The first cyberattack happened in France in 1834. There was no internet, but attackers stole financial market information by accessing the French telegraph system! Fast forward to today, the landscape of cybercrime has undergone exponential growth, marked by a global average cost of data breaches reaching USD 4.45 million in 2023.
Beyond being a mere statistic, this number signifies the deep-seated impact of cyberattacks on the economy. No entity is immune, not even government bodies.
Over the past year, various types of cyberattacks have affected businesses, with incidents ranging from data breaches to ransomware and data extortion attacks. These breaches have inflicted harm on multiple victims and left a broad industry impact. Some major cyberattacks from 2023 include:
- DarkBeam – the biggest data breach of the year
Over 3.8 billion records were exposed by cyber vulnerability and threat management provider DarkBeam after it misconfigured an Elasticsearch and Kibana data visualization interface. A cyber security news site CEO noticed and notified the firm, and the issue was corrected quickly.
However, it’s unclear how long the data was exposed or if anyone accessed it previously with malicious intent. DarkBeam had been collecting the data to alert customers in case of a data breach – which means the data was already exposed in previous cyberattacks.
Such data leaks are usually due to human error, for example, employees forgetting to password-protect data. This is an example of the need to continuously monitor systems for misconfiguration.
- Aadhaar data breach of 815 million citizens
In October, Resecurity, an American cybersecurity company said that the Personally Identifiable Information (PII) of millions of Indians, including Aadhaar numbers, names, phone numbers, and passport details, were being sold on the dark web.
The investigators learned that the threat actors would sell the entire database for $80000! A report also suggests that the compromised data might be from the ICMR (Indian Council of Medical Research) database.
The enormity of the breach raised alarms about identity theft, privacy erosion, and financial fraud. Acting as a wake-up call, this breach imparted crucial lessons for governments, organizations, and individuals. The pivotal role of constant monitoring and audit, robust access controls, ongoing employee training, and heightened public awareness in fortifying cybersecurity defences cannot be understated.
- Multiple T-Mobile breaches
The US telco giant underwent multiple incidents in 2023: In January, a threat actor exploited an API vulnerability, and up to 37 million prepaid and postpaid accounts were potentially affected. Then, in April, they notified around 836 customers that their data was compromised. Even though the magnitude of this attack was lesser, the breach included highly confidential data such as government IDs, social security numbers, and so on. In late September, a glitch exposed the payment and customer data of fewer than 100 customers, and in the same month, 89 GB of employee data was posted to a hacker forum.
While companies may have plenty of safeguards in place to prevent unauthorized access, such cases only cement the importance of continuous improvements in cybersecurity. Staying one step ahead of threat actors requires a dynamic approach, which includes regular updates to security protocols, embracing cutting-edge technologies, fostering a culture of cybersecurity awareness, and collaborating with industry peers to share threat intelligence.
- The Pentagon Leaks
The next incident serves as a cautionary tale for military organisations globally. In a concerning breach, a 21-year-old member of the intelligence wing of the Massachusetts Air National Guard leaked highly sensitive military documents for bragging rights within his Discord community.
This information was shared on other platforms and gave Russia a treasure trove of military intelligence for their war. Surprisingly, the member was also able to print out and take top-secret documents home to photograph and subsequently upload.
To prevent such breaches, strict enforcement of security protocols, continuous training on the importance of handling classified information, and monitoring systems are imperative in military organizations.
- MOVEit affected by Zero-Day
On May 31, Progress Software alerted its clients about an undisclosed vulnerability discovered in MOVEit Transfer and MOVEit Cloud software, and on the same day, a patch was made available to address the issue. This SQL injection, identified as CVE-2023-34362, posed a significant threat, potentially leading to unauthorized access and compromise of sensitive data.
Exploitation of this vulnerability allows attackers to disrupt operations, causing downtime and hindering services. This case once again underscores the urgency for switch detection and patching by software vendors and organizations.
As these cyberattacks evolve, some may result in severe consequences such as full database leakage, unauthorized file access, and potential remote code execution.
Staying ahead in 2024
Today, the need for heightened cybersecurity measures has become even more critical. The ever-evolving landscape of cyber threats necessitates regular evaluations and enhancements to security measures. Only a multifaceted cybersecurity strategy will help organizations navigate the challenges in the long term. We need to stay sharp, stay safe, and fortify our defences – one day at a time.
