
Read more here.
#2 The Royal Mail Hack
In January 2023, the Russian ransomware gang LockBit hacked the UK’s Royal Mail. The hackers demanded £65mn ransom to decrypt the affected data. This event was so severe that the company asked customers to quit sending items overseas!
In some respects, this may seem like a success story. After all, Royal Mail didn’t pay a ransom. Unfortunately, many of its staff had their data disclosed, and there were prolonged service disruptions.
This cybersecurity threat event shows that avoiding the worst outcome of a hack is a small consolation prize. The best-case scenario is still bad, and for national-infrastructure-level companies like the Royal Mail, the loss of public confidence is a huge blow.
#3 The Reddit Hack
In February 2023, forum site Reddit revealed that it was a recent phishing victim. Hackers gained access to internal Reddit data through a phishing campaign targeting employees. Plus, the hackers wanted ransom money
The result? Hundreds of current and alumni staff and advertisers had their info leaked along with financial data. Reddit’s emergency response team was able to fix the problem quickly. But this was an event the company should have avoided entirely.
The phishing hack worked by spoofing a page from the company’s internal portal. This fooled at least one employee into sharing their access credentials – and one is all it takes!
Read more here.
#4 T-Mobile Data Breaches
T-Mobile USA was hacked twice.
In late 2022, T-Mobile announced that a malicious actor accessed the personal data of 37 million users.
The last breach was discovered in March. The volume of stolen data was small compared to the previous breach. This cybersecurity threat affected 836 customers with their PINs, account information, and personal details. No personal financial account information was stolen.
#5 The ChatGPT Payment Exposure
March 2023 saw the popular ChatGPT Plus service suffer a significant outage.
Although the disruption only lasted around nine hours, it did noteworthy damage. Over 1 percent of subscribers had their payment info exposed to other users. Some users’ chat histories also became accessible.
Now, 1.2 percent might not seem like a significant number, but it’s another case of lost user trust. In this case, OpenAI failed to review an open-source library, a huge self-own properly!
It doesn’t look good when you can’t secure your software supply chain. This event could hamper a tech firm’s competitiveness in a growing field like AI.
Read more here.
#6 AT&T 3rd Party Data Breach
Another telecoms giant, AI&T, exposed 9 million customer records in a 3rd party data breach in March 2023.
AT&T identified this threat as a supply chain attack that mostly involved data related to device upgrade eligibility, which was several years old. As a result, the telecom advised its customers to adopt stronger password security measures.
Find here the full timeline of the AT&T data breaches.
#7 VMware ESXi Ransomware
Nearly 3.200 unpatched VMware ESXi servers were hit by ransomware via an old bug (CVE-2021-21974) last February. Hackers launched a ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974. This easily exploitable vulnerability allowed them to exploit code remotely without prior authentication. France was the most affected country, followed by the United States, Germany, and Canada.
Regarding CrowdStrike, the problem is getting worse. “More and more threat actors are recognizing that the lack of security tools, lack of adequate network segmentation of ESXi interfaces, and ITW vulnerabilities for ESXi create a target-rich environment.”
Read also about the biggest data breaches of all time.
How can MSPs prepare for cyber security threats and vulnerabilities?
Improve your cyber security threats and vulnerabilities strategy with these four actionable tips:
Make data backups an everyday way of life.
Follow the 3-2-1 backup rule. Keep three copies of your data on two or more media types.
You’ll store one copy on your primary system. The other two should be encrypted backups – locally and in the cloud.
Minimize your exposure as much as possible.
Don’t just install anti-virus software or firewalls and call it a day. You also need to keep them updated.
Network management and monitoring software like Domotz can help reduce your attack profile – and manage update rollouts.
Foster an iron-clad cyber security threat culture.
Teach your team members and stakeholders secure practices and behaviors. Conduct IT security assessments, implement BYOD policies, and devise thorough incident response plans. Above all, stress the importance of robust security and provide continuous employee training.