The last 12 months have been a roller coaster in the field of cybersecurity. Everything is broken in cybersecurity; it is just a question of discovering it, and it seemed like everything broke all at once this year, especially at the end of the year. However, for better or worse, we will conclude the year knowing more than we did at the start. Here, we look back at the year that has passed and the lessons we have learned along the way.
1. Downtime, not ransom payments, is what costs organizations when they are hit by ransomware. Malware that encrypts files is still a problem. Ransomware held completely corporate networks for ransom in return for millions of dollars in cryptocurrency payments this year alone, forcing entire towns down, blocking salaries, and causing fuel shortages.
According to the US Treasury, ransomware operators are expected to generate more money from ransom payments in 2021 than they did in the previous decade. However, data reveals that organizations suffer the largest costs due to delayed productivity and the time-consuming effort of cleaning up after a ransomware attack, which includes incident response and legal assistance.
2. The Federal Trade Commission (FTC) has the authority to require mobile spyware producers to notify their victims. Following an order from the Federal Trade Commission in September, SpyFone became the first spyware producer to ban in the United States.
The FTC accused the manufacturer of the “stalkerware” software of developing the stealthy virus to provide stalkers and domestic abusers real-time access to data on their victims’ phones, such as messages and location information, without their knowledge. SpyFone was also ordered by the FTC to destroy all of the data it had “illegally” gathered and to tell users whose phones had been hacked by its software for the first time.
3. In comparison to the previous year, cybersecurity venture capital financing has quadrupled. In terms of cybersecurity venture capital financing, 2017 was a record-breaking year. During the first half of 2021, investors had put $11.5 billion into venture capital.
That is more than double the $4.7 billion spent the previous year over the same time. Transmit Security raised $543 million in a Series A round, and Lacework raised $525 million in a Series D round. Cloud computing, security consultancy, and risk and compliance, according to investors, helped drive the investments.
4. Gagging orders issued on a third of all legal requests for Microsoft user data. It is no secret that internet companies are among the largest collectors of user data, and they are also a regular target of government data demands for criminal investigations. However, Microsoft issued a warning this year about a rising pattern in which the government attaches secrecy restrictions to search warrants, preventing the business from informing customers when their data is being investigated.
According to Microsoft’s consumer security head Tom Burt, one-third of all judicial orders include confidentiality restrictions, many of which are “unsupported by any serious legal or factual investigation.” According to Microsoft, confidentiality orders are commonplace in the computer business.
5. The FBI has given permission to break into private networks in the aftermath of a cyberattack. In April, the FBI conducted a first-of-its-kind operation to remove backdoors planted by hacker’s weeks earlier in hundreds of U.S. firm email systems. China was eventually accused of the widespread usage of weaknesses in Microsoft’s Exchange email software, which the hackers exploited to steal contact lists and mailboxes from thousands of enterprise email servers across the United States.
Thousands of servers were left unprotected because of the intrusions, causing firms to race to patch the holes. However, the updates did not remove a backdoor left behind, allowing the hackers to quickly regain access. Fearing that bad actors might use the backdoors, a federal judge in Texas approved the operation, enabling the FBI to use the same vulnerabilities as the hackers to remove them. Other governments have conducted similar “hack and patch” operations to eliminate botnets in the past, but this is the first time the FBI has successfully cleaned up private networks following a strike.
6. Unemployment benefits frauds perpetrated on vehicle insurance websites. This year, many vehicle insurance firms targeted for an unusual, but all-too-common, fraud. A weakness in Metromile’s website, which is used to store insurance quotations, was exploited to get driver license numbers, according to the company. Then, months later, Geico announced that it, too, had attacked and that its driver license numbers had been scrapped.
Scammers used the stolen license numbers “to falsely file for unemployment benefits in your name,” according to Geico’s data breach warning. It turns out that a driver’s license is required in several U.S. states before you can qualify for state unemployment benefits, which is why vehicle insurance businesses are singled out.