Cyber security is like a race where both cyber security professionals and cyber criminals are competing with one another. Despite all the efforts to security critical business infrastructure, new of data breaches frequently make headlines. This is a clear indicator that hackers find a way to bypass security systems. 2019 was no different. We heard many news stories about cyber security attacks and data breaches that made us feel less secure.
In this article, we will look at top seven cybersecurity stories that took the world by surprise in 2019.
1.Containers are the New Target
Most businesses are now using containers because it enables them to deploy and test micro-services and applications and scale it too. Due to the growing popularity, these containers have become the latest target for cyber criminals. Hackers usually use container image as an opening. That is why many developers are getting rid of unofficial images from their repositories.
When you can consider the number of insecure container images used to deploy these containers, you can easily make sense of security loopholes in container images. Despite the efforts of GitHub to flag vulnerable container images hosted on its platform, using unofficial images to build your container is still a risky proposition. That is why you should only use container images that you make and should avoid unofficial images from others as they can be insecure.
2. Use of Kubernates Tools
If you are using containers for your applications, then you might also be using Kubernates to manage those applications. Kubernates is a collection of open-source projects which automate deployment, management and scaling of container applications. Security has always been a negative for Kubernates but with the introduction of Kubernate tools such as Harbor, Clair and Grafeas, things have changed for the better. The popularity of these tools will grow as we head into the future where cyber attacker will target container applications instead of databases, network and best dedicated servers.
3. Android Malware Is Still A Looming Threat
Android is one of the most popular mobile operating system in the world, enjoying more than 85% market share. This has brought android platform to hacker’s attention and its lousy security and poor vetting process make things worse. We have already seen examples of adware in apps on Google Play store and attacks such as xHelper and Joker take place, which clearly proves that android platform needs a lot of improvement before we can consider it as a secure mobile platform.
Despite Google’s efforts of plugging all the holes, there are still vulnerabilities which can easily be exploited by cyber attackers. When downloading apps, make sure they are from a trusted source and avoid installing apps from third party sources. Keep an eye on the permission an app asks for and give only those permissions that is required for the app to function. Stay informed about the latest cybersecurity news so you don’t end up missing out critical news related to app security breaches. You don’t want to be using an malicious apps.
4. Juice Jacking
If you follow cybersecurity, you might be familiar with the term crypto jacking and form jacking but have you ever heard the word Juice Jacking? No, right. Juice Jacking is a type of cyber attack that target charging stations and charging cables. Hackers install malware and try to copy sensitive data from your device without your knowledge.
It made headlines when a Los Angeles Attorney requested travelers to stay away from public USB charging stations because it can contain malware. What’s worse, the malware can not only lock your device but can also steal your data including your login credentials. Even though, it is one of the toughest types of cyber attacks to pull off successfully, but we cannot rule out its possibility because of this.
5. Mobile Phone Detection
You might have heard that “Big Brother is Watching” but did you know that it is true? UK Police Force is using a technology to detect whether a driver is using their phones while driving or not. This technology works by identifying 2G, 3G and 4G networks through GSM signals as well as Bluetooth. The only downside about this technology is that it can not differentiate between a driver and passenger using a device, so it is only being used currently as a warning system. As this flaw is ironed out, we might see this technology being used for taking against drivers who use their phones while driving.
6. American Medical Collection Agency
As cyber security industry evolves, so does the hackers. Instead of targeting businesses, more and more cyber criminals are launching a cyber security attacks on critical infrastructure such as power stations and medical facilities. One of the recent victims was none other than American Medical Collection Agency
They were busy in collecting overdue payments from different labs without knowing they have become a victim of a long data breach. Cyber attackers were successfully able to steal records of 20 million people which also included sensitive information such as social security numbers along with their bank account details. The impact of the data breach was so huge that American Medical Collection Agency must file bankruptcy due to growing IT costs, lawsuits and business losses due to bad reputation.
7.Attacks on Local Governments
Ransomware attacks have been around for quite some time now, but they are evolving with time. Instead of targeting individuals and businesses, the focus is shifting towards local governments and municipalities. The number of ransomware attacks might have dipped in last few years, but the sophistication has gone up.
This is exactly what happened when a ransomware attack targeted a city of Baltimore in Maryland along with other three cities in Atlanta and Georgia. Take regular backup of your data so you don’t have to pay a ransom to get access to your data back.
Which cyber security story surprised you the most in 2019? Let us know in the comments section below.