ADVERTISEMENT

The six biggest cyberattacks of 2020

Cyber attack
Pierluigi Paganini
Pierluigi Paganini Contributor
Feb 3, 2021 Updated: 28 September 2021 5 min read
2020 will be known not only as the year of COVID-19 pandemic, a global tragedy that changed the way we communicate, collaborate and work. It will also be known as the year of cyberattacks, with the attack surface available to threat actors expanding massively during the year.

#1 SolarWinds supply chain attack

#2 Marriott International

  • Contact details (name, mailing address, email address, and phone number)
  • Loyalty account information (account number and loyalty points balance, but not passwords)
  • Additional personal details (company, gender, and birth date)
  • Partnerships and affiliations (linked airline loyalty programs and numbers)
  • Preferences (stay/room preferences and language preference)

#3 Twitter

Apple message on Twitter
You send $1,000, I send you back $2,000.”
“We have partnered with CryptoForHealth and are giving back 5000 BTC to the community.”

#4 Garmin

ADVERTISEMENT
“To obtain a working decryption key, Garmin must have paid the ransom to the attackers. It is not known how much was paid, but as previously stated, an employee had told BleepingComputer that the original ransom demand was for $10 million.”
reported BleepingComputer.

#5 Software AG

Software AG ransomware attack

#6 EasyJet

“Our investigation found that the email address and travel details of approximately 9 million customers were accessed.”

How to reduce exposure to cyberattacks?

  • Boundary firewalls and internet gateways — establish network perimeter defenses, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet.
  • Malware protection — establish and maintain malware defenses to detect and respond to known attack code.
  • Patch management — patch known vulnerabilities with the latest versions of software, to prevent attacks which exploit software bugs.
  • Whitelisting and execution control — prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives.
  • Secure configuration — restrict the functionality of every device, operating system and application to the minimum needed for business to function.
  • Password policy — ensure that an appropriate password policy is in place and followed.
  • User access control — include limiting normal users’ execution permissions and enforcing the principle of least privilege.
  • Security monitoring — to identify any unexpected or suspicious activity.
  • User training and awareness — staff should understand their role in keeping your organisation secure and report any unusual activity.
  • Security incident management — put plans in place to deal with an attack, as an effective response will reduce its impact on your business.
UK NCSC guide to combat cyber attacks
ADVERTISEMENT