In 2022, we experienced first-hand some monumental lessons in cybersecurity from big names like Uber and Bridgestone. Here are some examples of last year’s attacks:

Major cyber-attacks in 2022

Kaseya

This attack targeted a software vendor popular with MSPs based out of Miami. It’s estimated that 40 of customers were affected by an exploit around a zero-day bug which delivered ransomware directly to client’s systems. But the knock-on effect of this vulnerability reached thousands of businesses that use those MSPs.

Bridgestone

This threat saw facilities taken offline for 10 days at a significant cost to the tyre business in response to a ransomware attack by LockBit 2.0. This attack was self-spreading via platforms like Powershell and Windows Server Message Block.

Chinese Police Database

When the Shanghai Police Department’s server was hacked, data on around a billion people fell into the hands of criminals. This database included information like DNA, social media and tracking. Shortly after, data from 90 million Henan police records from unsecured servers were up for sale on the black market as well.

Uber & Rockstar

A hacker named ‘TeaPot’ was arrested in England on suspicion of hacking into both the Uber and Rockstar Games’ internal servers by posing as an IT worker. He posted messages and an explicit photo on the company’s internal message boards.

Dropbox

When a hacker stole 130 code repositories, Dropbox came forward to disclose the breach where employee credentials were stolen via a phishing attack. Several thousand names and email addresses of customers, employees, leads and suppliers were part of the data breach.

Red Cross

In the summer of 2022, it was reported that the data of over 500k people was compromised by an attack on the Red Cross that could have started as early as Nov 2021. The bad actors gained access to the data via a supplier who maintains data on families the organisation is trying to unite.

Pegasus Airlines

This data breach was caused after an unprotected AWS cloud storage bucket gave criminals an easy way in. It’s thought the hack exposed the data of nearly 23 million Electronic Flight Bag (EFB) files. This included source code, plain-text passwords, flight charts, safety procedures, nav materials and crew PII. With this information, it would have been possible to change or access even more sensitive files.

Cash App

On termination, a disgruntled employee downloaded CashApp’s financial reports. This included the sensitive information of brokerage account numbers, portfolio values, customer names, holdings and stock trading information. In total, 8.2 million customers are expected to have been impacted by the breach which was only disclosed 4 months later.

Crypto.com

Beset by the unauthorised withdrawal of cryptocurrency, the firm announced an initial $15m impact but then revised the figure to $35m. They put all withdrawals on hold for 14 hours in order to investigate and then required fresh logins with a new MFA. The source of the failure was MFA not triggering properly on some accounts.

Nvidia

In 2022, hackers took Nvidia IP and employee credentials and leaked them online. This breach was caused by LAPSUS$ which claimed to have 1TB of data; holding it for ransom. When Nvidia didn’t respond, they began to leak information about the DLSS booster and offered to unlock the Ethereum mining limiter on the RTX 3000 for interested buyers.

Cybersecurity trends in 2022

Holistic security including supply chain

Many of the big cyber-attacks in 2022 were caused by weaknesses with third party providers. So, it’s clear that front-line security is no longer the gold standard. You’ll also need to look at the measures taken by every company along your supply chain to ensure you’re not creating a backdoor or at risk from a vulnerability on your vendor’s side.

Less reliance on passwords

Stolen credentials are still the leading cause of breaches. There is a movement to steer away from passwords and make Multi-Factor Authentication (MFA) and zero-trust the base standard. According to Infosecurity Magazine 2023 should also see the developments in the availability of passwordless methods of authentication, including biometrics, secure single sign-on and passkeys. This is making it easier for organisations to start implementing alternative methods of authentication across their networks.

Support from security advisors

Limited budgets and the possibility of attack regardless of what your organisation does has led to an increase in businesses hiring cybersecurity consultants to identify and plug the largest gaps in their defences. Retail Technology Review explains that where cybersecurity investment is needed, this should be defined in the context of specific business needs to truly help organisations tackle the damaging effects of cyberattacks and demonstrate the positive impact of cybersecurity on business performance. Expertise, like that of company’s such as Nowcomm, can be invaluable to closing loopholes and preparing your teams for a possible breach.

 

New year’s resolutions for cybersecurity in 2023

Implement stronger authentication

In 2023, MFA should become standard for more robust security measures. With this, you will receive a prompt to add another method of authentication along with the password, like a code, fingerprint, OTP in your phone number or email, etc. With this method, you will be required to enter more than two credentials while logging in, keeping your account more secure by making it more difficult for hackers to access your data.

Have a tested response plan to ransomware attacks

Suppose the worst happens, do you have a plan? Have you practised it before? For good cybersecurity in 2023, you’ll want to have an established and tested response plan for ransomware attacks. These attacks are growing in popularity due to how quickly hackers extract money and other types of assets in response to holding your data hostage. Know who will respond and what you’re willing to offer in this worst-case scenario.

Be wary of supply chain attacks

In 2022, it became apparent how vulnerable even huge companies are to hacks because of breaches created via their third-party suppliers. You need to conduct a robust audit of all the vendors you work with AND insist they do so as well. It’s a waste of time if your supplier’s vendor has a back door open that hackers can exploit. This year, we want to close those vulnerabilities.

Use a VPN

If you need to access public WiFi (and, try to avoid it), use a VPN to protect your network activity from other people (potentially bad actors) also using the connection. Never send any files via HTTP and avoid sending any data if you’re not using a VPN. The best solution is to do those sensitive tasks from your own private network. If you’re in public and have to do something urgently, use your cellular data to play it safe. You can do this by turning your mobile phone into a password-protected mobile hotspot and tethering your laptop to that connection.

Use a password manager

In 2023, we need to use more password managers. This is where you use a service like Google or LastPass to remember your passwords for you. That means when you visit individual websites you can create much stronger passwords because you won’t need to remember them. Just remember the password to the manager (don’t write it down) and your organisation is significantly more secure.

Backup data regularly

This goes without saying but in 2023, you’ll want to commit to weekly backups at a minimum. Anything that isn’t stored on the cloud will need to be accounted for and stored in a separate location. That will be critical if systems are compromised, and you need to restore earlier settings or work remotely while your internal network is repaired.

Train your teams in best practice

Humans are often the most straightforward way to access any organisation. You can have all the defences, but that’s possible if staff are deceived into letting someone unsavoury into the organisation’s network. Teach all your teams how to recognise popular phishing scams, what to do if they click on something malicious and how to practise physical device security too.

Deactivate old user accounts

The moment someone’s role is terminated or resigns, ensure you revoke all their access. This allows you to be sure there will be no malicious activity and protects your IP. If they require access to complete outstanding tasks, it can be reviewed on a case-by-case basis and offered on a zero-trust basis. This protects both you and your former employee from undue cybersecurity risks.

Passcode lock mobile phones

Lastly, in 2023, don’t neglect the physical security of mobile phones. Remind your employees to never store passwords or download company data directly to the phone storage. Ensure they have multi-factor authentication active on all company-related software and that the phone itself is always locked with a passcode. This will prevent a simple misplaced mobile from compromising your entire infrastructure.

 

If you want some guidance and help learning from the cybersecurity breaches of 2022 and implementing best practices for cybersecurity in 2023 then our team is standing by to assist you with a review and recommendation for your unique organisation. Contact us now.