What Are Cyber-Attacks?
When we use the term “cyber-attack,” we are referring to a digital attempt to infiltrate and damage a computer, system, or device. This can overload servers, break functionality, disrupt normal operations, or worse. Which leaves clients angry and distressed, and puts organizations at risk.
Cyber-attacks can be launched by any individual or group, from anywhere in the world. We call someone a cyber-criminal when they intend to, or have launched, a cyber-attack. Cybercriminals have a variety of strategies at their disposal when committing such crimes.
These strategies involve poking and prodding through systems to find “vulnerabilities” such as weak security points they can enter through, or glitches in the system that they can make use of.
What Are Cyber-Attack Reviews?
A cyber-attack review is a thorough evaluation of a cyber-attack on an organization or system. The inspection looks into what or who caused the attack, and where it was possibly launched from. As well as how the organization’s security fixed the issue and informed the public.
Another consideration is the amount of damage and the outcome of the attack. I.E. Did the attackers get a hold of client information? How damaged is the system/infrastructure? How quickly did the organization recover?
Colonial Pipeline: 2021’s Biggest Cyber Attack
On May 7th, 2021, the hacking group DarkSide (believed to be based in Europe) launched the largest cyber-attack on a US oil infrastructure system in history.
Colonial Pipeline is a pipeline system that is 5,500 miles long and extends from Texas to New York and New Jersey. The system carries jet fuel and gasoline.
Although impressive in size, this was not enough to save them from a single compromised password. This is how DarkSide managed to permeate Colonial Pipeline’s system.
Just before 5 am on May 7th, an employee received a ransom note demanding 75 bitcoin, or 4.4 million dollars. An hour later, the entire pipeline shut down for the first time in 57 years. Executive Officer Joseph Blount said in an interview that they had no choice and that it was the right choice to make.
They had no idea, at the time, who was attacking them.
Within a few hours and with permission from the FBI, Colonial Pipeline paid over the ransom in full.
However, since June 7th, 63.7 bitcoins have already been recovered from the ransom.
The attack was not aimed at the functioning of the pipelines themselves, but rather at the billing process. The system was halted to avoid the inability to bill their customers.
Ukraine’s Cyber-Attack Hours Before the Russian Invasion
If being invaded isn’t difficult enough, imagine trying to defend your government’s cyber-security at the same time?
Governmental departments and Ukrainian banks were hit by DDoS (distributed denial-of-service) attacks just before the invasions began on February 24th, 2022. The Education Ministry and the Ministry of Foreign Affairs had their websites defaced when the attackers displayed a dark message across them.
“Be afraid and expect the worst.” A telling premonition of what was to come.
Since the invasions, Ukrainian websites have consistently repelled DDoS attacks from Russia. But the websites for central governmental bodies are still accessible, says the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine.
The Ukrainian military was also affected but made a quick recovery due to their preparedness and capacity to reduce the severity of the attacks.
Microsoft and Okta’s Cyber-Attacks (Lapsus$)
Microsoft, the well-known computer software and hardware company, and Okta, an identity and access management company, have both confirmed attacks from an infamous hacking group called Lapsus$.
Lapsus$ leaked source codes and client information that they stole from Microsoft and Okta in January. Although Okta’s clients only found out about the security breach on March 22nd, when Lapsus$ released screenshots of what they acquired.
Okta claims that only 2.5% of its customer base, or 366 customers, are affected by the breach, but Okta serves “hundreds of millions of users,” according to its website. They have released a statement saying that they’ve informed all affected clients directly via email.
As for the source codes, Microsoft claims that its security doesn’t rely on the secrecy of code and that the breach isn’t severe enough to cause any risk. Only source codes for parts of products were stolen.
None of Microsoft’s customer data was stolen.
Conclusion
Yes, the cyber-world can be a scary place at times. But just as the dark web developers are quickly learning new tricks, so are our good-hearted, cyber-security developers.
Every day they find a new error, bug, or cyber-attack. Through cyber-attack reviews, we can move towards 100% secure systems and organizations. Where we won’t have to worry about our private information getting into the hands of some greedy cyber-criminal.
| Designed By Studio Maya
