2020 was a memorable year! This year has been a memorable year for Cybersecurity. Despite this, Cybersecurity is always evolving. Here are the top Cybersecurity incidents for 2020 and some surprises.
1. US Treasury and Commerce Dept breach
On December 13, 2020, major newspapers across the globe reported that the US Department of Treasury and Commerce had been subject to cyber attacks by experts from foreign entities. It was believed that these email addresses were compromised. It was also possible that other departments were involved in the breach, which could have been ongoing for a long period.
Further information revealed that email systems in all departments might have been monitored for a considerable time. A group called “APT29” or Cozy Bear carried out the cyberattack. The attackers may have used Microsoft 365 email to launch their attack vector.
SolarWinds was the company that provided the software. It is believed that less than 18,000 organizations may have installed a patch to address a vulnerability that could have been exploited in the sophisticated attack.
This investigation is ongoing and more organizations are still trying to understand the full extent of the attack. The Cybersecurity and Infrastructure Security Agency, which is one of the Departments of Homeland Security, is helping in the investigation.
2. FireEye Cyber Attack
“FireEye” is an intelligence-led security company that offers services in network security and endpoint security for different organizations.
A highly skilled group of attackers used novel techniques to carry out the ‘FireEye cyber attack on December 8, 2020. They used techniques that were new and not seen in the past. FireEye’s Red Team tool was accessed by attackers, it has been confirmed. FireEye’s blog states that the team does not know whether the attackers intend to use the Red Team tools to their benefit or to disclose them openly.
FireEye, on its part, has created countermeasures to stop the Red Team tools being used. It also incorporates countermeasures in its security products.
FireEye works with Microsoft and the Federal Bureau of Investigation to find more answers.
3. Security issues at Zoom
The world had to adapt to new ways of doing business/academics, and other social interactions in the wake of the Coronavirus pandemic of March 2020. This brought Zoom video conferencing software into our living rooms, study, and dining rooms. Although Zoom software helped us to move forward with our academic and business concerns, it also had its share of Cybersecurity problems.
“Zoombombombing” became a common term, and unwanted guests were a part of school and business meetings. Zoom was also accused of leaking unauthorised data to Facebook. Online, Zoom was found to have uploaded personal videos of children and telehealth consultations.
These issues prompted many governments and businesses to ban Zoom’s use. Zoom CEO stated that he had resolved most security issues within 90 working days. Zoom 5.0 included enhanced security features like stronger data encryption and password-locked meetings by default.
These security features were able to offset some users’ concerns. Zoom was back in business with new security rules and regulations!