Worst Cyberattacks of 2020
March 22, 2021The COVID-19 pandemic may have shut down a number of industries and sent Americans into quarantine, but there is one thing it didn’t change: the prevalence of cyberattacks. Wired took a look at 2020 and summarized some of the worst attacks impacting business across the globe.
FireEye and SolarWinds – The Protectors Were Unprotected
The first attack highlighted occurred near the end of the year, but had a massive impact. FireEye, a cybersecurity firm, shared that the company itself suffered a breach. Russian hackers found their way into the company’s systems stealing internal threat intelligence data and tools the company uses to identify other organization’s weaknesses.
In addition to the FireEye breach, SolarWinds, another IT firm’s, Orion platform was also breached.
“The hackers, who have widely been reported as Russian, were on a rampage that was largely made possible by what’s known as a supply chain attack,” writes Wired writer Lily Hay Newman. “In other words, all of the attacks were made possible by one initial compromise, in this case at the IT infrastructure firm SolarWinds.”
The hackers are suspected to have breached SolarWinds as far back as October 2019, causing concerns about the security of systems at government agencies such as the Treasury, Homeland Security, and Energy Departments.
Hospital Hacking May Have Resulted in Patient Death
Health care providers are often targets of cyberattacks – particularly ransomware attacks, since patient information is vital to offering patient care. Heinrich Heine University in Düsseldorf was subject to a ransomware attack in September, leading to dire consequences.
The attack impacted 30 servers at the hospital, resulting in the hospital being unable to operate normally. As a result, a woman was routed to a different hospital, delaying her treatment by an hour and potentially resulting in her death.
It is suspected that the attack was actually geared toward the university, not the hospital.
“Düsseldorf police eventually communicated with the attackers and told them that the attack had hit a hospital treating emergency patients, not the university,” reported Dan Goodin for Wired. “The attackers reportedly withdrew the extortion demand and provided a decryption key to unlock the servers.” The police are no longer able to reach the attackers.
Though causality can be difficult to prove, it is believed that this is the first case of a ransomware attack directly leading to a death.
Internet-of-Things Devices at Risk
Garmin, which is usually associated with fitness trackers, also supplies apps and hardware in planes. So when Garmin was subject to a ransomware attack in July, much more than exercise routes were impacted. Garmin Connect, the company’s cloud platform was taken down, resulting in days-long outages for Garmin apps and hardware used in planes, such as flight-planning tools.
“The incident underscored how exposed internet-of-things devices are to systemic failures,” shared Newman. “It's bad enough if your GPS-equipped, activity-tracking watch stops working. When you have to ground planes over instrument issues caused by a ransomware attack, it's very clear how tenuous these interconnections can be.”
Read the full Wired article for more information on the worst hacks of 2020.
Want to learn about cybersecurity? Capitol Tech offers bachelor’s, master’s and doctorate degrees in cyber and information security. Many courses are available both on campus and online. To learn more about Capitol Tech’s degree programs, contact admissions@captechu.edu.