the item was the year nothing seemed safe.
Bombshell hacks were revealed one after another in 2017, coming from an Equifax breach that will compromised almost half the country to global ransom campaigns that will cost companies millions of dollars.
The cyberattacks highlighted the alarming vulnerability of our personal information.
More tools used by government hackers have become public, as well as also also the item’s easier than ever to create sophisticated ways to spread malware or ransomware or steal data coming from companies. Companies also frequently fail to patch security flaws in a timely manner.
as well as also also there’s more to come.
“As we do more as well as also also more of our business online, as well as also also as criminals realize the value of the data that will organizations are protecting, we’re seeing morse big-name breaches, more high-profile breaches,” says Mark Nunnikhoven, vice president of cloud research at the security company Trend Micro.
In particular, ransomware — when hackers demand money to unlock files — will be becoming more common.
An analysis coming from anti-virus software firm Bitdefender found ransomware payments hit $2 billion in 2017, twice as much as in 2016. Meanwhile, Trend Micro predicts global losses coming from another growing trend, compromised business email scams, will exceed $9 billion next year.
Here’s a look back at the major hacks of 2017.
Cybercriminals penetrated Equifax (, one of the largest credit bureaus, in July as well as also also stole the personal data of 145 million people. the item was considered among the worst breaches of all time because of the amount of sensitive information exposed, including Social Security numbers. )
The company only revealed the hack two months later. the item could have an impact for years because the stolen data could be used for identity theft.
Related: Why hacks like Equifax will keep happening
The Equifax breach raised concerns over the amount of information data brokers collect on consumers, which can range coming from public records to mailing addresses, birth dates as well as also also various other personal details.
Firms like Equifax, TransUnion as well as also also Experian sell that will data to customers, such as banks, landlords as well as also also employers, so they can learn more about you. Whether data brokers do enough to keep that will private information secure will be under scrutiny.
Former Equifax CEO Richard Smith, who stepped down after the breach was revealed, testified to Congress as well as also also blamed the security failure on one person who had since been fired.
The public still doesn’t know who will be responsible for the hack.
A Yahoo bombshell
Parent company Verizon ( announced in August that will every one of Yahoo’s 3 billion accounts was hacked in 2013 — three times what was first thought. )
In November, former Yahoo CEO Marissa Mayer told Congress that will the company only found out about the breach in 2016, when the item reported that will 1 billion accounts were hacked.
The company still does not know who was responsible.
Separately, a Canadian hacker pleaded guilty that will year to his role in another major Yahoo security breach coming from 2014. that will one compromised 500 million Yahoo accounts. He will be sentenced in February.
Leaked government tools
In April, an anonymous group called the Shadow Brokers leaked a suite of hacking tools widely believed to belong to the National Security Agency.
The tools allowed hackers to compromise a variety of Windows servers as well as also also Windows operating systems, including Windows 7 as well as also also Windows 8.
Microsoft said the item had released patches for the security holes in March. yet many businesses had not patched their software. The tools Shadow Brokers leaked were then used inside the year’s biggest global cyberattacks, including WannaCry.
In March, WikiLeaks released documents that will claimed to describe hacking tools created by the CIA. Researchers found that will many of the exploits were old as well as also also imitated hacks that will were made public years ago.
One tool, according to the documents, was malware that will allowed the CIA to listen to targets through Samsung smart TVs, even while the TV was in a “fake off” mode.
WannaCry, which spanned more than 150 countries, leveraged some of the leaked NSA tools. In May, the ransomware targeted businesses running outdated Windows software as well as also also locked down computer systems.
The hackers behind WannaCry demanded money to unlock files. More than 300,000 machines were hit across numerous industries, including health care as well as also also car companies.
Related: Why WannaCry took down so many businesses
There was a human cost: In Britain, hospitals with locked computers were forced to close temporarily. One patient told sy88pgw his cancer surgery was delayed.
