Cyber security attacks dominated the headlines in 2015. Companies across the country are being targeted at an increasing rate of both occurrence and cost. Hackers hit companies and governments alike month after month, with increasingly shocking results. Nearly 300 million records leaked and over $1 billion stolen in the 365 days, chances are you or someone you know was affected by a cyber attack in 2015. This string of attacks has served up a chilling reminder that businesses need to step up their cyber security game.
Sunday night’s SuperBowl 50, Carolina meets Denver, took place at Levi’s Stadium, the home of the San Francisco 49ers in the heart of Silicon Valley. This is not your typical stadium. It is the newest in the country, and it’s the most technologically capable stadium in the world with hundreds of miles of fiber optic cable running through it and 13,000 Wi-Fi access points.
Every year hack attacks seem to get worse – whether in their sophistication, breadth and sheer brazenness. Hackers got very creative in finding new vulnerabilities to exploit, managing to access more intimate data than in past years. We ended last year with a barrage of large-scale hacks and breaches; the question is whether 2016 will be a bit better or a lot worse. We look back on three memorable hacks from 2015:
The Anthem cyber attack occurred on February 2, 2015; 78.8 million records were accessed such as social security numbers, ID numbers to various other pieces of personal data. Customers were not the only ones affected by the attack; non-customers of Anthem were victims, anyone who had used the insurance (which spanned across several insurance providers) in the past decade was at risk for the breach.
Office of Personnel Management
On June 4, 2015, 21.5 million records were reached that included social security numbers and fingerprints. The Office of Personnel Management has been the unsuccessful target of cybercriminals seeking to infect and control thousands, or even millions, of computers through botnets but this successful attack made a clear impact. Fingerprints are becoming a new way for password security and while this is not as big of a concern as the social security numbers that were part of the breach, it could be a factor as this technology becomes more prominent.
In the Experian breach, on October 1, 2015, 15 million records were reached. These records included information such as social security numbers and ID numbers. The attack reached T-Mobile customers, as well as those who had never even had service. Experian serves as T-Mobile’s application processor, for people who had signed up for T-Mobile between the dates of September 1, 2013 and September 16, 2013. Even those who canceled service or never signed up, the information was available to hackers.
Looking closely, we get to pick pieces of the puzzle that we can use to build a vivid picture of what’s to come. As we head deeper into Q1 of 2016, what should we be worried about in the coming year? Evolving threats.
- Hacks of mobile payments and other non-traditional payment systems.
- Ransomware attacks.
- The Internet of Things becomes a playground for hackers.
- iOS specific malware.
Companies must assign data owners and data custodians to distribute responsibility for safety, and vet suppliers, including third-party companies with which they work. Educating employees’, often a company’s weakest security link, is paramount.