یک دهه در امنیت سایبری ناکام است: نقض برجام ، تهدیدات ، و “بی هویت” سال 2010


Translating…

As the 2010s come to a close, we take a snarky walk down memory lane, listing the craziest, most impactful, or simply just awful cybersecurity fails of the decade.

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom.

Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be said about the last decade in cybersecurity fails.

What kicked off with a handful of stories about niche hacks ballooned into daily splashy headlines about massive data breaches, dangerous outbreaks, and increasingly sophisticated attack campaigns. The game has truly changed, generating a multi-billion-dollar industrial complex, and inspiring millions to stock up on tinfoil hats while saving trendy rumpus room designs to their Pinterest boards.

To comment on the sweeping changes brought on by the last 10 years of hacks, breaches, privacy debates, and evolutions in malware, Malwarebytes researchers Wendy Zamora and Chris Boyd take a look at the most noteworthy, mind-blowing, and sometimes chuckle-inducing cybersecurity fails that defined the decade.

2011: Game over, PlayStation

cybersecurity fails playstation

WZ: It all started with the gamers. In my mind, gaming is nearly as genre-defining as porn when it comes to testing, adopting, and embracing early tech evolutions. The two go hand-in-hand, so to speak.

I’ll just give you a minute to wipe that last image out of your head before proceeding.

Great. So, in 2011 the world got its first glimpse at the power of a good hack to not only steal data, but also bring operations to a grinding halt. The 77 million members of the Sony PlayStation Network, including minors under the age of 18, had their personal data exposed to hackers. But worse for the gamers, they were locked out of their accounts for 23 days, unable to play online, purchase, or otherwise indulge in their favorite pastime.

For the sheer number of users alone, this hack is noteworthy, but more, it was a foreshadowing of the ways in which cybersecurity fails could do more than just steal information—they could disrupt lives.

2012: Mat Honan’s digital life torched

cybersecurity fails mat honan

CB: PlayStation was significant for sheer cultural impact, if not actual affected numbers, given the size of recent breaches. I usually groan when looking at yearly lists of cybersecurity fails because I know 90 percent of it is going to be the same generic breach we’ve all seen a hundred times over. Yes, it’s bad that six million customer records were swiped from a web-facing database. No, it doesn’t make for interesting reading.

Instead, I’m much more interested in specific examples of personal ruination. One such example is from 2012, when technology writer Mat Honan found his entire digital world torn in half. I’d argue this is one of the most spectacular digital demolition jobs I’ve ever seen. The crooks had no interest in him, his data, or his devices. They just wanted that sweet, sweet three-character Twitter handle. If everything important to him was torched along the way? Too bad, so sad.

This guy pretty much lost everything of real, singular importance to him in the attack. All those photos of his kid as a baby? Bam, gone. Google account taken over and deleted. iPhone and iPad data erased. Anything still on his MacBook drive was locked away behind features designed to make his life more secure, like the four-digit PIN. The worst feeling in the world isn’t just the compromise; it’s knowing that those helpful systems are a gigantic pain in the backside once someone who isn’t you is in the driving seat.

Some basic actions—enabling 2FA on gmail and making backups—would have essentially made this a non-event. Did Honan miraculously manage to get his photographs back? Sure. It was a lucky escape, and we generally don’t get that lucky. This was one of those landmark, hot knife through buttery cybersecurity fails. I double dare you to top it.

2013: Snowed under

cybersecurity fails snowden

WZ: Sure, sure, Honan’s digital demise uncovered many holes in security processes we previously thought were failsafe, and maybe taught Apple customer service a valuable lesson in active listening. But as you yourself noted—I don’t think anyone learned anything from it. In contrast, Edward Snowden jolted the world out of its collective ostrich pose and demonstrated how very much 1984 got it right.

Depending on which side of democracy you stand on, Snowden, a former CIA contractor-turned-whistleblower, is either a hero or a war criminal for his 2013 revelations about the extent and reach of NSA-sponsored surveillance systems set up in the aftermath of 9/11. Global telecommunications systems, Internet watch lists, international cooperation, the works. In the list of cybersecurity fails, this may be the Holy Grail.

Regardless of political stance, Snowden’s reveal was a real eye-opener for the public, and it sparked a massive worldwide debate that rages on to this day. They call it “the Snowden effect.”

