Whether you celebrate the holidays or not, it’s hard not to get into the spirit of the season, which entails a little well-deserved relaxation and perhaps a little procrastination. Why do this week what can be done in the new year?
The problem with that in the cybersecurity world is that plenty can happen, plenty has happened, and we need to stay vigilant even as we unwind. Complacency is a luxury we can’t afford, as much as we wish otherwise. After all, our enemies won’t be taking the holidays off, and they won’t be any more merciful because it’s Christmas.
We’ve been keeping an eye on the latest headlines. Not only did we learn of the massive data leak by Alteryx, we’ve noted the smaller but no less alarming news from around the world. Here’s some of the most shocking, and our takeaways from each.
Bitcoin Exchange Declares Bankruptcy After Hack
Youbit, a South Korean cryptocurrency exchange, filed for bankruptcy Tuesday after a cyberattack robbed them of 17% of their assets. This is the second such attack Youbit has suffered in less than a year: they lost 4,000 bitcoin (now worth over $70 million) to hackers in April.
Youbit said in a statement that they were “sorry” to be shutting down, and that customers would receive approximately 75% of their bitcoins’ value; at least some of Youbit’s assets were held in a secure digital storage which the hackers could not access.
There has been no official word on how much was stolen or on the identity of the attackers. South Korean authorities have alleged that previous hacks on Youbit and other cryptocurrency exchanges have been at the behest of the North Korean government. They are currently investigating this attack.
Takeaway: We’ve written before about the vulnerabilities in bitcoin and other cryptocurrencies, but this news is truly alarming. In our cultural imagination we harbor the notion that, even if we are hacked, we can bounce right back to business as usual after a few adjustments; the digital world is still an abstract unreality. That is not the case. Hackers managed to shut down an entire company, seemingly permanently. This is the risk we run as we commit more and more of our resources to our online lives.
This should present a wakeup call to many enterprises: the consequences for failing to secure your data and assets are far, far more real than we want to believe. We have to do better. According to Netsparker, 80% of Americans admit to risky cybersecurity practices. That number will need to improve significantly and quickly or many more companies will end up in the same position as Youbit.
Hackers Infiltrate Majority of D.C. Security Cameras
In a criminal complaint filed last week, the U.S. Government alleges that two romanian hackers had infiltrated Washington D.C. police surveillance cameras sometime in January of this year. The suspects are alleged to have taken control of 65% of the outdoor cameras as part of an extortion scam. The suspects are also accused of distributing ransomware.
Takeaway: Experts believe that the IoT revolution we are living in has some major security flaws that could be placing our personal data at risk, and here’s an example of the worst case scenario. There was no official word on whether anyone fell victim to these tactics, but it is entirely that someone could have or could the next time something like this occurs.
This both an industry problem and a public one. We have to address how the data our IoT devices is stored and used by companies and officials, and what they are doing to secure that data. At the same time, producers of IoT need to start taking cybersecurity seriously and incorporating solutions into their programming. The alternative is an attack like the D.C. infiltration discovered far too late.
- The Best Cybersecurity Certification Courses on Udemy to Consider - May 19, 2022
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021