croom new

Eclipse Integrated Systems Blog

A Short Look at 2018 in Cybersecurity

A Short Look at 2018 in Cybersecurity

Hackers and other security threats are everyday problems for users all over the world. We’re not even talking about just simple phishing emails--you’d be surprised by how many victims are from straight-up hacking attacks. The security sector has been forced to adapt, growing at an astronomical rate. To help your organization get up to speed on the latest threats and hacks, we’ve put together a list of the first half of 2018’s most notorious breaches and statistics related to them.

To deliver the most effective way of analyzing this year’s hacking attacks, we’ve looked through countless records of hacks in both the public and private sectors. Public hacks are in regard to individuals and municipalities, whereas private hacks are more related to businesses and making records available for sale on the black market.

Private
January

  • 280,000 Medicaid records were exposed when a hacker attacked the Oklahoma State University Center for Health Sciences. Among the information exposed were patient names, provider names, and full names for affected individuals.

February

  • An unsecured server owned by Bongo International, a company acquired by FedEx, leaked over a hundred-thousand files of FedEx customers. Some of the information leaked included names, drivers’ licenses, national ID cards, voting cards, and utility bills.

March

  • Orbitz, a travel booking site, fell victim to a security vulnerability that exposed 880,000 customers’ payment card information. There was also about two whole years of customer data stolen from their server.
  • French news site L’Express left a database that wasn’t password-protected up for weeks, despite being warned about the security issues regarding this.
  • 134,512 records regarding patients and financial records at the St. Peter’s Surgery and Endoscopy Center in Albany, NY were accessed by hackers.
  • MyFitnessPal, an application used by Under Armor, exposed about 150 million people’s personal information to threats.
  • The WannaCry ransomware claimed another victim in Boeing, which stated that “a few machines” were protected by Microsoft’s 2017 patch.

May

  • Thanks to Twitter storing user passwords in a plaintext file that may have been exposed by internal company staff, the social media titan had to force hundreds of millions of users to change their password.
  • An unauthenticated API found on T-Mobile’s website exposed the personal information of all their customers simply through the use of their cell phone number. The following information was made available: full name, address, account numbers, and tax IDs.
  • A bug found in Atlassian development software titles Jira and Confluence paved the way for hackers to sneak into IT infrastructure of several companies and one U.S. government agency.
  • Rail Europe, a popular server used by American travelers to acquire rail tickets, experienced a three-month data breach that exposed credit card information to hackers.

June

  • A marketing company named Exactis had 340 million records stolen from it, but what’s most shocking about this is that they had accumulated information about nearly every American out there. In response to the breach, there was a class action lawsuit made against the company.
  • Adidas’s website was hacked, resulting in a loss of a few million users’ personal and credit card information.
  • A hacker collective called Magecart initiated a campaign to skim at least 800 e-commerce sites, including Ticketmaster, for sensitive information.

Public
January

  • The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees.

March

  • Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta’s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million.
  • India’s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person’s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database.
  • Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn’t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event.

June

  • A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren’t able to respond to an active shooter situation.

Of course, these are only hacks from 2018. Some of the heavy hitters from 2017 are still causing troubles for their victims. Some of the examples are the Friendfinder hack which exposed 412 million user accounts, as well as the Equifax data breach that resulted in 148 million victims. Other major hacks are likely just around the corner, and according to billionaire investor Warren Buffet, there is a chance that a major cyberattack could strike insurers and cost them tens of billions of dollars. Here are some of the statistics behind this concept:

  • In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.
  • Nearly 1-in-3 organization have experienced some sort of cyberattack in the past.
  • Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.
  • 100,000 organizations were infected with the WannaCry ransomware (400,000 machines).
  • 5.4 billion WannaCry attacks were blocked in 2017.
  • The average monetary cost of a malware attack is $2.4 million.
  • The average time cost of a malware is 50 days.
  • Ransomware cost organization’s over $5 billion in 2017.
  • 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.
  • Phone numbers are the most leaked information.
  • 21 percent of files are completely unprotected.
  • 41 percent of companies have over 1,000 sensitive files left unprotected.
  • Ransomware is growing at 350 percent annually.
  • IoT-based attacks are growing at about 500 percent per year.
  • Ransomware attacks are expected to quadruple by 2020.
  • 7.7 percent of web requests lead to malware.
  • There were 54 percent more types of malware in 2017 than there were in 2016.
  • The cybersecurity market will be worth over $1 trillion by 2025.

Is your company prepared to protect itself in 2018? If not, Eclipse Integrated Systems can help. To learn more, reach out to us at 800-340-0505.

