Notable 2017 Cyberattacks (So Far) and the Lessons Learned

Patrick Flesch
Author: Patrick Flesch Date: 09/26/2017

Cyberattacks involving ransomware increased 50% last year, based on a 2016 report. Vulnerable businesses and organizations are at greater risk than individuals, with government organizations being the most frequently targeted, and healthcare and financial services being next in line.

Despite efforts to inform and educate users about the dangers of clicking on suspicious email links, 20% of all malware attacks in 2016 resulted from phishing scams, increasing from fewer than 10% the year before.

It will be interesting to see the final numbers, but with three-quarters of the year already in the history books, it appears that 2017 will continue the upward trend. Take a look at these most notable cyberattacks from 2017 to see how they happened and who’s affected, and learn ways to protect yourself and your company in the future.

1. Equifax

When: July 29, 2017
Number Affected: 143 million

Although discovered in the end of July, Equifax didn’t disclose the breach until September 7, 2017. As one of the largest credit agencies in the U.S., the company holds millions of records containing highly sensitive data such as Social Security numbers, driver’s license numbers, credit card information, birth dates, addresses and more. Hackers exploited a weak point in the company’s website software to access the data. It’s being heralded as one of the worst data breaches ever by many experts and, if you’ve requested a credit report, it’s likely your information has been compromised.

Individuals can visit the government’s Federal Trade Commission (FTC) website to learn more about measures they can take to protect themselves from the impact of this breach. Equifax set up a separate domain to direct customers to which only helped further concerns since, many phishing scams arose quickly with similar domain names. To its embarrassment, Equifax’s own Twitter account mistakenly directed customers to a fake phishing site on three occasions, further eroding consumer confidence.

2. Verizon

When: July 13, 2017
Number Affected: 14 million

If you contacted Verizon’s customer service by phone during the first half of 2017, there’s a good chance you’re among those affected. The technology company responsible for the breach left user data for the largest U.S. telecommunications company unsecured on an Amazon storage server, making cell phone numbers and account PIN numbers publically accessible. After discovering the breach, it took more than a week to secure the data. The breach occurred a year after the company revealed that contact information for 1.5 million business customers was stolen by hackers. Organizations using similar cloud services must ensure that they are securely configured.

3. Cloudflare

When: February 17, 2017
Number Affected: Potentially 6 million

Cloudfare, a company that offers security services for its customer websites, discovered a vulnerability in its platform that leaked potentially sensitive customer data. Information including passwords, cookies, authentication tokens and more that typically would be encrypted could potentially appear in plain text on its customers’ websites. Though discovered in February, the data leakage could have started as early as September 22, 2016. Among the most notable websites impacted were Fitbit and OKCupid, so an enormous pool of data was easily accessible through search.

An insufficient HTML parser used to increase website performance was the culprit. Because some of the exposed data was automatically cached by search engines, remediation became difficult. Major search engines like Google and Bing were asked to manually scrub the data.

4. WannaCry

When: May 12, 2017
Number Affected: 300,000 in 150 countries

Thousands around the world were impacted by WannaCry, with Europe being the hardest hit. Most notably, the National Health Service hospitals in the United Kingdom were temporarily crippled by the ransomware, delaying medical care for many patients.

U.S. officials believe the bug stemmed from North Korea. While it impacted many and demanded payment in exchange for restoring data, it appears the hackers only netted about $132,000, which is considered meager for such a widespread and powerful virus. 

The ransomware exposed a Windows vulnerability, Eternal Blue. Even though Microsoft released a patch two months earlier, many organizations failed to install it, leaving their systems vulnerable to the attack and highlighting the importance of timely upgrades and security patches.

5. Petya

When: June 27, 2017
Number Affected: 12,000 machines

The Petya malware spread using the same vulnerability in Microsoft Windows that was exploited by WannaCry. It locked users out of their systems and demanded payment. The virus targeted the power grid and major infrastructure such as bus stations, airports, gas stations and banks. The majority of infections (80%) targeted Ukraine, but it also spread across Russia, France, Germany, Italy, Poland, the United Kingdom, the U.S. and more than 60 other countries. Those most notably impacted included advertising firm WPP, shipping company Maersk and even the Chernobyl nuclear plant. Having occurred on the eve of Ukraine’s national holiday, Constitution Day, some experts believe the attack was politically motivated.

A Ukrainian tax preparation software named M.E. Doc appears to be responsible. Analysis of seized servers revealed that software updates had not been applied since 2013 and that there was evidence of Russian involvement. Because of the company’s negligence in maintaining its security, they may be found criminally responsible for enabling the attack.

With each cyberattack, the importance of timely upgrades and security patches becomes more evident. Continued vigilance by employees and training to help them recognize potential phishing scams, cybercriminal tactics and security best practices can help mitigate the risks significantly. We’ve developed a helpful cybersecurity tip sheet that should be required reading for everyone within arm’s reach of a computer in your organization. Be sure to click the link below (we promise it’s a safe one!) for your free copy. 

If you’d like help securing your data, reach out to the Gordon Flesch Company. We’ve got the expertise, tools and technology to help provide the most robust security possible through Managed IT, Enterprise Content Management systems and a dedicated team that monitors activity 24/7.

Cybersecurity Tips For Employees

Leave a Comment

Written by Patrick Flesch

Patrick joined the Gordon Flesch Company in 2006 as Territory Account Executive and worked his way to become VP of the Sales for the company’s Western Region. Today, Patrick is President of the Gordon Flesch Company.

Need More Information?

We’re ready – and eager – to help you solve your technology challenges.