According to the University of Maryland, there are around 2,200 cyberattacks every day. However, most attacks go unreported and unknown; today we’ll be talking about some of the biggest cyberattacks in recent times. You may have heard about them and even could’ve been affected.
This article’s point is to go in-depth into the biggest attacks to see how they could’ve been avoided with proper cybersecurity practices. I’ll be going over the ILOVEYOU, WannaCry, and Yahoo data breaches. At Kirkham IronTech, being an MSSP, we’ll review what went wrong and provide some insight on how It could’ve been avoided or minimized.
ILOVEYOU VIRUS
As funny as the name sounds, this was one of the most destructive viruses in recent time. This occurred in the year 2000, a time when people were still getting used to the Internet. However, millions were already adopting email in their day-to-day lives, making it a prime target for cyberattacks. The virus itself was a computer worm, which is able to self-replicate and spread rapidly, as it infected over 50 million users.
The file appeared as a harmless .TXT file but was actually a .VBS file, a Visual Basic Script. This allows it to execute automated actions and cause mass amounts of damage. This clever disguise allowed it to exploit users and wreak havoc globally.
How It Could’ve Been Avoided:
- Avoid Suspicious Attachments: People need to avoid clicking on suspicious email attachments, especially if it’s from an unknown source. The subject line being “ILOVEYOU” played on emotions, demonstrating the effectiveness of social engineering in cyberattacks.
- Employee Training: Many of the reported infections occurred in a work setting. Having a proper cybersecurity training program in place could’ve educated employees on how to recognize phishing attempts and malicious attachments.
- Managed Security Services: Businesses could’ve employed a Managed Security Service Provider (MSSP) to monitor and protect their systems. At Kirkham IronTech, we offer continuous monitoring and customized solutions to prevent such attacks.
Photo by CyberHoot
WannaCry
What’s up with these attackers coming up with these funny names? Anyways, this attack with specifically a ransomware attack. Typically, they will encrypt something valuable and try to extort something from the victim, usually money. But how exactly did this attack happen?
How It Happened:
- Outdated Systems: Around two months before the initial attack, Microsoft released a security patch that could’ve protected users from this attack. Yet, many people don’t update systems when needed, so they were prey to the incoming attack.
- EternalBlue Exploit: Attackers leveraged EternalBlue, a tool leaked from the NSA, to exploit a vulnerability in Microsoft’s SMB protocol. This allowed WannaCry to spread rapidly across networks.
- Lack of Backups: Many victims had insufficient backups or security systems in place. The attacks basically encrypted their files and demanded money for release, but who’s to say they will actually release them?
How It Could’ve Been Avoided
- Regular updates: Applying security updates promptly could’ve neutralized the EternalBlue exploit, it’s a good rule of thumb to have automatic updates on.
- Data Backups: Regular backups would’ve allowed users to restore data without having to pay for a ransom, attackers do these attacks since most people don’t make regular backups.
- Advanced Security Solutions: Organizations need to implement better security protocols such as continuous monitoring and endpoint detection and response to isolate these threats in real-time. At Kirkham IronTech, our advanced EDR solutions monitor activity across your network, detecting potential threats before they escalate.
Yahoo Data Breaches
The Yahoo Data Breaches are still regarded as the largest breach in history. Over 3 billion users were compromised in their 2013 breach. This went undetected for over 3 years and things such as names, emails, phone numbers, and passwords were all stolen.
Causes of the Attack:
- Phishing susceptibility: Many employees were the target of spear-phishing emails, allowing the hackers to gain access to the system. With attacks like these, all it takes is one click for the attack to be in motion.
- Inadequate response time: Yahoo didn’t discover this breach until 2016, 3 years after it had happened. This is due to a lot of factors such as high turnover, lack of defense mechanisms, and constant changes in leadership for its security team.
- Outdated Password Hashing Algorithm: Around the time of the attack Yahoo had been using an MD5 password hashing algorithm, which is regarded as very weak in today’s standards. Attackers can very easily get past this with tactics such as rainbow tables or using a brute-force attack.
How It Could’ve Been Avoided
- Employee Training: Teaching employees to recognize different types of cybersecurity attacks could’ve prevented the initial infiltration.
- Secure Password Storage: To keep their passwords safe, they could’ve implemented a more modern method such as PBKDF2 for their passwords to be structured.
- Threat Detection: Having automated systems in place with continuous logging and monitoring could’ve detected and identified the compromised systems more quickly. Not knowing until years later isn’t a good look.
At Kirkham IronTech pride ourselves in the fact we offer continuous monitoring, threat detection, and many more services that make us a top 250 MSSP.
How Cyberattacks Can Be Avoided or Minimized
As we’ve discussed, thousands of cyberattacks happen every day. Many go unreported, emphasizing the need for cybersecurity awareness and a proactive cybersecurity plan of defense. The ILOVEYOU virus, WannaCry ransomware attacks, and Yahoo data breaches demonstrate how devastating cyberattacks can be, but are also a good learning opportunity to show how proper defenses could’ve minimized their impact.
We can gather that individuals and organizations need to stay informed about the evolving threats and implement robust security measures. At Kirkham IronTech, we take a holistic approach to cyber security, IT infrastructure, and governance. Proper cybersecurity can be costly, but the threat of a breach can be far more devastating. For companies big and small, Kirkham IronTech can help you secure your future.
Reach Out to Us Today!
Call Us: (479) 434-1400 – Get in touch with our team.
Visit Our Website: www.kirkhamirontech.com – Learn more about our offerings.
Email Us: info@kirkhamirontech.com – Let us know how we can help.
Tom Kirkham brings more than three decades of software design, network administration, and cybersecurity knowledge to organizations around the country. During his career, Tom has received multiple software design awards and founded other acclaimed technology businesses.
