Recent examples around the turn of the year have shown how ruthless and uncompromising hackers can be. Once again, it becomes clear that any company or even any facility, institution, or authority can become a victim of a cyberattack, and that these attacks by cybercriminals can have serious consequences.
"Sunburst" is the largest cyberattack ever in the U.S
Since mid-December, the U.S. has been struggling with the effects of a massive cyberattack. Through a third-party vendor, the company SolarWinds, hackers have managed to spread malware on a large scale.
It appears that the hackers infiltrated the Texas-based company SolarWinds as early as March 2020 and manipulated a software update with malware. Once SolarWinds customers had then downloaded and installed this update, this gave the hackers the opportunity to penetrate the systems of these companies. According to SolarWinds, the affected update was distributed to around 18,000 customers worldwide.
The company SolarWinds provides programs to companies that can be used to monitor the IT infrastructure. This is intended to detect security gaps or any risks at an early stage and ultimately close them. Now the company itself has become the biggest source of risk. How many SolarWinds customers are affected by this hacker attack is currently still unclear. What is certain, however, is that the victims include several U.S. government agencies, including the Pentagon, the Treasury and State Departments, and the Department of Energy. Particularly delicate: The National Nuclear Security Administration, which manages U.S. nuclear weapons, is also part of this department.
According to the U.S. Federal Bureau of Investigation (FBI) and the foreign intelligence agency NSA, the goal of this attack was to gather information. Private companies (e.g. Microsoft) and critical infrastructure facilities were particularly targeted by the attackers.
Read about the dangers posed byhacker attacks on critical infrastructure.
What is particularly worrying is that the attack went undetected for months. The warning and security systems did not work. The attackers had enough time to plant additional malware and then cover their tracks. Finding these access points now is nearly impossible. In addition, the complexity of the attack makes it difficult to delete the malware and clean up the systems. Particularly in the case of the affected authorities, it can be assumed that the exchange of information will continue to be intercepted in the coming months. Experts assume that it may even be years before the full extent of the attack can be surveyed.
Europe is also affected by dangerous hacker attacks
The Finnish government was also the victim of a hacker attack. Various email accounts of members of parliament and parliamentary staff were compromised. The attack took place back in the fall of 2020 but was only made public now. In this case, too, those affected speak of an attack on "democracy and society".
Very recently, Funke Mediengruppe is still struggling with the effects of a cyberattack two weeks after the attack happened. Shortly before Christmas, hackers had succeeded in planting malware that led to the encryption of data. Systems had to be shut down immediately. Exact details of the attack have not yet been released due to the ongoing investigation. According to media reports, however, there is talk of a ransom demand in the form of bitcoins.
All larger sites of the Funke Mediengruppe are affected by the attack. More than 6,000 computers had to be scanned and cleared of the malware. For days, newspapers could only be printed in a slimmed-down form as an emergency edition. In the meantime, newspapers even had to be produced by hand. According to WAZ editor-in-chief Andreas Tyrock, headlines and texts had to be phoned in and pictures were incorporated with great difficulty. The presses also had to adjust their daily working methods. It was not until a week later that it was possible to produce newspapers with more than 20 pages again. The attack is still considered active at the beginning of January. Computers and systems are still being checked.
There is still time to cybersecure your business in 2021
2021 is just a week old, and yet so much has already happened. But it is not too late for good intentions like upgrading your company's own IT security. If you have neglected or put off this topic up to this point, now is the perfect time to take care of this important issue. Leave excuses behind such as "My company is too small to serve as an attractive target for hackers" or "My data is not relevant for cybercriminals".
The same goes for companies that already deal intensively with cybersecurity and data protection and think their company is secure enough. Use the new start in 2021 to question the current strategy and optimize it if necessary. Perhaps you will discover a security gap or two that you can then quickly close.
See also the presentation on the"Cyber Risk Landscape 2021" by Silvana Rößler, which she gave during our "Cyber Morning" event last October.