Now that summer has come to an end, lets take a look back this summer’s cybersecurity trends that made headlines. With school starting and summer vacations ending, people everywhere are beginning to get into their regularity routine and have a reality check. It is time to focus and catch up on cybersecurity news that may have not been talked about enough within people’s summer mindset.
Below are just a few cybersecurity headline- worthy news from June, July, and August:
- “In New Jersey, a ransomware attack disabled a school district’s computer system, which affected Tenafly Public Schools and The Bergen County school district. The latter had to cancel final exams for all high school students. While students may have cheered the news, the school system was left hobbled by the attack. The district’s technology department took several steps, including isolating devices, turning off the networks, and hiring cybersecurity experts to carry out an investigation, but it still caused a massive disruption. “This end-of-school-year attack should serve as a warning in the new school year that education is a favored target of hackers,” advises Randall.
- A message about a “Father’s Day free beer” opportunity went viral on WhatsApp. Of course, there was no free beer, the message instead included an embedded link, containing a malicious script. WhatsApp reminded users to follow safety best practices when using its services. The WhatsApp incident is a lesson to heed year-round, centering on holidays and “special days.” With “special days” like the whimsical “Talk like a Pirate Day” on Sept. 19 and Halloween in October, be on guard for frivolous, fun-sounding memes, messages, and emails that may try to prey on complacency.
- In mid-June, there was a massive data breach that affected 69,589 people. The victims were patients of the Washington Kaiser Foundation Health Plan. The breach exposed patients’ first and last names, medical record numbers, dates of service, etc. Kaiser stopped the unauthorized access and initiated an investigation to identify the threat factors. The takeaway is that PHI is still coveted by hackers and remains the most valuable data for hackers to peddle on the dark web.
- Twitter suffered a data breach after threat actors used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million accounts. The data is now up for sale on a hacker forum for $30,000, according to a threat actor known as ‘devil’. The data breach exploited a loophole in Twitter’s security that allowed any party without any authentication to obtain a Twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number or email even though the user has prohibited this action in the privacy settings, according to reports. The loophole has been closed.
- LinkedIn is the most faked brand for when it comes to phishing attacks. In the second quarter of 2022, 45 percent of all phishing attempts come from faked LinkedIn phishing attempts.
- Hanesbrands estimates it lost $100 million in sales this summer after suffering a ransomware attack. And while the attack happened in May, the incident didn’t make the headlines until August when the company revealed in an earnings report that the incident prevented it from fulfilling product orders for three weeks. This stymied its ability to purchase new supplies, ship orders, and process payments for brands including Hanes, Champion, and Playtex. The attack was specifically a supply chain attack affecting the company’s global supply chain network. It remains unclear who was responsible for the incident, but the attack highlighted the vulnerability of supply chain breaches, and $100 million in lost sales is a steep price to pay for a breach.
- On August 26, the New Hampshire State Lottery suffered an attack forcing it take down its website. Officials said people visiting the site should not click on any pop-up messages.”
Although most people can lose track of their cybersecurity concerns and recent trends in the summertime, it’s crucial to stay on top of the news to better understand what is going on in the technology/ hacker world. The best defense you can do is to stay on top of the headlines and updates. As we can see from the example situations above within the past 3 months, the education, government, and healthcare industry are targeted the most, and expected to continue into the fall.