Major Cybersecurity Incidents in November
With the first news of an effective COVID-19 vaccine coming in, the world is heaving a sigh of relief with cautious optimism. We have still not seen the last of the virus yet and it will be some time before a large part of the global population is vaccinated. Till that time, we will continue to have remote work as the mainstay of most organizations. Remote learning and medical care is here to stay for a while as well. Consequently, a high number of incidences of cybersecurity breaches, hacks and data leaks will be a certainty for the time being.
A new attack target seems to be vaccine makers. For example, nearly 8 million attack attempts were recorded in the last 2 months alone against Indian manufacturers. One of the high profile attempts was by North Korean hackers to gain access to AstraZeneca which is one of the forerunners in the race to build a COVID-19 vaccine. The attack bore resemblance to the devastating WannaCry ransomware attack from 2017. Thankfully, the attempt was thwarted in time and no damages incurred. In this article, we will look at some more major cybersecurity incidents across the world from last month.
1.GoDaddy Social Engineering Hack Used to Attack Crypto Platforms
Starting the second week of November, hackers used social engineering and phishing methods to target GoDaddy employees and extract their corporate credentials to attack cryptocurrency platforms like Liquid.com and NiceHash. The hackers were temporarily able to take control of some key email IDs of Liquid and NiceHash and redirect web traffic. They are also believed to have gotten access to private documents of both the platforms possibly including user details as well. However, no loss of funds have been reported yet. Domain control has been reinstated to the respective owners and GoDaddy has reverted any changes made during the incident. However, as a security measure, users have been advised to reset their passwords and enable two factor authentication (2FA) just to be safe.
2.Ransomware Attack on Baltimore County Schools
The Baltimore County Public Schools (BCPS) network which covers 115k students had to be shut down following a ransomware attack the day before Thanksgiving in the US. This meant a stoppage of all classes in the system for multiple days. While it is still not clear what the attack vector was for this incident, some teachers have reported the appearance of a .ryuk extension in their computer files. Ryuk is a known ransomware. This is why students and teachers have been recommended to go for a confidence check of their devices. News on personal student data being compromised is still unverified. However, a recent security audit release by the Office of Legislative Audits revealed that the computer network of the BCPS system was already flagged as under risk before the actual attack.
3. Manchester United Suffers Security Breach
English football club Manchester United announced on 20th November that they have been impacted by a security incident on their internal systems. While details of the attack have not been made public yet, club authorities said that the website and app were not affected by the incident. There is also no known evidence yet of leakage of user or fan data. They were able to shut down affected systems quickly to contain the spread of the attack and prevent possible data breach. Consequently, scheduled matches and events will continue uninterrupted.
4. Gaming Partners International Hit By REvil
The Las Vegas-based casino games equipment supplier Gaming Partners International (GPI) was attacked by the REvil (or Sodinokibi) ransomware gang earlier last month. REvil is infamous for its private ransomware-as-a-service (RaaS) operation with affiliates spread across the world. They claimed to have taken control of “all servers and working computers of the company” and to have stolen 540GB of GPI’s private files. A ransom had been demanded with a deadline of 72 hours following which the stolen data would be released. Since there has been no sighting of leaked GPI documents anywhere yet, it is possible that the ransom was paid off to REvil to keep the information private.
5. Mashable Database Leaked
Media and entertainment company Mashable’s database with 5.22GB of information was leaked by a hacker in the first week of November. This database included personal information of both the company’s staff and users. Thankfully, no password or financial information was included in the breached repository. All the leaked info was posted into hacker forums worldwide.
Among other companies and platforms that were affected by cyberattacks and data breaches last month include Mattel, Capcom, Campari, Vertafore, JM Bullion, The North Face, Eatigo, IIMJobs, Lupin, GEO Group, BigBasket, X-Cart, Compal etc.
6. US Elections Targeted By Hackers
With the US Presidential Elections happening in November, it was obvious that there would be multiple targeted attacks aimed at it. For example, the FBI reported that Iranian hackers used phishing and spoofing techniques to steal state election data. This data was then used to push intimidation tactics for scaring voters. Curiosity regarding the US elections was also leveraged to send clickbait emails by operators of the notorious trojan QBot. Readers of the emails were influenced into opening attachments by making them look like news items related to election interference. Following his win, President-elect Joe Biden’s campaign website was defaced by hackers with the defacement lasting for 24 hours.
Tachyon VPN is a decentralised VPN (dVPN) solution from Tachyon Protocol that helps prevent Man-In-The-Middle (MITM) attacks like DNS spoofing, WiFi snooping, SSL hijacking etc. It can also protect users from social engineering attempts by masking IP and end-to-end encryption. Plus, the decentralised nature of provider nodes means that they are anonymous and hence the Tachyon VPN network is difficult to take down using known attack vectors. In a remote working world, having an added layer of protection from a dVPN makes complete sense to keep you safe from bad actors.
Tachyon VPN on App Store:
Tachyon VPN on Google Play:
DownloadTachyon VPN on macOS here: https://tachyon.eco/d/Tachyon_1.7_2020-06-02_cbc39602.dmg
Download Tachyon VPN on Windows: Coming Soon
About Tachyon Protocol:
Tachyon Protocol is a decentralized internet protocol that aims to create a libre, secure and private internet for users. By implementing techniques from DHT, blockchain, UDP and encryption, Tachyon is committed to building the next generation TCP/IP that can provide a self-sufficient internet environment with high security, untraceability, availability, and maximum network speed. Tachyon brings to fruition years of experience and research by Sunny King (inventor of PoS i.e. Proof-of-Stake consensus mechanism), Peerchemist (Peercoin Project Leader and President of the Peercoin Foundation) and FinTech investor Alex Yang. Tachyon VPN currently has nearly 2.2M users and over 1.5k distributed nodes to choose from. For more information, please visit https://tachyon.eco/.
Stay Connected:
Don’t forget to follow us on these platforms and get notifications. Launch a hot discussion about Tachyon anytime anywhere.
➤ Telegram Group: https://t.me/tachyoneco
➤ Telegram Channel: https://t.me/tachyonprotocol
➤ Twitter:https://twitter.com/tachyon_eco
➤ Medium:https://medium.com/tachyon-protocol
➤ LinkedIn: https://www.linkedin.com/company/tachyon-protocol
➤ KaKao: https://open.kakao.com/o/gRTetMzb
➤ Reddit: https://www.reddit.com/r/TachyonIPX/
➤Youtube:https://www.youtube.com/channel/UCvrANAq2HBYEPSL5nnsYQPg/
