Posts

Hackers a difficult people to understand, they don’t discriminate, they’re looking for any open door, every opportunity, to steal data, make money whether small or large amounts, cause disruption in business and ultimately chaos!

Enterprise businesses to SMB can fall prey, and at Excelien, we work our clients to ensure they’re aware of the latest technology, with access to our security consultants and security assessments. We’ve all seen headlines with companies who you would expect to have a concrete fortress become victims. The pandemic seems to have accelerated some of the most significant breaches that have taken place in 2020. Here’s a reminder of some of the headline-grabbing attacks, and the stark reality and severity of these cyber attacks.

WHO – World Health Organisation

WHO has been giving guidance through this pandemic but in the midst of was part of a massive data leak of 25,000 email addresses and passwords unlawfully accessed. It was common belief to be part of a broader attempt to disrupt the battle against Coronavirus, with organisations such WHO, National Institutes of Health (NIH), and Centre for Disease Control and Prevention (CDC), Gates Foundation and more being hit by these team of elite hackers.

WHO confirmed a phishing campaign was used and targeted at its employees. WHO’s CIO, Bernardo Mariano stated, “Ensuring the security of health information for the Member States and privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic, We are grateful for the alerts we receive from the Member States and the private sector. We are all in this fight together.” It is still not clear if this cyber attack had any significant effect. According to WHO, the leaked information did impact an older extranet system, causing them to migrate to a more secure infrastructure.

Twitter

The Twitter breach was probably the most visible and famous attacks to date, with celebrities from all walks of life such reality star Kim Kardashian to tech guru Elon Musk to the ex-president Barack Obama. Though this was an attack which took place over a few hours, the exposure was huge.

The attack targeted a small group of Twitter’s employees through a phone spearphishing campaign, enabling hackers to gain access to Twitter’s internal support system, which then allowed them to target further employees. According to Twitter, using the acquired credentials, around 130 Twitter accounts had been hit, Tweeting from 45 of those, accessing the direct messaging feature of 36 and downloading the Twitter Data of 7. Twitter Support released a statement explaining, “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.” The actual outcome of this elaborate hack isn’t clear, the incident has led to significant distrust with Twitter and its security protocols, and will most likely live on as one of the largest in cybersecurity disasters to a social media platform.

Zoom

The use of Zoom has skyrocketed through the pandemic to enable the working from home to be the new normal. Zoom overnight became the big name, the go-to for a virtual meeting – the cybercriminals saw this, and soon became a target.

Cyberattacks have relentlessly targeted Zoom in the past and in April 2020 did in fact experience a data breach. Over 500,000 Zoom passwords were stolen and available for sale or even being given away for free across dark web forums. The attack impacted everything from personal accounts to financial and educational organisations. Victims’ login credentials, private meeting URLs and HostKeys were released. It’s believed that attackers used old stolen credentials, some from 2013. They used a credential stuffing attack which used multiple bots to avoid the same IP address for numerous Zoom accounts and to prevent detection as a denial of service (DoS) attack.

Zoom responded, “We have already hired multiple intelligence firms to find these password dumps, and the tools used to create them, As well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials.” Zoom will continue to examine the breach, are shutting accounts which they have found to be compromised, prompting users to change their passwords to something more secure, and investing into more technology solutions to bolster Zooms efforts.

Marriott International

A very public and large-scale security breach at the beginning of this year with a leading hotel group, Marriott, led to the data of more than 5.2 million guests data having their data compromised. Marriott believes hackers might have gained login credentials of two employees either by credential stuffing or phishing and subsequently able to gain access to information for customers part of the Marriott loyalty scheme.

Even though Marriott disclosed the security breach on March 31, 2020, it’s concluded that the data had been taken around a month before and included personal information including names, birthdates, and telephone numbers, travel news, and loyalty program information. It isn’t the first time that the hotel has announced a significant data breach – in 2018, they encountered a cyber-attack leaving 500 million guests affected.

MGM Resorts

Although it started in 2019, the data breach experienced by major hospitality group, MGM Resorts, continues in 2020. And it may be much larger than initially reported – now understood to have affected more than 142 million hotel guests (14 times the 10.6 million reported in February).

The attack came to light in an ad published on the dark web marketplace offering to sell the data of 142,479,937 MGM guests for just over $2,900. According to the seller, MGM Grand Hotels data as part of this. Hijacked information is assumed to include name, phone numbers, home address, email addresses, and birth date of guests, including those of Twitter CEO Jack Dorsey, Justin Bieber and prominent government officials.

An MGM Resort spokesperson confirmed that impacted guests were notified about the data breach and added: “We are confident that no financial, payment card or password data was involved in this matter.” Although this is considered “phone book” information, a fear is that the personal data will continue to be sold, which opens up opportunities for spearphishing campaigns.

