With the number of security breaches on the rise, Data Security has never been so important in modern enterprise and has dramatically become one of every businesses’ top priorities. It has been revealed that in this year alone, the UK has been hit by more than 500 significant cyber-attacks.
1. WannaCry // NHS
Earlier in May this year, we experienced the biggest ransomware outbreak in history. The ‘WananCry’ tool, intentionally believed to be developed by the US National Security Agency, was violated and said to have infected around 300,000 computers in 150 countries including Europe, Russia, Ukraine and India.
The phishing attacks were blamed on ‘WannaCry’ malware. The malware delivered emails that scammed users into opening realistic attachments, proceeding in return to release the malicious software onto their computer systems.
The NHS was one of the worst-hit health organisations. It’s estimated that 26 million patient records were embroiled in the security breach which earned a BLI score of 9.0. Personal details of staff were made public due to vulnerabilities in the NHS’ IT infrastructure, used by GPs.
A whole mass of people across the UK were affected, with many surgeries turning away patients and cancelling appointments after being infected by the ransomware. Payments of $300 to $600 were demanded to restore access.
2. FedEx // TNT
During the Summer, another ransomware outbreak of NotPeyta was released. Dutch delivery company, FedEx was on the receiving half of the scale and were victims to a cyber-attack that cost its TNT division a huge $300m (£221m) as pointed out in their statements. Deliveries and sales suffered as the firm took financial hits as a result of the attack.
Precautions were that serious, that TNT had to resort to messaging platform ‘WhatsApp’ for internal communications as it’s email system had become inaccessible. Although the company safely recovered, they have warned that it may not be able to recover all systems that were affected by the cyber-attack. FedEx was only one of the many companies who were attacked by the Petya malware epidemic.
Italy’s largest bank, UniCredit, admitted it suffered not one but two breaches in the past year. Possibly compromising the data of over 400,000 customers. Personal details were accessed by hackers although the bank has confirmed that no passwords were stolen in the attacks.
The attack is thought to have been the most serious data breach ever reported by an Italian lender, carried out through a trade partner who the company failed to clarify. UniCredit’s reputation has suffered in return, with shares falling dramatically since the cyber-attack. Since the attack, the banking firm has spoken of a £2 billion investment in the hopes of upgrading its IT systems.
Deloitte is one of the largest global accountancy firms and provides services to some of the most developed banks and multinational businesses including government agencies and major blue-chip clients. The organisation was hit by a major cyber breach that had gone unnoticed for several months by its IT management. Deloitte discovered the hack back in March, but attackers could have been in the system 6 months before the attack.
The individuals responsible gained access to the firm’s email platform that compromised confidential data. This included the private emails of some of its clients such as usernames and passwords of some of its most well-known clients. It’s though that the attacker got through the system by hacking an administrator’s account on the server, granting them full access to Deloitte’s data. Sources suggest that the account didn’t have two-factor authorisation, leaving it vulnerable. It’s said that over 244,000 members of staffs’ emails were stored in the company’s cloud service.
In September, Credit reporting company Equinox Inc based in Atlanta, Georgia suffered a major data breach. The firm failed to secure data on UK customers due to a “process failure.” Almost 400,000 Britons were targeted in the data and customer records were obtained by hackers. Sources suggest 143 million customers were left vulnerable with their privacy being violated. Social security numbers and other sensitive pieces of personal information were accessible in the attack.
The criminals got into Equifax’s internal systems long before the company discovered it had been penetrated. Equifax is now facing dozens of legal claims over the incident, with Chairman and chief executive Richard Smith stepping down.
Many businesses are unknowingly being left vulnerable and an open target to phishing and data breaches. Malicious malware has vastly become more intelligent and threatening. We must reassess our security within businesses and take effective measures when it comes to protecting what matters most, data.
Protecting your business
Make sure you have your business data protected and erased once no longer needed. View S2S’s certified Data Destruction services.