According to Government Technology, the FBI saw complaints about cybercrime and cyberattacks jump by 1 million between May 2020 and May 2021. The enormous increase in cybercrime is partly due to Covid-19 and also due to the growing sophistication of cybercriminals, who are now using cryptocurrency and other methods harder to track.
Here are some recent data breaches that occurred — as you can see, there is no common denominator among the victims. Hackers are not limited by industry or country. The growing threat is real among all industries around the world.
The Biggest Ransomware Attack on Record
The Russia-linked cybercrime gang REvil is thought to be behind the biggest ransomware attack known to date, on Friday, July 2. Thousands of victims in at least 17 countries were hit, including hundreds of American businesses, the Swedish grocery chain Coop, and German and Dutch IT companies. The following Sunday, REvil offered a universal decryptor software key to fix all the affected networks for the fee of $70 million in cryptocurrency.
EA, the well-known video game maker, suffered a data breach in early June. Hackers gained access to its entire corporate network and stole 780GB of source code, SDKs, and other proprietary tools.
While a data breach is a crisis in and of itself, what makes the situation worse is that the company allegedly ignored warnings from security experts that their defenses were weak. The Israeli cybersecurity firm Cyberpion said it reached out to EA and pointed out various weak spots in its domains, but the company did nothing to address the issues. Ultimately, hackers used Slack to gain access to an employee account and entry into the system.
Data from 700 million LinkedIn members (more than 90% of its users) has appeared for sale on the dark web, but the company is vehemently denying there was a data breach. They claim the data was scraped by malicious actors from public-facing profiles and that the system itself was not actually compromised.
While LinkedIn might be correct in its assessment, the appearance of this information on the dark web is still cause for worry. In this case, the responsibility may not fall on LinkedIn, but that is no reassurance to those with exposed data.
University Medical Center (UMC), Las Vegas
REvil strikes again: in early June, the gang claimed to have hacked into UMC’s computer network and obtained sensitive information, including driver’s licenses, passports, and social security numbers.
UMC acknowledged that its network has been compromised but said there is no evidence any of the clinical systems were breached. The hospital reported the attack to local police and the FBI.
Also in early June, Fujifilm headquarters in Tokyo, Japan announced its servers had been hit with a ransomware attack. The corporation shut down parts of its network and disconnected from external servers to protect itself once the compromise was realized.
Fortunately, the attack was contained to a specific network and after a few days the company’s EMEA systems were restored.
For additional resources and guidance, the Interfor team is here to help.