February 12, 2018 by Agnes Talalaev
2017 hacking overview – a peek to data breaches, changes and to the front-lines of cyberwar.
It is always worth the effort to look back and do an overview, or lessons learned, if we must, based on recorded history. At best, the past can be turned into a recorded future, as to avoid similar incidents again. Or at least, to identify trends and tendencies among the cyberspace. Security is an evolving issue, incident numerous and the composition of security providers is just emerging and somewhat overlapping at the same time.
The global nature of cyberspace exhibits some specific challenges for the security framework, and various entities have been eager to act as security providers. In a domain where it is becoming more evident that security for one means vulnerability for others. Cybersecurity is essentially a struggle for power, and that makes it a difficult puzzle for the legacy establishment. Security for some means capability to exploit and exercise power over people, cyber terrain, markets, and money.
The year 2017 was marked with specific spectacles, minor and major. Many of the incidents involved American companies, but also US government establishment – all the way to the depths of the “deep state”. While many other incidents occurred around the world, as the cyberspace is, indeed, a global space. Much of the press attention was devoted to protecting American interests in the cyberspace.
Equifax perhaps being the one that caused most wide-spread shockwave around the world. Millions of personally identifiable and commercially relevant data were suddenly reported to have been lost through a misconfigured, if not just unpatched, Apache Struts server.
Many of the data breach notifications during the year mentioned incidents using terms of “potency” rather than actual events – data could have been compromised or privacy of people could have been violated.
The year was also a crucial turning point in the rooms of Law, where various cases shaped a common ground for the industry. As that of what could constitute a harm caused by something that could have happened, yet perhaps did not happen after all.
War is the most desperate and horrible thing of all. Yet, the fascinating global nature of the cyberspace has been triggering many former sovereigns, tyrannies or Democrats into vigorous battle in the cyberspace in protecting their “national interests” in the mythic global domain. Not many, however, were willing to even try to define, let alone challenge, on the global stage as to what could those national interests be in the context of cyberspace and cyber identities.
Perhaps something related to the modern struggle of nations and world powers, the year 2017 was also a year of ransomware, espionage and trade embargos – the year of Cyber War.
From the depths of the hot war in Europe, in Ukraine, a ransomware campaign spread all over the world causing damage to companies and entities like never before. Some of the ransomware payloads were even described to be more like destroyers than mafia-style gangsters demanding money.
And finally, last but not least, major bank robberies caused terror in the banking industry – just like the whole SWIFT was compromised, at least it was widely speculated, that some countries could be deliberately excluded from the payment network, all that without even a malware incident of any kind, but just due to political grievances.
Finally, the ongoing struggle of power among legacy countries and regimes, but also between intelligence agencies, if not even the global community, surfaced in a way perhaps not seen before in the post-cold-war world. Israeli intelligence with deep roots in the cyberspace and the security establishment came about and accused Russian Kaspersky of political espionage.
Cutting down its virtually non-existent presence and business in the US cyber-soil, the spectacle has perhaps more effect on the general public than anything else. In any case, it did bring some light to the speculation as of who are the main “bullies” in the cyberspace.
2017 Data Breaches – The Worst so far (Identityforce): https://www.identityforce.com/blog/2017-data-breaches
Kaspersky Security Bulletin: Story of the year 2017: https://securelist.com/ksb-story-of-the-year-2017/83290/