What We Can Learn from the Biggest Data Breaches of 2016 (So Far)

Understanding these attacks may help you improve security in the future.

In a recent article published by Dark Reading, the online security publication chronicles the most significant data breaches and cyber attaches thus far in 2016. The article provides IT professionals with two key takeaways:

  1. First, there is a substantial uptick in instances of ransomware, which are also being executed with increasing success.
  2. And second, criminals are becoming bolder and more imaginative, as demonstrated recently at a Ukraine power grid.

The Ukraine power grid cyber attack dominated headlines in the first few months of 2016, as a denial of service plunged Western Ukraine into darkness. Forensics determined that the attack took place following six months of reconnaissance within the utility’s network, accessed via phishing. Much of the attack remains unexplained, posing an ominous example of how intrepid and increasingly destructive cyber attacks are becoming.

2016 Data Breaches

Examples can also be found in the rise of ransomware attacks, with spiking occurrences in 2016 and an increasing prevalence in the healthcare industry. It is not only the volume of attacks that is increasing. Security professionals also warn of the creativity being displayed in recent ransomware attacks.

According to Dark Reading, some hackers have begun using macros and scripts, displaying professional-looking phishing pages, adding new functions, and modifying a computer’s master boot record to get victims to activate the malware on their systems.

Hospitals have become a favorite target for ransomware, primarily because they are known to have lesser network security than most business organizations. And since hospitals must maintain life-saving systems at all times, attackers view them as easy prey. Take for example Hollywood Presbyterian Hospital, which paid a $17,000 ransom to regain access to files. Learn how you can strengthen your defense against malware, and more on hospital attacks.

Download Today’s Security Landscape - Examining Why Endpoint Modeling is the Most Effective Security Solution Whitepaper.

Download White Paper

Also this year we discovered yet another major SSL vulnerability aptly named DROWN: Decrypting RSA with Obsolete and Weakened Encryption. This cross-protocol attack takes advantage of SSLv2 backwards compatibility to enable attackers to decrypt communications from web or email servers or VPN sessions. <

Of course not all the security headlines in 2016 were made by cyber criminals, nor did they have to do with customer data. Apple went toe-to-toe with the FBI following a recent terrorist attack over the company’s right to protect customers’ privacy and security. Apple’s defense of iOS encryption back doors continues to have wide-ranging judicial and consumer implications. Meanwhile the IRS reported fraudulent accessing of E-File PINs as attackers sought opportunities to make money from U.S. tax returns. And in one of 2016’s biggest and most bizarre breach tales, a hacking incident led to an $81 million fraudulent transfer from a bank in Bangladesh. The theft unveiled vulnerabilities in the SWIFT financial messaging service provider that may have opened up 11 other banks to similar attacks.

What Lies Ahead?

As a security professional, 2016 has reminded you of what you already knew — you must remain vigilant and up to speed on the latest network technology. That is the technology available to you as well as what’s evolving in the hands of your nemeses.

Also, keep in mind that traditional IT security tools may not be able to provide the clues security teams would need in time to prevent these types of breaches. For example, the vectors, signatures, or logs generated by any “compromised” devices can’t be relied on to indicate a potential attack. Or they may represent “rear-view” data, information about compromised devices that shows up days, week, or months after the hack.

This is why a third-party “surveillance” solution – like endpoint modeling – is so effective. Remember that endpoint modeling is exactly what the NSA’s top hacker recommends for thwarting would-be hackers. To quote the head of NSA’s Tailored Access Operations unit, “If you really want to protect your network, you really have to know your network. You have to know the devices, the security technologies, and the things inside it.” Observable Networks’ delivers exactly this technology – endpoint modeling that lets you identify potential attacks much faster, so your security professionals can remediate possible threats before it’s too late.

Experience Dynamic Endpoint Modeling on Your Own Network

Getting better visibility into your network and improving your security couldn’t be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.

Detect Threats Faster – Start Your Free, No-Risk Trial