The cyberattacks in recent weeks on large, international private companies, U.S. government agencies, national governments, and even media corporations illustrate the threat that hackers and cybercriminals continue to pose this year.
Recent examples around the turn of the year have shown how ruthless and uncompromising hackers can be. Once again, it is clear that any company or even any facility, institution or authority can fall victim to a cyberattack, and that these attacks by cybercriminals can have serious consequences.
The U.S. experiences the largest cyberattack ever with Sunburst
Since mid-December, the U.S. has been struggling with the effects of a large-scale cyberattack. Through a third-party vendor, the company SolarWinds, hackers have managed to spread malware on a large scale.
By all accounts, the hackers infiltrated the Texas-based company SolarWinds as early as March 2020 and manipulated a software update with malware. Once SolarWinds customers had subsequently downloaded and installed this update, this gave the hackers the opportunity to penetrate the systems of these companies. According to SolarWinds, the corresponding update was distributed to around 18,000 customers worldwide.
The company SolarWinds supplies programs to companies that can be used to monitor the IT infrastructure. This is intended to detect security gaps or any risks at an early stage and ultimately close them. Now the company itself has become the biggest source of risk. How many SolarWinds customers are actually affected by this hacker attack is currently still unclear. What is certain, however, is that the victims include a number of U.S. government agencies, including the Pentagon, the Treasury and State Departments, and the Department of Energy. Particularly sensitive: The National Nuclear Security Administration, which manages U.S. nuclear weapons, is also located in that department.
According to the U.S. Federal Bureau of Investigation (FBI) and the Foreign Intelligence Service (NSA), the goal of this attack was to gather information. Private companies (e.g., Microsoft) and critical infrastructure facilities were particularly targeted by the attackers.
The dangerous thing is that the attack went undetected for months. The warning and security systems did not work. The attackers had enough time to plant further malware and then cover their tracks. Finding those access points is now nearly impossible. In addition, the complexity of the attack makes it difficult to delete the malware and clean up the systems. Particularly in the case of the affected authorities, it can be assumed that the exchange of information will continue to be intercepted in the coming months. Experts assume that it may even be years before the full extent of the attack can be surveyed.
Europe is also affected by dangerous hacker attacks
The Finnish government has also been the victim of a hacker attack. Various email accounts of members of parliament and parliamentary staff were compromised. The attack took place back in the fall of 2020, but was only made public now. In this case, too, those affected speak of an attack on “democracy and society.”
Very recently, Funke Mediengruppe is still struggling with the effects of a cyberattack two weeks after the hacker attack. Shortly before Christmas, hackers had managed to plant malware that led to the encryption of data. Systems had to be shut down immediately. Exact details of how the attack took place have not yet been released due to the ongoing investigation. According to media reports, however, there is talk of a ransom demand in the form of bitcoins.
All major Funke Mediengruppe sites are affected by the hacker attack. Over 6,000 computers had to be checked and cleared of the malware. For days, newspapers could only be printed in a slimmed-down form as an emergency edition. In the meantime, the newspapers even had to be produced by hand. According to WAZ editor-in-chief Andreas Tyrock, headlines and texts had to be phoned in and pictures had to be edited in a laborious way. The printers also had to adjust their daily working methods. It was not until a week later that it was possible to produce newspapers with more than 20 pages again. The attack is still considered active at the beginning of January. Computers and systems are still being checked.
There is still time to cyber-proof your business in 2021
2021 is just a week old, and yet so much has already happened. But it’s not too late to make good resolutions like upgrading your company’s IT security. If you’ve neglected or put off this topic to date, now is the perfect time to take care of this important matter. Leave behind excuses like “My company is too small to serve as an attractive target for hackers” or “My data is not relevant to cybercriminals.”
The same goes for companies that are already deeply involved in cybersecurity and data protection and think their company is secure enough. Use the reboot in 2021 to question the current strategy and optimize it if necessary. Perhaps you will discover a security gap or two that you can then quickly close.
See also the presentation on the “Cyber Risk Landscape 2021” by Silvana Rößler, which she gave during our “Cyber Morning” event last October.