WatchPoint Security Blog

2018 Cybersecurity Review

Written by Jordan Kadlec | January 07, 2019

Data breaches, cryptojacking, and the resurgence of ransomware all captured headlines in 2018. While more resources are being deployed to counter cyberattacks, the nature of the industry still has a long way to go to catch up with these evolving threats. Join us as we look back at the biggest cyberattacks that occurred throughout 2018. 

Cryptocurrency Mining – AKA Cryptojacking

With the incredible spike in cryptocurrency values in December 2017 and January 2018, it’s no surprise that hackers took notice. In 2018, there was an almost 400% increase in crypto mining attacks

Cryptojacking is the practice of using JavaScript code to mine cryptocurrencies inside users’ browsers without notifying them in advance or requesting permission. JavaScript runs on just about every website you visit, making it possible for in-browser mining to occur without being installed.

Aside from the astronomical increase in cryptocurrency values, cryptojacking attacks are quiet, lightweight, do little to no damage to victims, and there is limited risk of data loss. Furthermore, hackers figured out they could make almost as much money from cryptojacking as they could with ransomware attacks, but without all the risk and attention involved. Should the value of cryptocurrencies see an increase in value again in the coming years, expect to see a resurgence in cryptojacking as well.

The Resurgence of Ransomware

Because it was the newest and hottest attack vector in cybersecurity throughout the year, cryptojacking often garnered all the attention. However, despite increased cybersecurity efforts, ransomware attacks increased 229 percent over 2017. By the end of 2019, global losses from ransomware attacks are expected to reach $11.5 billion.

Perhaps the most prevalent ransomware of 2018 was GandCrab. In fact, Bitdefender dubbed GandCrab as “The Most Popular Multi-Million Dollar Ransomware of the Year.” The GandCrab ransomware family emerged in February 2018 and quickly found popularity with cybercriminals as it offered one feature no other ransomware had offered before – a custom ransom note.

Since July, the most prolific versions of GandCrab (versions 4 and 5) have infected an estimated 500,000 victims, and it’s believed the developers have made at least $300 million. Fortunately, a decryption tool has been created for versions 4 and 5 of GandCrab (https://labs.bitdefender.com/2018/10/gandcrab-ransomware-decryption-tool-available-for-free/). Since the release of the decryption tool, there have been more than 1,700 decryptions; saving those infected from paying a cumulative amount of over $1 million.

The Biggest Data Breaches of 2018

Aadhaar – The largest data breach of 2018 occurred just three days after the New Year. Aadhaar, a 12-digit unique identity number, is the world’s largest biometric identification system used as proof of residence for the citizens of India. In January, it was reported that the Tribune News Service paid 500 rupees for login credentials to a service being offered by anonymous sellers overs WhatsApp. Using the service, the reporters could enter any Aadhaar number and retrieve numerous types of information stored by the Unique Identification Authority of India (UIDAI). The information available included name, address, photo, phone number, and email address. For an additional 300 rupees, sellers provided software allowing anyone to print an ID card for any Aadhaar number. The data breach is believed to have compromised the personal information of all 1.1 BILLION citizens registered in India.

Marriott – On November 30th, hotel giant Marriott disclosed a data breach exposing 500 million guests who booked reservations at its Starwood properties. In a statement released by Marriott, the company said it discovered unauthorized access to its databases dating back to 2014. For about 327 million of those affected, the compromised information included names, mailing addresses, phone numbers, email addresses, passport numbers, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation dates and communication preferences. In some cases, payment card numbers and expiration dates were also compromised.

Exactis – Unlike the aforementioned data breaches, Exactis experienced a data LEAK, not a data breach. Meaning, Exactis left their own data sitting on public Amazon Elastic Search servers that were available for anyone to view. Exactis, a marketing and data aggregation firm, exposed two terabytes of information that include the personal details of nearly 340 million Americans and businesses. The leak, discovered by security researcher Vinny Troia, included consumers’ email addresses, physical addresses, phone numbers, and a host of other personal information such as a person’s religion or the name of their children.

The Outlook

If you have yet to prepare for cybersecurity in 2019, we have you covered. Check out our articles on:

Happy New Year! We’re hoping 2019 brings your company nothing but success!