Cyber crime is an ever-evolving problem, with an estimated cost of US$10trn by 2025. In 2021, there were more than 4,100 publicly disclosed data breaches, which equates to approximately 22 billion records being exposed. The figures for 2022 are expected to at least match this, if not exceed it by as much as five percent.
Cyber Security Hub is dedicated to delivering breaking news from the cyber security sector. With this in mind, here are the news stories detailing the threat vectors, cyber attacks and data breaches that had the biggest impact on its readers over the past 12 months.
10. Social engineering “most dangerous” threat, say 75 percent of security professionals
In May, Cyber Security Hub research revealed that three out of every four cyber security professionals considered social engineering or phishing attacks to be the “most dangerous” threat to cyber security at their companies.
The research, which was conducted for the CS Hub Mid-Year Market Report 2022, also found that other top threats included supply chain/third-party risks (cited by 36 percent of respondents) and a lack of cyber security expertise (cited by 30 percent of respondents).
Discover more about the concern over social engineering attacks in our analysis from August 2022.
9. Meta fires employees for allegedly hacking into user’s accounts
On November 17, 2022, the Wall Street Journal broke the news that 12 Meta employees had been either disciplined or fired for breaking Facebook’s terms of service and hijacking user accounts.
The employees, some of whom were contractors employed as security guards at the tech company’s offices, had been using a heavily regulated internal access tool referred to as ‘OOps’ to reset access to Facebook accounts. One employee was dismissed following accusations that they used OOps to allow hackers to fraudulently gain access to multiple Facebook accounts in exchange for thousands of dollars' worth of Bitcoin.
Read about the consequences for those abusing access to the account reset tools in our recent news report.
8. Dropbox suffers data breach following phishing attack
On October 14, 2022, a malicious actor gained access to 130 of the company’s source code repositories after its employees were targeted by a phishing attack.
The attack saw a malicious actor pose as code integration and delivery platform CircleCI in order to harvest login credentials and authentication codes from employees. It also gained access to Dropbox’s account on code repository site GitHub, as CircleCI login information can be used to access Github.
Throughout the attack, the hacker gained access to some of the code Dropbox stores on the platform, including API keys used by its developers.
Discover more about how phishing attacks occur in our guide to social engineering.
7. Google blocks “largest ever” web DDoS attack
Google reported that it had blocked the “largest” distributed denial of service (DDoS) attack on record, which had a peak of 46 million requests per second (rps) on June 1.
The attack targeted a Google Cloud Armor user with HTTPS for a duration of 69 minutes and had 5,256 source IPs from 132 countries contributing to it. Google reported that the attack was the biggest Layer 7 DDoS attack reported to date and was 76 percent larger than the previous record.
In a blog post about the attack, Emil Kiner, senior product manager for Cloud Armor, and Satya Konduru, technical lead, both at Google, noted that the attack was akin to “receiving all the daily requests to Wikipedia...in just 10 seconds”.
Learn more about DDoS attacks in this piece from earlier this year.
6. Kaspersky Antivirus added to US security risk list
The US Federal Communications Commission (FCC) and the Department of Homeland Security (DHS) amended its list of foreign IT vendors that “pose an unacceptable risk to national security or the security and safety of United States persons” on March 25.
The amendment added Kapersky Antivirus, a digital security company previously named by Gartner as the third-largest provider of consumer-level IT products and the fifth-largest vendor of enterprise IT products. Two Chinese-owned companies, China Mobile International and China Telecom Corp, were also added.
FCC commissioner, Brendan Carr, said the companies were added to the roster to “help secure [US] networks against threats posed by Chinese and Russian state-backed entities seeking to engage in espionage and otherwise harm America’s interests.”
Find out more about Kaspersky’s response to the amendment and the impact of the blacklisting.
5. Twitter confirms data from 5.4 million accounts has been stolen
On July 27, Cyber Security Hub reported that a hacker going by the alias “devil” claimed to have the details for 5.4 million Twitter accounts for sale.
The hacker said they had harvested the information using a vulnerability previously flagged to Twitter on January 1, 2022.
Twitter confirmed the breach on August 5, and suggested that in the future users should enable two-factor authentication to protect their accounts from unauthorized logins.
Read more about how the hacker was able to exploit the vulnerability and the accounts affected by the data breach.
4. Suspected Grand Theft Auto 6 hacker arrested by UK police
Rockstar Games, the developer of popular Grand Theft Auto (GTA) game series, suffered a data breach on September 19, 2022, after an unauthorized party gained access to the company’s Slack channel.
From there, the hacker downloaded and leaked previously unseen assets and clips from the as-yet-unreleased GTA 6 game to a fan forum. While it was initially thought to be a hoax, swift involvement from both Rockstar Games and the authorities confirmed the clips were real.
A 17-year-old from Oxfordshire known only as AK was later arrested by the City of London police, allegedly not only in connection to the hack, but to hacks against Uber and Microsoft from earlier in 2022.
Learn more about the alleged hacker and his multiple attacks in this September news post.
3. Google announces its acquisition of Mandiant
Google announced its plans to acquire cyber security firm Mandiant at a cost of more than $5bn on March 8, 2022, in a move designed to bolster its internal cyber security resources.
The $5.4bn acquisition was Google’s second-most expensive deal in its history, second only to its purchase of Motorola Mobility for $12.5bn in 2012.
The plans to merge Google and Mandiant’s cloud offerings, as well as the size of the deal, led to speculation on what its impact might be for the cyber security sector at large. Cyber security experts noted that it may signal a shift in the cloud landscape, with those offering cloud services increasing investment in security and consulting services.
Learn more about the merger and its influence on the cyber security sector in this March post.
2. Samsung hit with class action lawsuit following data breach
In late July 2022, an unauthorized party gained access to the internal servers for tech giant Samsung’s US customers. Samsung warned customers of the data breach on August 4, after an internal investigation confirmed that the malicious party had gained access to personal information for customers.
Just over a month later, a class action lawsuit was filed by a Samsung customer affected by the breach. Shelby Harmer filed the lawsuit with the US District Court for Nevada on September 6 “on behalf of Samsung’s customers whose personally identifiable information was stolen by cyber criminals”.
The lawsuit alleged that Samsung had not only failed its customers by not reporting the breach in a timely manner, but also by incorrectly safeguarding their personal information in the first place.
Find out more about the lawsuit and its charges in this September update.
1. More than 1.2 million credit card numbers leaked on hacking forum
Carding marketplaces are dark web sites where users trade stolen credit card details for financial fraud, usually involving large sums of money. On October 12, 2022, carding marketplace BidenCash released the details of 1,221,551 credit cards for free.
A file posted on the site contained the information for more than 1.2 million credit cards expiring between 2023 and 2026, in addition to other details needed to make online transactions.
BidenCash had previously leaked the details of thousands of credit cards in June 2022 as a way to promote the site. As the carding marketplace had been forced to launch new URLs three months later in September after suffering a series of DDoS attacks, some cyber security experts suggested this new release of details could be another attempt at advertising.
Discover how BidenCash gained access to 1.2 million credit card details in our October coverage.