Cyber crime is an ever-evolving problem, with an estimated cost of US$10trn by 2025. In 2021, there were over 4,100 publicly disclosed data breaches, which represents approximately 22 billion records exposed. The figures for 2022 are expected to at least match this, or potentially exceed it by as much as five percent.
Cyber Security Hub is dedicated to delivering breaking news from the cyber security sector. With this in mind, here are the news stories detailing the threat vectors, cyber attacks and data breaches that had the biggest impact on its readers in the past 12 months.
10 – Social engineering “most dangerous” threat, say 75 percent of security professionals
In May, Cyber Security Hub research revealed that three in four cyber security professionals considered social engineering or phishing attacks to be the “most dangerous” threat to cyber security at their company.
The research, which was conducted for the CS Hub Mid-Year Market Report 2022, also found that other top threats included supply chain/third-party risks (cited by 36 percent of respondents) and a lack of cyber security expertise (cited by 30 percent of respondents).
Discover more about social engineering attacks here.
9 – Meta fires employees for allegedly hacking into user’s accounts
On November 17, the Wall Street Journal broke the story that 12 Meta employees had been disciplined and/or fired for breaking Facebook’s terms of service and hijacking user accounts.
The employees, some of whom were contractors employed as security guards at the tech company’s offices, had been using a heavily regulated internal access tool referred to as ‘OOps’ to reset access to Facebook accounts. One employee was dismissed following accusations that they used OOps to allow hackers to fraudulently gain access to multiple Facebook accounts in exchange for thousands of dollars’ worth of Bitcoin.
More on the consequences for those abusing access to the account reset tools here.
8 – Dropbox suffers data breach following phishing attack
On October 14, a malicious actor gained access to 130 of the company’s source code repositories after its employees were targeted by a phishing attack.
The attack saw a malicious actor pose as code integration and delivery platform CircleCI in order to harvest login credentials and authentication codes from employees. It also gained access to Dropbox’s account on code repository site GitHub, as CircleCI login information can be used to access Github.
Through the attack, the hacker gained access to some of the code Dropbox stores on the platform, including API keys used by its developers.
Discover more about phishing attacks here.
7 – Google blocks “largest ever” web DDoS attack
Google reported that it had blocked the “largest” distributed denial of service (DDoS) attack on record, which had a peak of 46 million requests per second (rps) on June 1.
The attack targeted a Google Cloud Armor user with HTTPS for a duration of 69 minutes and had 5,256 source IPs from 132 countries contributing to it. Google reported that the attack was the biggest Layer 7 DDoS attack reported to date and was 76 percent larger than the previous record.
In a blog post about the attack, Emil Kiner, senior product manager for Cloud Armor and Satya Konduru, technical lead, both at Google, noted that the attack was akin to “receiving all the daily requests to Wikipedia…in just 10 seconds”.
Learn more about DDoS attacks here.
6 – Kaspersky Antivirus added to a US security risk list
The US Federal Communications Commission (FCC) and the Department of Homeland Security (DHS) amended its list of foreign IT vendors that “pose an unacceptable risk to national security or the security and safety of United States persons” on March 25.
The amendment added Kapersky Antivirus, a digital security company previously named by Gartner as the third-largest provider of consumer-level IT products and the fifth-largest vendor of enterprise IT products. Two Chinese-owned companies, China Mobile International and China Telecom Corp, were also added.
FCC commissioner, Brendan Carr, said the companies were added to the roster to “help secure [US] networks against threats posed by Chinese and Russian state-backed entities seeking to engage in espionage and otherwise harm America’s interests.”
Kaspersky’s response to the amendment and the impact of the blacklisting are here.
5 – Twitter confirms data from 5.4 million accounts has been stolen
On July 27, Cyber Security Hub reported that a hacker going by the alias “devil” had claimed to have the details for 5.4 million Twitter accounts for sale.
The hacker claimed to have harvested the information using a vulnerability previously flagged to Twitter on January 1.
Twitter confirmed the breach on August 5, and suggested that in the future users should enable two-factor authentication to protect their accounts from unauthorized logins.
Find out how the hacker was able to exploit the vulnerability and the accounts affected by the data breach here.
4 – Suspected Grand Theft Auto 6 hacker arrested by UK police
Rockstar Games, the developer of popular game series Grand Theft Auto (GTA), suffered a data breach on September 19 after an unauthorized party gained access to the company’s Slack channel.
From there, the hacker downloaded and leaked previously unseen assets and clips from the as-yet-unreleased GTA 6 game to a fan forum. While it was initially thought to be a hoax, swift involvement from both Rockstar Games and the authorities confirmed the clips were real.
A 17-year-old from Oxfordshire known only as AK was later arrested by the City of London police, allegedly not only in connection to the hack, but to hacks against Uber and Microsoft from earlier in 2022.
Learn more about the alleged hacker and his multiple attacks here.
3 – Google announces its acquisition of Mandiant
Google announced its plans to acquire cyber security firm Mandiant at a cost of over $5bn on March 8, a move designed to bolster its internal cyber security resources.
The $5.4bn acquisition was Google’s second most expensive deal in the company’s history, second only to its purchase of Motorola Mobility for $12.5bn in 2012.
The plans to merge Google and Mandiant’s cloud offerings as well as the size of the deal led to speculation on what its impact might be for the cyber security sector at large. Cyber security experts noted that it may signal a shift in the cloud landscape, with those offering cloud services increasing investment in security and consulting services.
Learn more about the merger and its influence on the cyber security sector here.
2 – Samsung hit with class action lawsuit following data breach
In late July, an unauthorized party gained access to the internal servers for tech giant Samsung’s US customers. Samsung warned customers of the data breach on August 4, after an internal investigation confirmed that the malicious party had gained access to personal information for customers.
Just over a month later, a class action lawsuit was filed by a Samsung customer affected by the breach. Shelby Harmer filed the lawsuit with the US District Court for Nevada on September 6 “on behalf of Samsung’s customers whose personally identifiable information was stolen by cyber criminals”.
The lawsuit alleged that Samsung had not only failed its customers by not reporting the breach in a timely manner, but also by incorrectly safeguarding their personal information in the first place.
Find out more about the lawsuit and its charges here.
1 – Over 1.2 million credit card numbers leaked on hacking forum
Carding marketplaces are dark web sites where users trade stolen credit card details for financial fraud, usually involving large sums of money. On October 12, carding marketplace BidenCash released the details of 1,221,551 credit cards for free.
A file posted on the site contained the information for over 1.2 million credit cards expiring between 2023 and 2026, in addition to other details needed to make online transactions.
BidenCash had previously leaked the details of thousands of credit cards in June 2022 as a way to promote the site. As the carding marketplace had been forced to launch new URLs three months later in September after suffering a series of DDoS attacks, some cyber security experts suggested this new release of details could be another attempt at advertising.
Discover how BidenCash gained access to 1.2 million credit card details here.