Garmin

Garmin known for its smartwatch and wearables had shut several of its services in July to deal with a ransomware attack, that encrypted its internal network and some production systems.

The company is still planning to have some severe downtime following this attack as they prepare for a multi-day maintenance window to deal with the aftermath, this includes the website going offline, Garmin Connect and Garmin Aviation services, and even manufacturing lines within Asia.

Garmin said the outage had also impacted its call centres, putting the company in a situation of being unable to answer emails, calls, and online chats.

The attack didn’t pass quietly and caused headaches for the company’s customers, who rely on the Garmin Connect service to sync data about bike rides and runs to Garmin’s servers, all of which also went down on.

It wasn’t just consumer wearables effected, flyGarmin was also down which supports the company’s line of aviation equipment. Another blow, following this outage, updates weren’t available for this software an FAA requirement to run an up-to-date version of this database.

The extent of the breach continues unknown to third-party observers. Besides consumer sportswear, wearables and smartwatches, Garmin also delivers mapping, tracking solutions and equipment for the maritime and automotive industry. The actual impact of the ransomware attack on these services remains unclear.

What Can We Learn from These Cyber Attacks?


Businesses need to be diligent. Cybersecurity always needs to be in front of mind and system as well as routinely assessed. Companies from small to the enterprise can easily fall prey of phishing schemes, ransomware, DDoS, malware, and other attacks leading to data breaches.

Excelien works with you to take the necessary precautions is the best chance they have at staying secure. Along with detection and response tools, authentication protocols, and ongoing employee security awareness training can make the most significant difference.

We work with over 150+ vendors and partners, continually in contact with them. Rather than selling the technology, we looked into how they’ve adapted and what they see as the latest trends.

 

Our partner network says COVID-19 has changed their organisation focus, with some hitting their yearly targets within two months – some having their technology consumption go from 1.5m users to 10m within 21 days – others adapting and creating short-term offerings to plug the hole which they anticipate.

 

The COVID-19 pandemic initially frightened shareholders, investors, vendors and solution providers’ plans for 2020 in the cloud technology market. However, soon after, technology priorities shifted as their prospects and customers faced the pandemic’s force of either group to remote and work from home scenarios or suspending operations entirely.

After enduring weeks of pandemic situations and understanding the beginnings of what a recovery will look like, solution providers are starting to recognise the short-term technology demands of the prospects and customers. According to research by The 2112 Group, these are what solution providers say are the top 5 technologies for the remainder of 2020.

5. Business Continuity and Disaster Recovery (BCDR)

Companies understand that their operations will cease if they cannot have access to their data and IT resources.   Nevertheless, business continuity and disaster recovery (BCDR) services are gaining revived recognition in the wake of the COVID-19 pandemic. Businesses are reevaluating their business continuity plans and resources as they identified gaps in their capabilities during the shift to decreased operations and remote workforces.

 

 

4. Networking

Though basic infrastructure and network may not be the most riveting technology, yet one-quarter (26%) of solution providers claim switching and routing will continue to be an essential product set. Businesses are reevaluating their network capacity demand to account for the shifting use cases as a consequence of the pandemic. Many companies anticipate reconfiguring their networks to support more remote connections and reduced latency for cloud-based applications.

 

 

3. Communications and Collaboration

Before the pandemic, Zoom established itself as one of the popular kids of the cloud-based video conferencing platforms. With Microsoft Teams physically distanced, Zoom with its minimal subscription and free offering sprinted on ahead overnight. Microsoft Teams, Cisco WebEx, and Google Meet observed growth in demand and utilisation. Every video conferencing, collaboration, and unified communications service is witnessing growth as businesses look to empower their new work from home contact centre and aiding the workforce to keep connected during social distancing. As we all look to the recovery period, many think working from home will become the new norm and permanent for many people, shaping communications and collaboration as a red-hot commodity for the foreseeable future.

 

2. Cloud Infrastructure Services

The cloud is earning its keep throughout the pandemic. Each company reluctant around migrating their infrastructure to the cloud – in both hosted or hybrid configurations – discovered promptly through their pandemic encounter the need of having access to data and resources. While the economy took a high in the first quarter as spending came to a sudden halt, cloud service providers witnessed considerable increases in their sales and consumption.

 

 

 

 

1. Security

For the past couple of years, Security technologies are always high on the agenda and demand as the threat of hackers is everywhere, and growing government regulations enforce data protection. The pandemic exposed new problems with IT security: An uneven distribution. As businesses moved to a work from home strategy, they soon realised that their security standards weren’t up to the job. People leaving the office were now using home PCs with consumer operating systems, inadequate security software, and poorly secured WiFi networks. Security technologies – especially managed security services – is witnessing growing demand as business reinforce their data protection measures to account for their distributed workforces.