This year has seen quite a few data breaches and the ease of attacking enterprises immaterial of the size with simple attack mechanism. Additionally, new security technologies have also been introduced to thwart and manage attacks to a great extent. This post explores a few of the prominent data breaches that occurred this year, a few predictions for the upcoming year. I’ve tried to make the last Wednesday’s post as interesting as possible. Before I dive into the post, I would like to thank a few influencers, mentors and digital idols that I have looked up to. These individuals have taken constant efforts to keep the cybersecurity community alive and interesting in addition to the importance of constant upskilling and reskilling. A humble thank you and a huge shout out to Mr.Graham Cluley, Mr. Bob Carver, Mr.Alexander Blanc, Mr. Donald Allen, Mr. Steve Morgan, Mr.Brian Krebs and to all CISOs over the world. These influencers have directly impacted me and a million other individuals’ learning and inclination towards Cybersecurity and continue to do so.
Jumping into the crux of the analysis, 2022 did witness some big players going down and a wide sector of industries getting hit. I think from the top of my head, the Medibank, Uber and Optus data breaches stood out to be the most prominent and affected data breaches. Furthermore, recently, Twitter data has also been breached and the claim is that close to 400 million user data. The hacker Ryushi also posted “”Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source,” in a forum post. Looked like the data was abused and could be done so by phishing, crypto scams and BEC attacks. An interesting motion sensor attack called EarSpy has also been reported to execute an eavesdropping and side channel attack in Android phones. AIIMS, one of India’s largest Medical education and healthcare provider was also a victim a massive data breach. All these attacks have varied from simplified to complex attack vectors and just goes to show the act of cyber attackers with evolving technologies has become more effortless. With most of these data breaches, it seems that the detection phase has been a challenge for most organizations. Today, there are quite a lot of organizations that have considered themselves to be secure as they haven’t encountered a data breach yet! It’s only time till they get breached!!!!
I was reading through Cybersecurity Ventures by Steven Morgan and have been following the website for quite a long time filled with interesting info graphics, podcasts and anecdotes and an ocean of information. Some of the predictions for 2023 shared by him were pretty attention grabbing, intriguing and scary at the same time, my picks being “Global Ransomware damage to cost $265B, the booming of Cyber insurance market and the “the world will need to secure 338B lines of new software code by 2025”. For more predictions, check this link here. Additionally, Forbes has also predicted an increase in space and airlines hack and more stringent legal actions against insider threats. State-sponsored attacks are going to cause mayhem and a growing threat surface with 5G and IIoT.
Cybersecurity has become a part of the normal functioning infrastructure and companies that have adopted it, have a very fair chance to put up a brave fight against the ones who still don’t think Cybersecurity is important. With digitization increasing at the rate and more dependent technologies getting adapted, the challenge to keep data secure is going to be overwhelming and extremely important and failing to do so will result in a damaged reputation as a business, huge financial losses and catastrophic repercussions. I would like to mention a very catchy phrase by Mr.Alexandre Blanc (connected=hacked), I second that and I am sure there are many more who would agree as well. There’s almost everything we use today that’s connected to the internet and we have to become increasingly aware and mindful while dealing with digital information. To sum up, one of the quotes that comes in mind by Mr.Stephane Nanno is that “ It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it”!
With more interesting posts and articles in 2023!
Seasons greetings and New Year wishes to everyone!