3. DDoS And Ransomware Attacks – And The Massive Equifax Breach – Raise The Security Stakes
IT security threats have been on the rise in recent years with highly publicized attacks against companies such as Yahoo, Sony and Target. But several widespread ransomware and distributed denial of service attacks this year really caught everyone's attention and provided clear evidence of how serious the security problem has become.
A global attack that became known as "WannaCry" crippled as many as 200,000 computers across 150 countries in mid-May, especially targeting healthcare organizations and telecommunications companies. WannaCry was particularly pernicious because it combined ransomware with a computer worm – a never-before-seen combination that allowed the attack to spread so quickly.
In late June a second widespread ransomware attack, which appeared to begin in the Ukraine, quickly spread around the world hitting companies in the legal, shipping and pharmaceutical industries. The attack increased worries about the vulnerability of critical infrastructure and Internet of Things networks.
Security concerns around IoT networks were also in the spotlight in April when a massive DDoS attack against an unnamed U.S. college was made public. Experts said the incident, described as an application layer attack, was evidence of how IoT attacks are evolving to become more elaborate and more sophisticated. A vulnerability dubbed "BlueBorne," disclosed in September, was believed to open as many as 5 billion IoT devices to a Bluetooth cyber attack.
But it was the stunning security failure at credit reporting services company Equifax, disclosed in September, which really brought the problem home to consumers everywhere. The security breach exposed sensitive data, including birth dates and social security numbers, on 143 million people and consumers scrambled to sign up for credit monitoring services and freeze their credit histories.