The whole world has been going through a giant problem in terms of digital security, cybercriminals in many cases are one step ahead of people and companies and every day they invent new ways to steal information, money and data.
Malwares, viruses, hackers, identity theft, phishing, fake news and many other incidents are our daily bread and if we don’t do something to protect ourselves, we will always be at the mercy of hackers.
1. 10 worst cybersecurity incidents in 2021
2. Encrypted, an effective solution to protect your data and communications
10 worst cybersecurity incidents in 2021
Today, we want to show you the 10 worst cybersecurity incidents that affected 2021 and continue to affect 2022. Be aware of them and start protecting yourself and your company.
1. Ransomware: Ransomware continues to lead as the number one digital threat worldwide. The number of victims in 2021 reached unimaginable figures and for this year they continue to grow
One of the largest attacks was the one that affected the Kaseya company, which paralyzed nearly 200 companies in the United States and other parts of the world. The main suspect in this attack was the Russian group REvil.
Another of the most remembered incidents was the one that affected the Colonial Pipeline, the largest refined fuel infrastructure in the United States that covers a length of 8,550 kilometers. The pipeline had to be temporarily stopped due to this incident which is considered one of the worst in history against vital US infrastructure.
2. SolarWinds : This attack was well known due to its great coordination to be perpetrated. It was a master plan hiding malicious code in legitimate software updates, just like you hear, becoming one of the biggest breaches of 2021
Even the former CEO of SolarWinds, Kevin Thompson, was forced to testify at a National Security hearing in the United States, where it was investigated how his company was not able to discover that they were intervened and how they were not able to discover the malicious code that affected more than 18,000 customers.
3. Pegasus from NSO Group: Pegasus was an espionage project masked under a security premise by the company NSO, which mainly affected journalists, organizations, dissidents, politicians, among other sectors, violating rights such as privacy. This spyware was created by the Israeli company NSO Group supposedly as a government security project against terrorism and crime, however, they caused a lot of havoc on the internet with people and companies that had nothing to do with terrorism and crime.
4. Apache Log4j: Also known as “Log4Shell” or “LogJam”. The problem that generates this vulnerability can potentially affect different companies and services such as the Apple iCloud or Steam clouds. As well as the construction video game Minecraft and other platforms that use the Java programming language.
Right now, Log4j is present on millions of Internet servers that now need to be quickly patched to avoid attacks by cybercriminals who can easily install malware by taking advantage of Log4Shell.
The bug was rated a maximum score of 10 out of 10 on the CVSS rating system, indicating the sheer severity of the problem.
5. PrintNightmare: From time zero, PrintNightmare was considered a critical vulnerability as it allowed remote code execution. As its name indicates, the vulnerability came in one of the software for installing printers and since then, Microsoft has been working to solve this problem.
What makes it so dangerous is that by installing the printer with its driver, the driver can contain any malicious function, so a cybercriminal could gain access to the system and even take full control of the computer.
6. TPM chips: This discovery is the result of an investigation carried out and made public by Dolos Group, and whose authors gained full access to the hard drive of a laptop preconfigured to offer access to a corporate network through a secure VPN connection. This type of pre-configuration is very common in companies that deliver this equipment to their workers so that they can telecommute safely.
With the most common configuration, starting the system starts Windows directly, without a previous step in which it is necessary to enter a password. A single key, stored on the chip, with which the system is unlocked.
We are talking, therefore, of a security problem that is not easy to exploit, but that exists, that can be reproduced and that shows that even having a TPM chip does not guarantee complete security.
7. DeepFakes: Ever since they emerged as a simple game, they always had the potential to become what they are today, a major cybersecurity threat. And that can be used to manipulate, interfere and even impersonate organizations and people.
In fact, nowadays on the deep web you can find documents and tutorials to learn how to falsify any type of news and be able to scam people.
8. FinFisher: Also known as FinSpy or Wingbird, this is commercial software developed by Gamma Group purportedly for electronic surveillance and only distributed to government agencies. However, it has been used as a spy and has been found in different malicious campaigns. It was recently found that it is capable of infecting Windows devices.
9. Passwords: 123456 continues to be the most used password in the world during 2021 and part of 2022. This is a sign of the little culture and hygiene in terms of cybersecurity that we have. Despite education campaigns and many trainings on digital security, millions of people continue to use passwords that are too easy to crack, putting personal data and privacy at risk.
10. Disinformation: Disinformation is another great threat of the digital world, there are few people who are trained, investigate and question what they read or see on social networks or the internet, that makes it easy for cybercriminals or malicious third parties to manipulate or misrepresent information to reach a specific purpose, steal data, information and money. It is necessary for people to use common sense and not take all the information they find as true. It is in our hands to combat cybercrime and protect our privacy.
Encrypted, an effective solution to protect your data and communications
In Encrypted you will find the best solutions to protect your data and communications. From encrypted applications that will help protect your chats, calls and messages to encrypted cell phones that will military shield all the information of your team and company. You cannot be hacked, intervened or located.
You will also be able to find products such as the Encrypted Sim Card that will give you connectivity in more than 200 countries and a layer of security to any mobile device.
Don’t risk your personal data and communications anymore. Start protecting yourself with the best. At Encryptados we have the perfect option for you.