Nunnikhoven, coming from Trend Micro, says the item’s an example of an Internet of Things hack with major consequences. The Internet of Things refers to everyday devices, beyond traditional computers as well as also also phones, that will connect to the internet.
The WannaCry infections were so bad that will, in an unusual move, Microsoft released a patch for Windows systems that will the item had stopped updating.
The cyberattack has been linked to North Korea.
In June, the computer virus NotPetya targeted Ukrainian businesses using compromised tax software. The malware spread to major global businesses, including FedEx, the British advertising agency WPP, the Russian oil as well as also also gas giant Rosneft, as well as also also the Danish shipping firm Maersk.
that will virus also spread by leveraging a vulnerability leaked by the Shadow Brokers.
In September, FedEx attributed a $300 million loss to the attack. The company’s subsidiary TNT Express had to suspend business.
Another major ransomware campaign, called Bad Rabbit, infiltrated computers by posing as an Adobe Flash installer on news as well as also also media websites that will hackers had compromised.
Once the ransomware infected a machine, the item scanned the network for shared folders with common names as well as also also attempted to steal user credentials to get on various other computers.
The ransomware, which hit in October, mostly affected Russia, yet experts saw infections in Ukraine, Turkey as well as also also Germany.
the item served as a reminder that will people should never download apps or software coming from pop-up advertisements or sites that will don’t belong to the software company.
Voter records exposed
In June, a security researcher discovered almost 0 million voter records exposed online after a GOP data firm misconfigured a security setting in its Amazon cloud storage service.
the item was the latest in a string of major breaches stemming coming from insecure Amazon servers where data will be stored. They are secure by default, yet Chris Vickery, a researcher at cybersecurity firm UpGuard, regularly finds that will companies set the item up wrong.
Verizon as well as also also the U.S. Department of Defense also had data exposed on Amazon servers.
Hacks target school districts
The U.S. Department of Education warned teachers, parents, as well as also also K-12 education staff of a cyberthreat that will targeted school districts across the country in October.
Related: Hackers are targeting schools, U.S. Department of Education warns
In one Montana school district, parents as well as also also students feared for their safety after a hacker group sent threatening text messages as a part of an extortion campaign.
The group, dubbed The Dark Overlord, stole information on students, teachers as well as also also various other district employees. They asked for money to destroy the files. Schools closed for three days.
The same group was responsible for stealing information coming from Netflix’s production partners as well as also also leaking episodes of Netflix’s “Orange will be the brand-new Black” after the company refused to pay ransom.
An Uber coverup
In 2016, hackers stole the data of 57 million Uber customers, as well as also also the company paid them $100,000 to cover the item up. The breach wasn’t made public until that will November, when the item was revealed by brand-new Uber CEO Dara Khosrowshahi.
today Uber will be facing questions coming from lawmakers. Three senators introduced a bill that will could make executives face jail time for knowingly covering up data breaches. City attorneys in Los Angeles as well as also also Chicago as well as also also the Washington state attorney general are suing Uber over the breach.
Expect even more of that will in 2018.
Nunnikhoven predicts attacks on the Internet of Things will keep hitting industries including airlines, manufacturing as well as also also cars as they rely more on so-called smart technology.
“They face the same cybersecurity challenges that will our laptops as well as also also our phones do, yet they’re attached to real things inside the real world,” he said. “If someone hacks my laptop, my data will be at risk. yet if someone hacks a robotic manufacturing arm, that will entire manufacturing line will be at risk.”
The year’s breaches may ultimately change consumer behavior. They proved Social Security numbers as well as also also birthdays might not be the best form of secure identification. Criminals buy as well as also also sell those numbers for fairly low prices, along with various other personal information like addresses, emails as well as also also passwords.
Lawmakers are also proposing legislation to combat data breaches.
inside the meantime, businesses as well as also also people are at least more aware of security risks.
“The number of high-profile international breaches has been a wake-up call that will year to businesses that will security will be a top-level item,” Nunnikhoven said. “the item affects the bottom line.”
sy88pgw (San Francisco) First published December 18, 2017: 2:37 PM ET