In this year 2021, most of the things have changed beyond recognition — the way we live and work. Due to the pandemic, the use of the internet and the Cyber Attacks and Breaches have increased tremendously. Since the beginning of 2020, there have been more than 445 million cyberattacks reported, which is double when compared to 2019.
While the IT environment is becoming more complex, cybercriminals are getting better at identifying and targeting the intrinsic weaknesses. Nearly 40% of IT security, line-of-business, and data management specialists cited the rising sophistication of attacks and the increasing complexity of managing and supporting security products as significant challenges, according to IDC’s Data Services for Hybrid Cloud Survey.
Attackers benefit from complexity, which may lead to configuration weaknesses and user ignorance. The thing is most of the companies are already aware of the weaknesses in their system. If they take proper steps, then they can avoid cybersecurity incidents better.
Below are a few Recent Cyber Attacks & Breaches that took place in 2021
- IoT vendor Sierra Wireless suffers ransomware attack — Internet of Things (IoT) product vendor Sierra Wireless has announced it was the victim of a ransomware attack last week (March 20) that has disrupted operations. In a statement released on March 23, the wireless communications equipment specialist confirmed it had suffered a cyber-attack on its internal IT systems but didn’t divulge details about the ransom demand. The Canadian company is now working to bring its IT systems back online with the help of third-party advisors.
- Tech firm Wind River Systems suffers cyber attack — Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network, it said. Affected data included information maintained within the company’s personnel records.
- MangaDex website taken offline following cyber-attack — A website that hosts free manga comics has been taken offline after malicious hackers allegedly gained access to a database that housed user data. The MangaDex site was taken down for maintenance last week (March 20) after an unknown actor gained access to an administrator account. The site’s maintainers said the attacker was able to access the account through “the reuse of a session token found in an old database leak through faulty configuration of session management”.
- Ubiquiti Inc. data breach — One of the biggest Internet of Things (IoT) technology vendors, Ubiquiti, Inc., alerted its customers of a data breach caused by unauthorized access to their database through a third-party cloud provider. The email communication advised customers to change passwords and enable multi-factor authentication. The data exposed may include an undisclosed number of customer names, email addresses, hashed and salted passwords, addresses, and phone numbers.
- Socialarks suffered a data leak — A Chinese social media management company, Socialarks, suffered a data leak through an unsecured database that exposed account details and Personally Identifiable Information (PII) of at least 214 million social media users from Facebook and Instagram, and LinkedIn. The exposed information for each platform varies but includes user’s names, phone numbers, email addresses, profile links, usernames, profile pictures, profile description, follower and engagement logistics, location, Messenger ID, website link, job profile, LinkedIn profile link, connected social media account login names and company name.
- Pixlr data breach — A database containing 1.9 million user records belonging to Pixlr, a free online photo-editing application, was leaked by a hacker. The database was stolen at the same time as the attack on 123RF, which exposed over 83 million user records. The leaked records include email addresses, usernames, hashed passwords, user’s country, whether they signed up for the newsletter, and other sensitive information.
Any solutions? — Be prepared
This is not the end. There’s a huge list of cybersecurity incidents that are taking place every other day in different business sectors and through different means.
So, how to prevent cyber-attacks? You can start by updating your systems, software on a regular basis. Then, you can assess your current security posture, detect vulnerabilities, and fix them quickly to protect yourself from hackers. There are free tools available online.
It is important to take a regular risk assessment to ensure you have a robust security baseline. Also, go for strong antivirus software to protect your system from malware attacks.
Overall, look closely at the security needs of your organization and employ only the best solution for your business.