Just ask anyone what’s more important to them: national security or personal privacy? Do they have “nothing to hide” or is their right to stay off the grid of upmost importance? If you can easily answer this question and guarantee everyone in the room with you agrees, then you must be reading this from far in the future, when this list will look positively quaint in comparison to yours.

2013: Cryptolocker ransomware changes the game

cybersecurity fails cryptolocker

CB: Okay, Snowden is a double-edged sword. On the one hand, he helped confirm that those conspiracy theorists were onto something. On the other hand, he helped confirm that those conspiracy theorists were onto something. I also wonder if the significance of his findings made that much of an impact outside the US, considering lots of folks just shrugged and carried on regardless.

If you want actual global impact on a scale you can feel, ransomware is where it’s at. Cryptolocker ransomware, specifically.

Ransomware was all fun and games until Cryptolocker came onto the scene and dashed users’ hopes by being the first widespread malware to encrypt files and hold them hostage until ransom was paid. Ransomware prior to Cryptolocker mostly relied on cheap tricks instead of encryption, but its arrival in 2013 cemented this method’s popularity forever, spawning clones and higher encryption stakes by the bucketload.

2013 again: Target hack

cybersecurity fails target

WZ: Okay, I will totally give you Cryptolocker. Game changer, no question. But this next breach is the quintessential lesson in “it only takes one time,” the Occam’s razor of cybersecurity fails. It also happened to be the splashiest, loudest security news of the decade (so far). Why? Because everyone loves Target. Everyone.

In 2013, Target screwed up big time. Its HVAC vendor had been hit with malware via lowly phishing email, but the technician remained dubiously unaware of that infection, which went ahead and stole Target’s network credentials. Hey, kids! What happens when you give third parties access to your VPN without thoroughly vetting them or their equipment for threats? You get hacked.

Also, note to businesses of all sizes: Free scanners do not proactively block threats. (Yes, we know, the HVAC people were using the free version of Malwarebytes.) They detect and clean malware only when you run a scan. Had the vendor been using our real-time anti-malware technology (or any other antivirus platform with always-on protection), this attack would have been erased from history.

2014: sorry, celebs! The Sony Pictures hack

sony

CB: Everyone may love Target in the US, but on the other side of the pond, we enjoy £1 stores where everything costs, uh, £1.50. No, I don’t understand it either. What I do understand is I’m about to up the stakes to DEFCON 1 (Is that the bad one?) with a hacking tale that truly went viral. Step forward for the second time today, Sony!

The long version of the Sony Pictures hack can be read here. The short version? A hacker group called Guardians of Peace pilfered massive amounts of data from Sony servers, and in the years that have followed, it’s now tricky to remember where conspiracy theories and documented facts cross paths. A shady North Korean conspiracy, FBI and NSA involvement, multiple unreleased movies dumped online, thinly-veiled references to terrorist acts unless The Interview was pulled from theatres, and more all happened in the space of a month.

This cybersecurity fail is the equivalent of a Fast and Furious movie where the smalltime family of car heisters somehow ends up stealing nuclear footballs and taking down Russian submarines in their spare time. Also, hurling insults at someone who starred in a film called Hackers seems like a great way to invoke the Gods of dramatic irony.

2015: not sorry, cheaters

cybersecurity fails ashley madison

WZ: Yikes, yeah, 2014 was not a great year to be a celebrity. Just ask the victims of The Fappening. But I’m going to pivot and mention one of the decade’s cybersecurity fails that was actually a good thing: The Ashley Madison hack.

Bringing to public conscious the term “hacktivism,” these do-gooders breached the database of the website dedicated to helping married people find true love by cheating on their partners. Some 32 million adulterers’ credentials and credit card information were dumped online, after which they were likely dumped by their angry spouses. There’s not much else I can say here except you guys are assholes and deserved this one. The end.

CB: Yeah, I got nothing. Those cheaters were bad and should feel bad.

2016: But her emails?

shadow brokers

WZ: Look, everyone and their mother is going to say the DNC hack was the biggest cyber event of 2016. The Russians most certainly pinned the tail on the Democratic donkey, interfered in our elections, and overall made a right mess of things. There’s no doubt Russia’s actions cast a shadow over American democracy. But as far as global, far-reaching impact is concerned, I’ve got my eye on a different blight.

In 2016, a shady hacking group known as the Shadow Brokers started leaking NSA secrets, vulnerabilities, and exploits onto the Internet, embarrassing the agency, but more importantly, putting sophisticated tools in the hands of cybercriminals that would be employed over the remainder of the decade.

