2020 is turning out to be busy for those involved in information security, so far there have been the following information security-related incidents in the headlines during the first 5 months of the year:
February 2020 HB Gary hack attack by the group known as Anonymous.
March 2020 RSA hack stole token data, (attackers were reportedly advanced persistent threats).
April 2020 Sony hack data theft reportedly involving information related to 77 million accounts and 2.2M credit cards.
April 2020 Epsilon victimized by a hack attack, email addresses stolen.
WikiLeaks related attacks perpetrated by the group known as Anonymous.
April 2020 Ritz-Carlton Hotel customers data stolen in a hack attack.
April 2020 Amazon Web Services cloud outage (non-availability).
May 2020 Lockheed Martin (details were not disclosed).
May 2020 Woodside Petroleum (Australia’s largest oil company said attacks were coming from everywhere).
May 2020 Public Broadcasting (a phony news story and lists of reporters accounts and passwords were posted to a PBS site.)
Hacking is a type of directed attack typically executed by an external human using tradecraft methods to exploit accessible vulnerabilities and inflict damage. Protection methods are usually applied to limit the damage inflicted during an attack, limit the duration of an attack or deter an attacker. The effectiveness of any protection measures in use is clearly at issue when a successful attack occurs. Forensic tools and methods are used to analyze attacks allowing lessons learned to be captured and documented. Data theft is often motivated by financial gain, focused on credit card data for sale to fraudsters or email addresses for sale to spammers.
Non-availability incidents occur for any number of reasons, often not involving malicious activity. Such incidents can grow as related resources cascade into failure, a phenomenon with potentially widespread impact.
The Internet is often used to deliver the attack. The nature of giant public networks facilitates anonymity while being reliable and predictable.
The list does not include a huge number of incidents based on malicious code that have become common events or a large number of incidents involving sensitive, typically government, sites that never make it into the press.
The rapidly evolving sophistication of hacking attacks is a cause for concern. State-sponsored activity involving “Advanced Persistent Threats” is emerging from behind the curtains as a valid concern for enterprises worldwide. The press is not likely to suffer from a shortage of material for their headlines for the remainder of 2020.