Do Browser-Saved Passwords Stay Secure?
Intro to Your Tech: Authentication
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, April 24 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Business Computing Network Security Cloud Google User Tips Internet Productivity Hackers Microsoft Software Malware Business Management Innovation Efficiency Tech Term Computer Business Hosted Solutions Email Backup Mobile Devices Windows 10 Smartphones Apps Browser Communication Cybersecurity Managed IT Services Productivity Hardware Windows Passwords Small Business Data Backup Data Recovery Data Saving Money Smartphone Internet of Things Collaboration IT Support Holiday Workplace Tips Data Security communications Android Users VoIP Virtualization Cybercrime Mobile Device Mobility Outsourced IT Law Enforcement Business Continuity Operating System Wireless Windows 10 Chrome Microsoft Office Ransomware Disaster Recovery IT Services Network Miscellaneous Cloud Computing IT Support Gadgets Office 365 Update Managed IT Services Password Bandwidth Phishing Wi-Fi Health BDR Quick Tips Social Media Mobile Device Management Telephone Systems Server Money Upgrade Risk Management Best Practice Facebook Google Drive Social Cost Management Employer-Employee Relationship Government Application Vulnerability Information Technology Unsupported Software App Networking Computers Streaming Media Hacking Work/Life Balance User Error Managed IT Marketing Proactive IT Data Management Current Events Office tips Save Money USB Blockchain Sports Information Personal Information Spam Artificial Intelligence Antivirus Patch Management Managed Service Provider Automation Office Identity Theft Shortcut Two-factor Authentication Alert Politics History Mobile Computing DDoS Internet Exlporer WiFi Wireless Technology Excel The Internet of Things End of Support Battery Storage Hosted Solution Instant Messaging Training Touchscreen Private Cloud Net Neutrality Devices BYOD Remote Monitoring and Management Audit Cortana Save Time VPN Access Control iPhone Managing Stress Television Company Culture HaaS Social Engineering Medical IT Telephony G Suite Humor Commerce Mobile Security Automobile SaaS Wireless Charging Remote Computing Google Docs Computer Care Healthcare Fraud Managed Service Legal Recovery Business Intelligence Data Storage Analytics Connectivity Search Meetings Data Protection Value Going Green Word Gmail Compliance Flexibility Applications Maintenance Tech Support Apple Outlook Cleaning Transportation Encryption eWaste Samsung OneNote Router Consultant Hard Drive Chrome OS Scalability Licensing Device Security Scam Nanotechnology RAM Laptop Certification PDF Worker Commute Cast Sales Plug-In Vulnerabilities Books Running Cable Hiring/Firing iOS Trends Troubleshooting Computing IT Solutions FAQ Windows 10s Internet Explorer Robot Microsoft Office 365 SharePoint Google Maps Project Management Cables Experience Chromebook Reporting How To Bluetooth Distributed Denial of Service Travel Employer Employee Relationship Root Cause Analysis Microsoft Teams Touchpad Security Cameras Text Messaging Retail Trending App store Cryptocurrency Sync Workers Benefits A.I. Data storage Profitability Point of Sale Charger Solid State Drive Lithium-ion battery Threat Data Loss IT budget Settings Virus Voice over Internet Protocol Phone System Conferencing Electronic Medical Records Printing Administrator Human Resources Fax Server Tablets Spyware Computer Accessories Augmented Reality Wearables Analysis Paperless Office Video Games Updates Smart Technology Computer Fan Movies Eliminating Downtime Advertising Legislation Music WIndows Server 2008 Hacker Hard Disk Drive PowerPoint Authentication Teamwork Proactive HBO Gifts Safety Emails Google Assistant Access GDPR Reputation Employee-Employer Relationship NFL Uninterrupted Power Supply Bring Your Own Device Operating Sysytem Unified Threat Management Identity Budget Adobe Microsoft Word WannaCry Wireless Internet Comparison E-Commerce Wearable Technology Data Breach Keyboard Authorization Virtual Reality Microsoft Excel Identities Websites Amazon Credit Cards Webinar Dark Web Electronic Health Records Black Market Edge Vendor Management Hybrid Cloud Avoiding Downtime Entertainment Upgrades Data Privacy Chromecast Time Management Unified Communications Help Desk Screen Mirroring Specifications Payment Big Data Evernote Downloads Education File Sharing Language Data Theft Files Virtual Assistant IT Management IT solutions Error Employees Windows Ink Ciminal Managed IT Service Regulation Worker Relocation Disaster Cache Windows 7 Remote Monitoring Emergency CrashOverride Monitors Printers Twitter

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      Latest News

      Eclipse Integrated Systems launches new website!

      Eclipse Integrated Systems is proud to announce the launch of our new website at www.eisystems.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.

      Read more ...

      Account login