Most notably, they disclosed a group of SMB vulnerabilities and their accompanying exploits, which were later used to propagate the WannaCry infection laterally through thousands of endpoints, and which are still in use today to spread deadly Emotet and TrickBot infections in worm-like fashion.

If it weren’t for the cybersecurity fails caused by the Shadow Brokers, who knows? Threat actors might still be messing around with small potato consumer scams and identity theft. But with grown-up utilities in hand, they realized they could do a lot more damage to a lot more devices, and soon turned their greedy gaze to loftier goals.

2017: the year of the outbreak

wannacry

CB: Well, super sneaky government tool thefts are all well and good, but the impact of ransomware retooling and running wild can’t be denied. In 2017, ransomware authors decided that just going after home users was becoming a little old hat, so they started targeting large organisations in a wave of outbreaks (fueled by the very exploits stolen from the NSA in 2016). Sadly for us, those organisations included many of the services we make use of on a daily basis, whose files and operations were encrypted and held up for Bitcoin ransom.

WannaCry, NotPetya, and BadRabbit were the big three ransomware epidemics of the year, but the malware made headlines time and time again as ransomware authors inched themselves into every available corner. Threat actors may have become a little less inventive during this period, but they certainly weren’t resting on their laurels.

Arguably the heaviest-hitting ransomware story of 2017 was the WannaCry attack on NHS, as £92m vanished down the plughole. This was a seismic attack, the aftershocks of which are still felt today, spinning off into unexpected places that have taken on a life of their own.

2017: crypto fever

cybersecurity fails crypto

WZ: I could go with Equifax here, but come on, son. Another day, another breach. In 2017, it was safe to say that basically anyone who had ever been online had their information compromised. Which is why I will instead turn to the birth of a brand-new form of cybercrime: cryptomining.

Bitcoin and other cryptocurrency had always been the favored tender of the black market, as it’s anonymous and nearly impossible to trace. However, in 2017, crypto became more mainstream as a sudden, acute increase in value had even the beariest of bears opening cryptowallets and investing in super-niche altcoins. So naturally, cybercriminals being the vultures of the Internet, they found a way to capitalize on all this carrion by jacking the CPU/GPU of other users’ systems to generate coin.

Starting in late 2017, we started noticing hundreds of millions of detections of coinhive.com, a CPU-mining platform that—while itself was a legitimate service—was being abused by cybercriminals to mine users without their permission. This kicked off a landslide of cryptomining activity that spawned the creation of multi-platform cryptomining malware, drive-by mining attacks, crypto-bundlers, crypto-themed scams, cryptowallet drainers, crypto crypto cryptors, and crypto.

While cryptomining has since died down from its 2017-2018 heyday, it remains forever part of the threat landscape, and I’m sure we’ll be seeing much more of it as cryptocurrency and blockchain technology take hold in the next decade.

2018: shine’s off social media

cybersecurity fails facebook

CB: 2018 was all about the covert use of data pulling the strings in every direction you can imagine. Data mining and digital assets plus social media makes for a cracking combination in the wrong hands, and it turns out Facebook was the place most of this war was fought and won (or lost, if you were on the receiving end).

Cambridge Analytica, a political consulting firm based in the UK, probably knew they’d walked into “oh, whoops” territory when their offices were raided in 2018. They’d been mucking around on multiple elections worldwide, but drew attention to themselves and Facebook after it was discovered that they’d been ans-for-your-data / “rel =” noreferrer noopener “target =” _ blank “> جمع آوری اطلاعات شخصی از 50 میلیون پروفایل کاربر فیس بوک بدون اجازه آنها . از این داستان همچنان احساس می شود ، زیرا قانونگذاران اکنون Big Tech را برای سیاستهای حفظ حریم خصوصی داده ها بررسی می کنند.

