Looking back is not generally the iStart way – we think the exciting stuff is always just around the corner – but we decided, given exceptional circumstances, to take a look back at the year of cyber-security disasters that was 2017.
And what a bloodbath it was. Here are the low lights:
Using leaked NSA tools, the WannaCry ransomware epidemic swept the globe in May, targeting businesses running old Microsoft Windows and infecting more than 300,000 machines. Hackers only demanded between US$300-US$600 in bitcoin from victims, but still the cost was high, some estimates hitting the US$53b mark. North Korea was linked to the attack, but there are also claims that the whole thing is a little more complicated than that.
June saw the NotPetya virus hit Ukrainian business. Quickly spreading globally, major companies – including FedEx and Maersk were hit – with the former claiming US$300 million in losses linked to the attack. The initial point of entry for the hack was ultimately identified as a compromised tax software.
Equifax, one of the largest credit bureaus in the world was breached in July, exposing the sensitive personal details – including social security numbers – of 145 million people. It’s considered one of the worst cyber security breaches of all time, with Equifax CEO Richard Smith stepping down after the embarrassment, saying that the blame for the failure rested on the shoulders of a single, as yet unnamed, employee.
Uber continued its march of shame with the revelation that its 2016 hacking scandal was even more scandalous than first thought. In November it was revealed that after key information of 57 million users drivers and users was compromised by hackers, Uber conspired to keep the breach secret from regulators, instead opting to put out the fire with gasoline and pay the hackers US$100,000 for the silence. Now some Uber executives are facing the spectre of jail time for their involvement as the company continues to struggle – probably in vain – to restore its shattered reputation.
And one final, dishonorable mention: In October we found out that every single one of Yahoo’s three billion accounts had been hacked all the way back in 2013, three times the amount reported earlier.
Simply put, 2017 was a horrorshow for security, and these breaches – plus the many like them – didn’t come cheap. According to Norton, almost a billion people worldwide were affected in some way by identity theft, credit card fraud, password theft or some other kind of cyber crime in 2017, with an average of US$142 lost per victim.
The most common incident reported was having a device infected by a virus or other security threat (53 percent). Next most common was debit or credit card fraud (38 percent), having an account password compromised (34 percent), the hacking of an email or social account (34 percent), making a purchase online that turned out to be a scam (33 percent), and clicking on a fraudulent email or providing personal or financial information in response to a fraudulent email (32 percent).
And from a productivity perspective it all adds up. The average cybercrime victim spent nearly 24 hours (23.6 hours) globally (or almost three full work days) dealing with the aftermath.
But enough looking back. What’s coming next?
Brace yourself, because according to the experts, cybercrime will be costing the world US$6 trillion annually by 2021, with global spending to exceed $1 trillion from 2017 to 2021.
For an eye opening insight into the frighteningly insecure year that was, read Symantec’s 2017: Norton Cyber Security Insights Report Global Results