Cybersecurity 2018: The Good, The Bad, and The Ugly (So Far)
July 20, 2018 by Bill Rosenthal

The first six (almost seven) months of 2018 have thankfully been a bit quieter in terms of global ransomware attacks and government leaks compared to last year, which is good news. Unfortunately, that’s where the good news stops when it comes to cybersecurity in 2018.

In just the first half of this year, we have seen that critical security infrastructure is barely hanging on and state-based hackers are getting more sophisticated on a global scale. Here are just a few of the biggest security issues that have occurred so far in 2018:

  • Russian Power Grid Hacking– Although researchers announced that Russian hackers were probing and infiltrating power companies in the United States in 2017, it was not until March of 2018 that the U.S. government began to publicly acknowledge Russia’s involvement. These grid attacks are in addition to the other Russian cyberattacks of last year, such as the NotPetya ransomware attack (which was not admitted to be linked to Russia until February of this year). 
  • Exactis and Data Exposure– Data exposure is when data is improperly stored and defended so that it is easily accessed and exposed on the open Internet. This typically occurs when cloud users misconfigure a storage mechanism or database so that it does not require any real authentication or login information. In addition to data breaches, data exposure has become a rampant issue in 2018. Exactis, a marketing and data aggregation firm, exposed approximately 340 million records on a publicly accessible server, which compromised about 2 terabytes of personal information about millions of people in the United States.
  • Universities– The Department of Justice indicted nine Iranian hackers over a hacking spree of more than 300 universities all over the world in March. In addition to the 144 US universities, 144 global universities, and 47 private companies that were breached, these hackers also targeted other organizations, such as the United Nations and the US Federal Energy Regulatory Commission. It is estimated that they stole 31 terabytes of data at an estimated worth of over $3 billion in intellectual property.
  • MyFitnessPal– In late February, hackers breached the Under Armour-owned MyFitnessPal app and compromised usernames, passwords, and emails from the app’s 150 million users. The app did not discover the breach until the end of March, but it was announced in a week. Although Under Armour did have good data protections in place, it only hashed some of the passwords using a bcrypt while others were protected by a weaker protection called SHA-1. This is likely how the hackers were able to access the information.
  • VPNFilter– A Russian hacking campaign that has impacted over 500,000 routers worldwide was announced at the end of May – and researchers are still trying to identify the full scope of the attack now in July. Known as VPNFilter, the attack spreads malware that can be used to coordinate the infected devices to create an enormous botnet, which can then be used to spy on and manipulate online activity. This malware can be used for a wide range of malicious activity.

Based on what we have seen thus far in 2018, what is left to come? What are you doing to protect your own organization and data from being on the next list of cyber incidents of the year?