Table of Contents
This year has been rough for IT industry due to many cyber-attacks.
What is a cyber-attack?
A cyber-attack is performed by hackers using a computer or a group of computers.
The main purpose of these attacks is to disable target systems and gain personal information of a user for personal gain. There are different methods used by hackers to attack a machine. Here we are listing some of them:
- Phishing Attack
- SQL Injection Attack
- Cross-Site Scripting (XSS)
- Denial of Service (DoS)
- Session Hijacking and Man-in-the-Middle Attacks
- Credential Reuse
Recent Cyber Attacks
Cyber-attacks are becoming common these days, different companies are being targeted and they complain about losing data. This data is been used by the attackers for exploiting user or a organization.
Cyberattacks may involve individual’s users who get their information stolen or encrypted. Once the data is encrypted attackers demand lots of money in order to decrypt it.
Also Read: Eltima Apps Open Doors for OSX Proton
We can see below the list of top cyber-attacks of 2017:
There are different cyber-attacks that happened around the world but we have listed some that are worth mentioning.
WannaCry has been one the most wide spread ransomware attack that infected the systems around May of 2017. More than 2,00,000 devices in 150 countries were affected
WannaCry was like all ransomware, it encrypted data and demanded payment in form of Bitcoin to decrypt it.
This ransomware used a code that was developed by the United States National Security Agency. It used EternalBlue, a software vulnerability in Microsoft’s Windows XP operating system. Later, Microsoft issued a patch to avoid the WannaCry attacks.
Also Read: Essential Tips to Increase Mac Security
Another ransomware, a variant of Petya, infected hundreds of thousands of computers in more than 100 countries in just a few days. The ransomware started spreading its roots from Ukraine via a malicious update in MeDoc, an accounting software which is quite popular in Ukraine. Later it propagated from one computer to other and ultimately in various parts of the world. As per security analyst this ransomware was more lethal as it extracted passwords from the infected computer so that it can spread to other computers. It caused a major financial damage to many firms in USA, especially to major pharmaceutical firm, Merck. It costs them more than $300 million in the Quarter 3 of 2017, alone. It was believed that it was from Russia against Ukraine later they denied it.
It is one of the cryptocurrencies. Which was stolen using a exploit in the Parity multi-signature wallet on the Ethereum network. Someone stole 32 million in cryptocurrency. Ethereum community’s white hackers realized the attack is happening but it was to late and they realized that it is irreversible.
They used the same exploit to remove Ether from all risk account and then they safely returned all the money.
Locky is the most feared ransomware. It disappears and reappears again and again. Its encrypts systems through phishing email and asks for ransom, mostly in bitcoins. It is delivered by an email attachment – a Microsoft Word document having malicious macros. The user opens the document to find the phrase “Enable macro if data encoding is incorrect”. If the user enables the macros, the macros then save and run a binary file that downloads encryption trojan. Filenames have already been converted to a unique 16 letter and number combination and the extension name being. locky. It encrypts all files that match extensions. A message is displayed on the user’s desktop after encryption, and instructs to download the Tor browser and visit a specific criminal-operated Website for further information. That website demands a payment of between 0.5 and 1 bitcoin (one bitcoin value is between $7,000 and $8,000 via a bitcoin exchange). The victim must pay the ransom to decrypt the files as the remote servers control the criminals. Its new variants, called Diablo and Lukitus, also surfaced in 2017, using the same phishing email attack.
Jaff attack came in May 2017. This attack was started by Necurs, one of the largest known. It tried to use same tactics as of Locky, by sending millions of spam emails to its selected targets all over the globe in a few hours. The spam emails contained a pdf attachment with them. The pdf file itself contains another DOCM file which once opened runs a macro and download a txt file. This .txt file later changes into an executable file and set the platform for propagation of Jaff ransomware. This ransomware demands a ransom of 1.79 Bitcoins whose total value being more than $6,000.
CrySis uses a different method to ransom its victims. It hacks Remote Desktop Services to manually install the ransomware. Remote Desktop Services compromises the administrators and machines that control entire organization. This advanced malware uses a technique called crypto viral extortion. It encrypts the victim’s files to make them inaccessible. The cybercriminals demand a ransom payment to decrypt them. In May, some 200 master keys were released allowing victims to decrypt and unlock their systems.
Also Read: Protect Your Mac In 7 Ways
These are some of the attacks that happened in 2017. Various steps are being taken to stop them. They cause a major loss of money and reputation of It industry.