11 May 2019

Top Cyber Attacks of Q1 2019

By JP Buntinx

In this modern era of technology and connectivity, cyber attacks have become significantly more common. Despite numerous warnings from security experts, consumers remain prone targets for criminals who are not necessarily intent on backing down as of yet. The year 2019 has seen some interesting types of cyber attacks so far, which is not necessarily something to be too happy about. Information regarding these incidents is provided courtesy of CSIS.
January 2019 has Seen Plenty of Disruption

A total of 10 separate major cyber attacks or incidents have been recorded throughout January of 2019. The new year kicked off with German politicians have their personal details and financial information exposed. The exact purpose of this data leak remains unclear, yet it never included any information on political members of the AfD far-right party. 


Not long after, it was uncovered how Iran ran a multi-year DNS hijacking campaign targeting entities in Europe, North America, and the Middle East. In the same week, the US SEC charged hackers from Eastern Europe and the US with the breach of the agency’s online corporate filing portal, which occurred in 2016. Later on, unknown hackers successfully infiltrated computer systems as South Korea’s Ministry of National Defense’s procurement office.

Other incidents in January include confirmation of US hackers targeting the US Democratic National Committee, Iranian hackers tapping into telecom and travel systems for many years, and the war against a North Korean botnet disrupting companies in numerous critical infrastructure sectors. To top off the month, Russian state-sponsored hackers were found “guilty” of targeting the CSIC. A very busy month for cyber attacks and incident-related news altogether.

February is Slightly Calmer

In the second month of 2019, a few key incidents took place. Visma, a Norwegian firm, confirmed Chinese Ministry of State Security hackers attempted to steal its trade secrets. Airbus, the aerospace company, was also targeted by Chinese hackers who obtained personal information on some of its European employees. The Australia Federal Parliament also received attention from state-sponsored hackers, but they were caught in the act.

A lot of smaller and medium-sized incidents took place in February. The biggest event is how a cyber attack took Toyota Australia completely offline, albeit the situation was rectified pretty quickly. Numerous data breaches occurred as well around the globe. Several million people were affected, yet it would appear consumers have grown numb to these kinds of developments.

The bigger financial news in February revolves around Qin Qisheng. This former Huaxia Bank senior programmer successfully withdrew $1m from bank ATMs. This was achieved through a major loophole in the bank’s core operating system. He was eventually sentenced to ten and a half years for his actions, yet none of the money was ever spent. He kept the money in his bank account and returned it to his former employers accordingly.

March 2019 Offers More of the Same

It is safe to say the number of cyber attacks will not slow down anytime soon. March of 2019 has seen plenty of incidents once again. Attacks on universities saw a pretty big uptick, to varying degrees of success. Citrix, the software company, has confirmed its internal network was compromised, which put a lot of people on edge. The total damage pertaining to this incident is rather catastrophic.

The scariest development of March is how criminals successfully executed a cyber attack against Norsk Hydro, an aluminum plant. Going after critical infrastructure has become a lot more popular in recent years, yet not all of those attacks are reported accordingly. It is unclear if any damage was done through this attack, but the plant’s security has been beefed up ever since.

Hackers also had a field day in March. First, they successfully shut down a school in Massachusetts’ Internet connectivity by infecting it with malware. Later in the month, hackers faked ASUS software updates to install backdoors on infected devices. Several thousand machines were impacted in the process. Ransomware attacks were also rather common. Attacks around the globe affected over a million Israeli websites, Container World (a Canadian beer supply chain), Colorado’s water and sanitation districts, and the Boston legal system. Even though ransomware-oriented headlines appear less common, these attacks continue to wreak havoc on a global scale.

Last but not least, there is a laundry list of data breaches and associated reports during March. Over 1 billion accounts and personal information lists were stolen or left unprotected. The Facebook data breach exposing 600 million passwords was one of the incidents which received plenty of attention. There was also the publicly accessible database containing mailing list information of 809 million users which made the rounds. All in all, not a good month by any means, yet it seems unlikely April 2019 will be much better.

No comments: