COUNTING THE COST OF CYBER-ATTACKS ON HALLOWEEN AND BONFIRE NIGHT 2021
Make sure the Evil Hacker doesn’t attack your business this Halloween and make sure you’re not the guy whose old firewall fails to protect you on Bon(-voyage) fire(wall) Night. Read our blog on past cyber-attacks and cyber-crime and see why you need SASE to protect your network and business every single day.
We’ve earned something of a fearsome reputation for our Halloween blogs – some businesses are truly terrified of being exposed by our annual horror storytelling. But this year, however, the SD-WAN Wannabes can breathe easy, as our much-feared Halloween Howler is all about real world stories: 2021’s terrifying corporate cyber-attacks. But as horror is not just for Halloween, we’ve combined this year’s Halloween blog with the burning blackness of bonfire night. So, Remember Remember….. the moral to this terrible tale of technology gone bad and network nastiness is about how the many and the mighty fell victim to the evils of cyber-crime and cyber-attacks in 2021, and how we can help YOU avoid the cyber-attackers in the 2022.
So, which company fell victim to a malevolent maelstrom of malicious malware? Who’s home has more worms than your local graveyard? Who succumbed to the Ping of Death and who opened the ransomware-infested email that was as thinly veiled as Dracula’s Bride on her wedding night? Read on to identify the organisations that really should know better when it comes to the all tricks and no treats world of cyber-attackers and more importantly, how YOU can beat them.
It was a dark and stormy night and Count Thecostof Hack was all alone in Downtime Abbey, the darkly foreboding Blackout Valley between him and the town below, a naively complacent town called Businessville. Count Hack was banished from Businessville many years ago, when Generation 2 townspeople built a then strong wall all around the town’s edge to keep him out. They called it ‘Fire Wall’.
From his vantage point Count Hack could now see all the weak points in the Businessville’ s fire wall. The wall was old, it had been built many years before to keep past generations of Hack’s out and cracks had long been appearing in it. None of the townspeople were sure whose job it was to mend the cracks, and no one had bothered to see just what new magic the Count had added to his arsenal that might breach the wall. In fact, the Count had called an international meeting of his Cyber Cabal and together this conniving coven had created an entirely new threat level of next generation network nightmares to make the inhabitants of Businessville scream into the darkness.
First, Count Hack sent in his savage Solar Wind…
Count Hack first set about bringing down the town elders and holding the wealthiest tradesmen to ransom in one devious and calculating spell. Count Hack set his cauldron to boil, stirring up a foul and vile mix he called Solar Wind. This wind was so cutting, so biting, so virus-ridden and malicious it left everyone with a terrible hacking cough that debilitated the stricken for days, reducing incomes and earnings and leaving them vulnerable to many other nasty infections. This insidious plague did the rounds for over SIX sickening months, gathering sensitive data, holding companies and organisations to ransom and taking down as many operations as it could, doing untold damage to business and reputations as it passed through the very fabric of Businessville and nations beyond.
Now, there is some debate as to just how far east this Solar Wind had travelled– is it just from the east or from the very far east? Is it a single wind or many storms that will batter Businessville? It’s not clear, but what is known is that Count Hack has a coven of hundreds of thousands of dark, yet clever young things who, right now, are all working away on his next dastardly spell. What still isn’t understood is, after learning a highly embarrassing and expensive lesson, why many of those hit – such as government organizations from defence to healthcare and high-powered individuals to many fortune 500 companies – have still not upgraded their threat protection to generation 5 levels.
The softly softly stalking of the Evil Axeman of Hackers Hill and his magic word “HAFNIUM!”
The Evil Axeman of Hackers Hill was next to be unleashed on the unsuspecting inhabitants of Businessville. Stealthily and softly he stalked about adding vulnerabilities into every backdoor in the town by hexing these vulnerable entry points with his magic word “HAFNIUM!”, then sneaking in when they least expected it to pillage-a-plenty their data and finances. Dubbed the ‘rat-king of hackers’ this hacking axeman fears no one and the bigger the target the better, he alone set in motion a global pandemic of cyber-attacks. By the time he had finished his dastardly work in and around Businessville and far far beyond, there were as many as 60,000 victims.
Again, there has been much speculation on the Axeman’s origins, suspecting he hails from the far east, but what is not in doubt is his sheer audacity to take on the biggest boys by exploiting security flaws in Microsoft Exchange, via discovering vulnerable servers and implanting backdoors this hacker allowed as many as a dozen other cybercrime groups to join in the pillage. But he’s merciless – not just the biggest have to fear – nothing and no-one is safe, not even your innocent looking vending machine, your IoT fridge or the thermometer in your office fish tank – with 83million targets, the Axeman and his growing zombie army have plenty to feast on.
Even Businessville’ s VPN Fort was no safe haven….
Businessville’ s wall has many forts placed along it, perceived places of safety, yet the evil Count Hack even managed to compromise these specialist secure areas, and then apply what he had learned in Businessville and roll that out across 74 different countries worldwide!
In a spurt of generosity, Count Hack initially leaked online access credentials for 87,000 Fortinet VPN devices that were compromised using a vulnerability identified and patched two years ago. Then 500,000 more credentials for FortiGate SSL-VPN devices were leaked essentially providing anyone on the dark web access to devices at organizations around the world. And this after a patch was released to stop the vulnerability but just hadn’t been taken up – because as the folk from Businessville thought – “we’ve got our Gen2 firewall, we’re safe!” Sadly a Gen2 FW is no match for Gen 5/6 attacks
When the Meta giant of social had their faces in a book, an explosion of data breaches left their loyal subjects exposed.
The people of Businessville are a sociable bunch…. maybe even a little narcissistic. They like to take photos of everything they do, what they eat for breakfast, what their pets get up to; every detail of their daily lives and share it on the town’s many noticeboards. These noticeboards are looked after by the town’s giants, social creatures who are trusted to guard their unpaying user accounts on pain of death. But Count Hack and his Cyber Crew know the Giants have a weak-spot – they are regularly caught off guard and whilst the giants evolve and consume and grow, the town’s noticeboards are open to abuse.
What has amazed the people of Businessville and even the Count and his Cyber cabal is the frequency with which these overly confident Giants take their eye off the ball. When given the huge quantities of data they have in their enormous hands they really should be much more on their guard and always looking at cutting edge ways to keep the Count’s Cabal at bay.
You may think our little Halloween story is just a bit of fun, but it has a most serious point – it’s all about the Count! If you can count the times your network has suffered a cyber-attack on more than the one remaining finger of a rotting zombie’s hand you need to talk to SDWAN Solutions about your security and network needs. There is no need to risk your operations being out for the count, leaving you to count the cost of cyber-crime. Instead, count on us and our SASE solutions from world-class vendors tailored to suit your needs.
So, if you’re a Network Manager, a CTO or a CISO don’t be the guy who gets royally burned by cyber-crime and don’t risk your reputation going up in smoke. Be a bright spark not a pumpkin head and talk to us – we’ll put a rocket up the proverbial of the cyber-criminals and their whole bag of nasty tricks, treating you to the very best network security on the planet. Find out more about the risks you face and how we can design or consolidate your current security solutions for you.