10 major security incidents of the past year

Below we look at some of the 10 biggest security incidents of 2023 according to Phil Muncaster of the cybersecurity company ESET. Let's draw some valuable conclusions from these incidents that will lead us to a safer 2024.

leak

1. United Kingdom Electoral Commission

The United Kingdom's independent Electoral Commission, which oversees the country's electoral processes, he revealed in August that threat actors had stolen the personal information of approximately 40 million registered voters.

The commission claimed that a “sophisticated” cyberattack was responsible, but the reports have revealed that security policies were inadequate – the organization failed a basic security audit Cyber Essentials.

An uninformed one server Microsoft Exchange may be responsible, although it is unclear why the commission took 10 months to inform the public. The committee also claimed that threat actors may have been exploring its network since August 2021.

2. Police Service of Northern Ireland (NIBP)

This is an incident that falls under the category of internal user breach with a relatively small number of victims but potentially excessive consequences.

Η NIBP he said in August that an employee accidentally posted sensitive internal data on the website WhatDoTheyKnow in response to a Freedom of Information Act request (Freedom of Information).

The information included the names, rank and service of about 10.000 officers and civilian personnel, including those working in surveillance and intelligence services. Although the information was only available for two hours before it went down, this was enough time for it to circulate among Irish dissidents, who spread it further. Two men have been released on bail after being arrested on terrorism charges.

3. Indian Council of Medical Research (ICMR)

Another massive breach, this time one of India's biggest revealed in October, after an attacker put the personal information of 815 million people up for sale.

It seems that the data was leaked from the database Covid-testing of ICMR and included name, age, gender, address, passport number and Aadhaar number. This is particularly dangerous and could give cybercriminals everything they need to attempt a series of identity fraud attacks. Aadhaar number can be used in India as a digital identity, for bill payments and checks.

4. DarkBeam

In the biggest data breach of the year, 3,8 billion records were exposed by the digital risk platform DarkBeam, after incorrectly parameterizing a data visualization interface Elasticsearch The estate provides stunning sea views and offers a unique blend of luxury living and development potential kibana.

A security researcher noticed the error and notified the company, which quickly fixed the problem. However, it's unclear how long the data was exposed or whether someone had accessed it in the past with malicious intent. The loot contained emails and passwords from both previously reported and unreported data breaches.

This is yet another example of the need to closely and continuously monitor systems for misconfigurations.

5. MOVEit

This attack, associated with the cybercrime group Lace Tempest (Storm0950), had all the hallmarks of the group's previous campaigns against Accellion FTA (2020) and GoAnywhere MFT (2023)

The group's modus operandi is simple: Exploit a zero-day vulnerability in a popular software product to gain access to customer environments, then encrypt as much data as possible to demand a ransom. It is not yet clear exactly how much data has been stolen and how many victims there are.

However, some estimates speak for themselves for more than 2.600 organizations and over 83 million people. The fact that many of these organizations were suppliers or service providers themselves has only increased the impact in later stages.

Η Progress Software, the company behind the software MOVEit, published details in relation to critical security gap and released a fix for it on May 31, 2023, urging customers to install it immediately or take mitigation measures.

6. 23andMe

A perpetrator claimed that it stole up to 20 million pieces of data from the US-based genetics and research company.

It appears that cybercriminals first used classic credential stuffing techniques to gain access to user accounts – using previously compromised credentials that users had re-used at the company 23andMe.

For users who had chosen the service DNA Relatives, the threat actor was able to access and extract much more data from potential relatives. Among the leaked information were profile picture, gender, year of birth, address and genetic test results.

7. Attacks fast Reset DDoS

Another unusual case involves a zero-day vulnerability in the protocol HTTP/2 that was revealed in October and which allowed threat actors to launch some of the biggest attacks DDoS that have ever been noted.

Η Google Reported that these peaked at 398 million requests per second (rps), compared to the previous record of 46 million rps. The good news is that internet giants like Google and Cloudflare have fixed the bug, but businesses managing their own online presence have been urged to follow suit immediately.

8. T-Mobile

The American telecommunications company has suffered several security breaches in recent years, but the one who announced in January is one of the biggest to date.

It affected 37 million customers, and customers' addresses, phone numbers and dates of birth were stolen. A second incident which revealed in April affected just 800 customers, but contained much more information, including personal identification numbers (PIN) of her T-Mobile, social security numbers, identification information, dates of birth and internal codes used by the company to service customer accounts.

9. MGM International/Caesars

Two of Las Vegas' biggest casinos were hit within days by the group ransomware scattered Spider associated with the cybercrime group ALPHV/BlackCat.

In her case MGM they were able to gain access to the network through research on LinkedIn and then through attack vishing, after impersonating the company's IT department representatives and asking for the victims' credentials.

The breach had a significant financial cost to the company. It was forced to shut down major IT systems, knocking out gaming machines, restaurant management systems and even room key cards for days. THE company estimated the cost at $100 million.

The cost for the Caesars it is not clear, although the company admitted that he paid the extortionists 15 million dollars.

10. Leaks of Pentagon Papers

The last event is an instructive story for the US military and any large organization concerned about malicious internal users.

Ο Jacks Teixeira, a 21-year-old member of the intelligence wing of the Massachusetts National Guard, leaked highly sensitive military documents to Discord. These were then shared on other platforms and reposted by Russians following the war in Ukraine.

The documents gave Russia a trove of military intelligence about the war in Ukraine and undermined America's relationship with its allies. It is incredible that the Teixeira was able to print and take top secret documents to his home to photograph and then upload to Discord.

Phil Muncaster

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by guest

Guest Post: I saw openly and entered!

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).