From DDoS Attacks To Malware Strains: Top 5 Breaches Of 2018

First Half Of 2018 Sees Numerous Cyber-Attacks



Dan Gunderman
07/05/2018

Thus far in 2018, cyber security has dominated headlines and boardroom discussions.

That is, as enterprises deepen their digital transformation efforts, they are witnessing the sheer power of cyber security, or lack thereof. Security teams are arming themselves for a lengthy campaign against the world’s black hats.

While clandestine cyber activity has long mystified readers, consumers, end users and the security community, it has only intensified in recent years.

Oftentimes, a verified breach is a useful way for CISOs to glimpse the latest threat vectors or vulnerabilities. Similarly, they become informative tools for senior executives to grasp the expansiveness of the space.

See Related: Top 5 Articles Of Q2 Touch Cloud Adoption, AI & Insider Threats

In that spirit, we reviewed five of the most stirring, and cautionary, breaches of 2018. Click on each headline to read the full story.

Incident Of The Week: DDoS Attack Hits 3 Banks Simultaneously
In this February 2018 edition of “Incident of the Week,” we examined a string of apparent distributed denial of service (DDoS) attacks that struck Dutch banks, along with the nation’s tax office.

Media Site Targeted In DDoS Attack, Method On The Rise
This February 2018 “IOTW” revolved around a suspected distributed denial-of-service (DDoS) attack that struck a leading press release wire, along with a general surge in DDoS attacks.

Hackers Target U.S. Gas Pipelines
Just a few months later, in April 2018, we covered a cyber-attack on a shared data network which led natural gas pipeline operators to shut down their digital communications.

RAT Malware Strains Believed To Be N. Korean
In another “IOTW” from earlier this year, the Cyber Security Hub covered the dangers of two Trojan malware packages believed to be the work of Hidden Cobra, aka the Lazarus Group, which is pegged to the North Korean government.

Server Configuration Error Exposes 33K Healthcare Records
A misconfigured server within a healthcare organization led to the potential exposure of personally identifiable information (PII) and protected health information (PHI). This security incident unfolded in March 2018.

Honorable Mentions

U.K. Telecom Retail Breach Exposes 5.9M Records
Just last month, a data breach was announced at Dixons Carphone, a British electronics company. The event in question allegedly involved 5.9 million payment cards and 1.2 million personal data records.

FBI Attempts To Dissolve Botnet Wielding 500K Routers
Here, we examined a botnet that may have been set to target Ukraine. The U.S. government worked to regain control of 500,000 infected routers. Adversaries were believed to be connected to a Russian hacking group. The quest to seize the botnet took place in late May 2018.

The connective tissue between some of the top breaches is, perhaps surprisingly, the DDoS method. While not always the most profitable cyber-attack, DDoS is a sure way for criminals to disrupt service and take major companies offline. While under the spell of a DDoS attack, organizations are essentially rendered lifeless. Other top incidents were also industry-specific (critical infrastructure and healthcare), highlighting concerted efforts to sabotage specific services. Altogether, the space continues to witness numerous breaches – some public, some yet to be discovered.

Be sure to keep tabs on the Cyber Security Hub for its continued “Incident of the Week” coverage!

Check Out: 3 Tips To Thwart Insider Attacks: An Essential Guide For Summer Travels