We live in a world where we can do almost anything online. We use our phones, computers, and tablets to shop, bank, and connect with friends and family. But with all these benefits comes a big risk: cyberattacks.
Cyberattacks happen when bad guys try to steal your information or damage your computer systems. They can do this in many ways, like sending you fake emails or hacking into your accounts.
Why are we so vulnerable?
One reason we're so vulnerable is because we use the same information for everything. We might use the same email address and password for our bank, social media, and online shopping. This makes it easy for hackers to steal our information and use it to access other accounts.
Another reason is that there are a lot of weak spots in the systems we use. These weak spots are called vulnerabilities. Hackers can find and exploit these vulnerabilities to gain access to our information.
Real-world examples of cyberattacks
Here are some examples of major cyberattacks that have happened in recent years:
WannaCry Ransomware Attack
- What happened: In May 2017, WannaCry ransomware attack targeted computers with Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency.
- How it happened: WannaCry propagated through an exploit (named EternalBlue) in systems having older versions of Windows. This exploit was released by a hacker group named The Shadow Brokers a few months prior to the attack. Microsoft had discovered this vulnerability and had released security updates in April 2017 for all the windows versions (except Windows XP and Windows Server 2003) to fix the exploit.
- Impact: The attack was estimated to have affected more than 200,000 computers across 150 countries, with total damages ranging from hundreds of millions to billions of dollars. One of the largest agencies affected by this attack was the National Health Service. Up to 70,000 devices(including computers, MRI scanners, blood-storage refrigerators and operation theatre equipment) belonging to hospitals in England and Scotland were affected
Uber Data Breach
- What happened: Uber’s CEO, Dara Khosrowshahi, stated that hackers stole personal data of nearly 57 million Uber users. This personal data included names, phone numbers, email addresses, debit/credit card numbers of customers and also, license numbers of the drivers serving the company.
- How it happened: Hackers accessed Uber's internal systems and stole the data.
- Impact: Uber faced lawsuits and lost the trust of its customers.
Bangladesh Bank Heist
- What happened: On February 2016, hackers fraudulently issued instructions via SWIFT (Society for Worldwide Interbank Financial Telecommunication) network to withdraw US$ 951 billion from the accounts of Bangladesh Bank(the central bank of Bangladesh) at the Federal Reserve Bank of New York.
Five transactions were initiated by the hackers, totally worth $101 million. - How it happened: xploiting on Bangladesh Central Bank’s security, the hackers attempted to steal the money from Bangladesh central bank's account held with the Federal Reserve Bank of New York.
The hackers were able to compromise Bangladesh Bank’s network. They observed how the transfers were done, and gained access to the bank's credentials for payment transfers. Using these credentials, they authorized about thirty five requests to the Federal Reserve Bank of New York to transfer funds from the Bangladesh Bank account to accounts in Sri Lanka and Philippines.
Later, it was identified that they used a malware named Dridex to execute the attack. This malware specializes in stealing bank credentials from Microsoft Word. - Impact: TOut of thirty five transaction requests, five transactions were traced in which hackers had successfully managed to transfer $20 million to Sri Lanka and $81 million to Philippines
Later, at the request of Bangladesh Bank, The Federal Reserve Bank of New York blocked the remaining thirty transactions, amounting to $850 million
Indian Debit Card Breach
- What happened: Millions of Indian debit cards were compromised in 2016. It was estimated 3.2 million debit cards were compromised. Major Indian banks including SBI, HDFC, ICICI, YES Bank and Axis Bank were among the worst hit.
- How it happened:Reportedly, the breach was not the result of direct attack on the banks instead it was due to a malware injected in ATMs and Point-of-Sale (POS) terminals. The malware was injected into the payment gateway network of Hitachi Payment Systems which facilitates a transaction either from an ATM or an online payment gateway.
- Impact: Complaints from customers on unauthorized debits were reported. Subsequently, resulted in one of the biggest card replacement drive in India's banking history. SBI announced the blocking and replacement of almost 600,000 debit cards
These are just a few examples of the many cyberattacks that happen every day. It's important to be aware of these threats and take steps to protect yourself and your information.
0 Comments