2017 was filled with numerous ransomware attacks, large corporate breaches, and massive amounts of leaked personal data, but as the year comes to a close, here are the stories that made this year a memorable one.
Wikileaks CIA Vault 7
In April, WikiLeaks released information purportedly belonging to the CIA in what appears to be the largest leak of CIA documents. The documents contained sophisticated software tools and techniques used by the agency to exploit vulnerabilities in smartphones, computers and even Internet-connected televisions. The tools allowed hackers to compromise a variety of Windows servers and Windows operating systems, including Windows 7 and Windows 8.
Hitting worldwide on May 12, WannaCry released shock and awe around the globe as the ransomware attack thrusted real-world effects of cybersecurity vulnerabilities into the international spotlight. It affected thousands of organization in over 150 countries by exploiting a Windows vulnerability that Shadow Brokers revealed in April.
Equifax Data Breach
In what may be the most provocative breach to date, Equifax credit report bureau disclosed a breach that exposed data on 145 million US consumers. It’s considered among the worst breaches of all time because of the amount of “big four” personal security identifiers—name, address, birth date and Social Security number— that were stolen at once. The breach was made possible because Equifax failed to promptly install a security fix to a flaw found in a web application tool used by many major corporations.
Another major ransomware attack in 2017 was the computer virus NotPetya, which targeted Ukrainian businesses using compromised tax software. The malware spread to major global corporations, including FedEx, the British advertising agency WPP, the Russian oil and gas giant Rosneft, and the Danish shipping firm Maersk. Aiming to cause devastation, it was considered one of the most malicious pieces of malware to hit organizations.
The Uber coverup
In November, it was disclosed that Uber had paid a $100,000 ransom to hide a breach that was over a year old andr that affected over 57 million driver and rider accounts. The data that was exposed included both customers’ and drivers’ names, email addresses, phone numbers and driver’s license numbers. This breach was revealed by Uber’s new CEO, Dara Khosrowshahi.