2018: حریم خصوصی داده ها به چیزی تبدیل می شود

امنیت سایبری رمزنگاری را خراب نمی کند

WZ: strong> در واقع ، من باید در مورد کمبریج آنالیتیکا نیمه موافق باشم. اما من مشکلات رسانه های اجتماعی شما را می بینم و اینترنت کاملی از حریم خصوصی داده ها . در سال 2018 ، کاربران بیدار و بیدار شدند و به کارهای داخلی غول های فناوری که آنها دوست داشتند ، اعتماد کنند ، اعتماد می کنند و در غیر این صورت معتاد می شوند. صبر کنید ، شما اطلاعات من را به شرکتهای داروسازی می فروشید؟ آیا واقعاً می توانید مکالمات من را ضبط کنید em> از طریق دستیار خانه دیجیتال من؟ ناگهان ، کاربران مجبور بودند به همان اندازه که نسبت به جرائم سایبری رفتار می کردند ، نسبت به شرکتهای معتبر فناوری بسیار احتیاط کنند.

آگاهی از سال 2018 منجر به اقدام جهانی شد ، زیرا GDPR به بهره برداری رسید و یک میلیون آگهی کوکی و EULA را اجرا کرد. بازنویسی حریم خصوصی داده های دیجیتال همیشه مسئله ای بوده است ، و به سالهای قبل از Y2K باز می گردد ، و در حالی که با بیومتریک و داده های ژنتیکی درگیر می شویم ، چندین دهه ادامه خواهد داشت. اما سال 2018 نمایانگر دوره ای از “بیداری” عمومی است که برای همیشه روش ساخت ، خرید ، تنظیم و استفاده از فناوری را تغییر داده است. p>

2019: سال تهدید سه گانه

امنیت سایبری باعث تهدید سه گانه

CB: strong> ما به سال 2019 خیلی نزدیک هستیم تا بتوانیم بطور قطعی بگوییم چه چیز گیر افتاده است و چه موضوعی ، اما تهدید سه گانه Emotet ، TrickBot ، و Ransomware Ryuk باعث ایجاد چنین مشکلات عظیمی در طیف وسیعی از زیرساخت های مهم و busi سرویس های ness مبنی بر این که هر نوع گوشه 2019 که این حمله را نشان نمی دهد ، از دست می رود. اگر صندوق پستی شما زنگ آشنایی Emotet malspam هنوز در حال فرود روی شبکه هستید ، شما واقعاً خیلی خوب کار می کنید.

تهدیدهای سه گانه به طور رسمی در سال 2018 به چشم می خورد ، اما این حمله em> سال 2019 بود. اگر خبری مبنی بر اعلام وضعیت اضطراری شهری ، مدرسه تعطیل شده برای هفته ها یا بیمارستان وجود داشت. شرط پرداخت هزاران باج باج ، شرط می بندید که به خاطر این سه شیطان بوده است. این حمله از هر زاویه ای است ، و در یک حمله بیگانه ، این بخشی از این قسمت خواهد بود که قهرمان با عبور از یک هوای مناسب با هوا فرار کرد.

امنیت سایبری در دهه شکست نیست

همه این استدلال در مورد عدم امنیت فضای مجازی بسیار هیجان انگیز ، ضد مرگ ، و یا احمقانه ساده است اگر ما آن را در تعظیم پایان سال پایان نمی بخشیم بی معنی است. بنابراین ، بدون هیچ گونه آزار و اذیت بیشتر ، ما اکنون بهترین انتخاب امنیت سایبری دهه گذشته را انتخاب خواهیم کرد. Drumroll لطفا …

WZ: strong> رأی من به کارگزاران Shadow است زیرا مجموعه ای از وقایع را فراهم می کند که به مجرمان سایبری اجازه می دهد تا به بازیکنان پیشرفته تر و صنعتی تبدیل شوند و اساساً چشم انداز تهدید را از بین بچه ها تغییر دهند. در زیرزمین های خود با مجرمان سازمان یافته و هدف از بین بردن سازمان ها ، جابجایی داده های شخصی میلیون ها کاربر و کسب سود قابل توجهی در روند کار ، در زیرزمین های خود دور می شوید.

CB: strong> انتخاب من هک مت هان است. این حملات به اندازه بزرگ ، چشمک زن یا پیچیده نیستند. اما آنچه برای او اتفاق افتاد تقریباً هنوز هم برای مردم اتفاق می افتد ، به عنوان اولین معرفی آنها به جهان “همه داده های من برای همیشه از بین رفته است.” چگونه آنها وجود دیجیتالی او را خراب کردند و زمین را شور کردند فراتر از وحشیانه است – و ، جالب ترین آن ، هیچ چیز شخصی.

به کدام یک از این امنیت سایبری رأی می دهید؟ در نظرات کامنت کنید! p>

٪٪ مورد_read_more_button ٪٪