This year has seen some major cyberattacks and the news for 2022 is unlikely to be good, given the current trends and expert opinions about the year ahead. To recap some of the major cyberattacks and to show the diversity of firms impacted, Digital Journal presents a potted round-up, capturing three areas of significance.
Belgium government
Showing that even governments are vulnerable, Belgium’s government-funded ISP was hit by a denial-of-service (DDoS) attack, with over 200 organisations and services affected and taken offline. Services disrupted include tax systems, remote learning capabilities, and even vaccination bookings.
This took place in May 2021 and Steve Forbes, Government Cyber Security Expert at Nominet, told Digital Journal: “The DDoS attack against Belgium’s government IT network shows how a relatively rudimentary attack can have a serious impact on a national scale.”
Forbes added: “With crucial services such as tax systems, remote learning capabilities and vaccination bookings being taken offline, there’s no doubt that this has disrupted the nation. It will also have stopped many meetings in and around government, as many officials wouldn’t have been able to join remotely. This attack is a demonstration of how much we rely on connected government services and why we all must work hard to build protected and resilient online environments.”
JBS and the food supply chain
In June 2021, a data breach occurred at JBS, a firm operating in the food sector. Looking into this was iboss Vice President of Research and Intelligence, Jim Gogolinski (who helped discover the infamous Sandworm).
Gogolinski explained to Digital Journal what the attack meant for the U.S. food supply, noting: “This attack continues to illustrate that no segment of the public and private sector, regardless of their importance, is off limits to cybercriminals. JBS’s transparency and immediate cooperation with the departments of agriculture and law enforcement of both the United States and Australia was a welcome step in the recovery process.”
And with the implications, the expert explained: “As evidenced by the US State Department’s communications with Russia over this attack, nations are going to have to work together to ensure there is no safe haven for cyber-criminals to use as a base of operations.”
Android
In response to August’s Android Trojan, FlyTrap, Digital Journal heard from Robert Prigge, CEO of Jumio.
Prigge explained the sheer scale of the data breach: “With more than 10,000 users worldwide falling victim to the new Android Trojan, it’s clear that social engineering tactics have become highly successful in tricking users to hand over their sensitive data. In fact, phishing alone has accounted for 36 percent of all successful data breaches in the past year. Although online users must ensure they are educated on identifying social engineering attempts, it simply isn’t enough to combat the issue.”
In terms of future precautions, Prigge recommended: “Account information such as emails and passwords can be easily stolen and leveraged through credential stuffing attacks, identity theft and account takeover tactics. This is another glaring reminder that traditional authentication methods, like passwords or knowledge-based authentication, need to be eliminated. Artificial intelligence, coupled with biometric authentication (using a person’s unique biological characteristics to confirm identity), ensures a user is who they say they are when signing into an account”