Data Breaches and Cyber Attacks during the Pandemic

COVID-19 affected more than our health.  It forced us to change the way we work, learn, and interact with others. With these changes came an increase in cyber attacks, as criminals found new ways to exploit the sudden disruption that COVID-19 has caused. As criminals reinvent themselves, they have launched a number of cyber attacks on institutions and businesses throughout 2020 and 2021. Here are some of the high-profile data breaches and cyber attacks.

1.       Data Breaches and Cyber Attacks: Kesaya

IT Company Kesaya was hit with a sophisticated cyber attack early in July 2021. The attack targeted the company’s VSA software, which IT departments use to manage and monitor computers remotely. While Kesaya said only about 0.1% of its clientele was affected, about 800-1500 small to medium-sized businesses may have been compromised in the attack.

According to Huntress, a cybersecurity firm helping Kesaya deal with the cyber-attack, the attack began through an authentication bypass vulnerability on Kesaya’s web interface.

Once the attackers exploited the vulnerability, they circumvented authentication controls. They then uploaded a malicious payload, and executed commands through an SQL injection.

The ransomware group REVil claimed responsibility for the attack. The group has also been linked to other high-profile attacks against Acer, JBS, and Travelex.

2.      Data Breaches and Cyber Attacks: Colonia Pipeline

Colonial Pipeline became the victim of a cyber-attack in late April 2021. The attack by the DarkSide gang disrupted gas supplies along the US East Coast, causing panic and reckless behavior among consumers.

The attack against Colonial Pipeline targeted its billing systems and internal business networks. In the end, the company paid the demanded $4.4 million in bitcoin.

The hackers also stole about 100 GB of data, threatening to release the data to the public if the company failed to pay the ransom.

The company finally resumed operations on May 12, after a six-day disruption to its pipeline operations.

Fortunately, the FBI recovered most of the bitcoins used to pay the ransom. However, it did not disclose how it obtained the private key.

3.       Data Breaches and Cyber Attacks: Volkswagen & Audi

A marketing service supplier in June 2021 left exposed the data and personal identifying information of 3.3 million people in the US and Canada. The data breach revealed the names, mailing addresses, email addresses, and phone numbers of those affected. The breach also exposed extensive details about vehicles, including vehicle identification numbers. Driver’s license numbers for about 90,000 people in the US were also leaked in the data breach.

According to Volkswagen, the marketing service collected data between 2014 and 2019, and left that data unsecured for 21 months up to May 2021.

4.       Data Breaches and Cyber Attacks: Forefront Dermatology

A data breach of Forefront Dermatology exposed the personal data and medical records of up to 2.4 million patients. The breach also exposed the private employees of the healthcare provider.

The data leaked included names, dates of birth, addresses, and insurance information of patients.  It also included medical record numbers, accession numbers, clinical treatment information, and dates of service. The criminals gained access to Forefront Dermatology’s IT systems between May 28 and June 4, 2021.

Overcoming Cybersecurity Challenges

These cyber attacks and data breaches are barely the tip of the iceberg of the increasing cyber attacks facing governments, institutions, and businesses. With cyber attacks on the rise, it may well be only a matter of time before your business is the next victim.

Ronald K. Noble, former Secretary General of INTERPOL, recommends that businesses take action to protect themselves from cyber attacks.  Taking preventive measures to protect your business as much as possible can help minimize the “attack surface,” the areas which criminals can exploit. In addition to preventative measures, organizations should have a plan of action in place to guide them when responding to cyber attacks or data breach incidents.

 

 

 

Related Article

The Role of Technology in Sanctions Compliance

Sanctions compliance is a complex and challenging task for many organizations, especially those that operate across multiple jurisdictions and sectors. Sanctions regimes are constantly evolving,