Top 5 cyberattacks this year
2020 was a turbulent year, and a few cybersecurity-related reports fell through the net with the coronavirus hogging the headlines.
Cybercriminals did not escape the COVID-19 pandemic across all industries, ransomware is on the increase. Sophos estimates that a ransomware attack hit half of all the companies it surveyed and 48 percent of financial services firms reported being attacked.
We would definitely see more of these reports going forward as fraudsters become more sophisticated. But for now, here are the five biggest stories we’ve written about cybersecurity in 2020.
5. Key banks in Greece cancelled 15,000 cards after tour operator hack
Once a tourism services site was hacked, Alpha Bank, Piraeus Bank, Eurobank and the National Bank of Greece had to recall 15,000 credit and debit cards.
A joint statement was released by the banks acknowledging that ‘a few dozen’ clients had been charged with transactions they never made. All the lenders agreed to eventually cancel all 15,000 cards and replace them.
The tourist portal was suspected that its Payment Card Industry Data Protection Standards (PCI DSS) compliance was not up to code.
4. Although workers steal the master key, Postbank replaces 12m cards
After a group of its workers printed and then stole its master key, Postbank, the banking division of the South African Post Office, had to replace more than 12 million of its customers’ cards.
A 36-digit code, the master key, allows the holder to decrypt the operations of the bank, change the systems of the bank, and create customer card codes.
Between March and December 2019, Rogue workers used the key to access accounts and to make more than 25,000 fraudulent transactions.
3. Data disclosure from FCA
Since clients of the failed savings firm London Capital & Finance (LCF) were sent messages by scammers, the Financial Conduct Authority (FCA) committed to a cyber attack.
The names, addresses and phone numbers of LCF customers were mistakenly published on the FCA’s website. The FCA gathered the information during a lawsuit proceeding against LCF.
The news came at a bad time for Andrew Bailey, the ex-FCA leader, whose appointment as governor of the Bank of England was challenged by activists and MPs.
2. Corporate network of Diebold Nixdorf struck by cyberattack
Before a ransomware attack in May, Diebold Nixdorf, which controls about 35 percent of the global ATM market, owned it.
It claimed in a statement that the attack, which broke into its corporate operations, was unaffected by its client networks.
ProLock operates by appending to the end of all the files it encrypts its own executable file, often adding it several times to increase the layers of obfuscation.
The average price demanded by the attackers at the beginning of April was about 60 BTC, or $570,000.
1. Upon New Year’s Eve cyber-attack Travelex quarantines website
There was a bad start to 2020 for Travelex. Attacked at the turn of the year by ransomware, the company initially declined to accept that it was compromised.
The exchange company first announced the hack as “planned maintenance” a few days later before coming clean.
It prompted many UK banks to shut down their currency exchange operations by halting their travel cash services.
A group referred to as REvil operated the Sodinokibi ransomware used in the attack.
Initially, the gang demanded a ransom of $3 million to unlock what they claimed were Travelex customers’ encrypted personal files.
They then increased the amount to $6 million after having received no response.
It took a month for Travelex to get its money transfer systems back up, but for some time afterwards, its main website remained down.
After issuing £ 81 million in anonymous cheques, Travelex’s owner, Finablr, was also heading for insolvency.
