Stay updated with the latest cybersecurity news.

2020’s most notorious cyber attacks: SolarWinds and more

By Reason Cybersecurity

on Wed Jan 20 2021

What do SolarWinds, Garmin, and Shirbit all have in common? They’re all members of the ‘Most Notorious Cyber Attacks of 2020” club. Unfortunately, it’s not a very exclusive club; many businesses belong to this club and all of them were victims of catastrophic cyber attacks. Here’s a look at some of the most notorious cyber attacks of 2020.

The SolarWinds supply chain hack

The cyber attack on SolarWinds has the dubious honor of being not just one of the worst attacks of 2020, but one of the worst of the last decade. On December 13, a wave of  US government agencies, as well as several corporate and international organizations, began reporting that they’d been victims of a massive cyber attack caused by a hack on SolarWinds, the company that provides corporate-level IT management solutions to U.S. federal agencies. While the full scale and damage of the attack have yet to be unpacked, we already know that the threat it poses is enormous.

GPS vulnerabilities exposed 

The GPS and fitness giant, Garmin, is another high-profile cyber attack of 2020. Garmin was hit with WastedLocker ransomware, which encrypted the company’s internal systems and shut down its critical services including Garmin Connect and flyGarmin as well as the company’s email systems and customer call centers, essentially crippling operations. 

The Shirbit ransomware attack 

Next up in notoriety, is the ransomware attack on Shirbit, an Israeli insurance provider that serves many Israeli government employees. The attackers managed to breach Shirbit and acquire the company’s private records, threatening to publicly release those records unless a ransom fee was paid. The attack on Shirbit constitutes an attack on the country’s national security as many of the stolen records contained personal information about top Israeli government officials.

Death by ransomware

Far worse than monetary loss, was the death of a woman caused by a ransomware attack on a university hospital in Dusseldorf, Germany. The hospital had to turn away a patient suffering from a life-threatening illness after it was unable to access its systems, which had been knocked out by the attack. The patient was forced to seek services at a distant hospital which delayed her treatment and sadly resulted in her death. 

Twitter vulnerability exposed

And let’s not forget the cyber attack on Twitter where hackers took over the Twitter accounts of dozens of high profile celebrities, entrepreneurs, and politicians in addition to the Twitter accounts of several cryptocurrency companies. While the $118,000 in bitcoin that the hackers managed to steal was not significant monetarily, what is significant is that the attack exposed Twitter’s vulnerability and showed how easily hackers were able to compromise its network and take over user accounts.

An assault on Westech International’s missile supply chain 

Perhaps most frightening of all, however, was the MAZE ransomware attack on Westech International, which provides support for the Minuteman III ICBM, an important component of the US nuclear deterrent arsenal. Westech is also a subcontractor of global aerospace, defense, and security company, Northrop-Grumman, whose main client is the US government. It doesn’t take much imagination to understand the severe implications of this attack.

Lessons learned

2020’s cyber attacks constitute not just a wakeup call to businesses to prioritize their cybersecurity, but also an opportunity for lessons learned. For example, we’ve learned that supply chain vulnerabilities are at a far greater risk of attack and can result in far more damage than we previously thought. We’ve also learned that businesses should just assume they’ll be attacked. It’s not a question of if, it’s when. Therefore, they must prepare themselves for this eventuality by implementing robust cybersecurity and continuity plans. 

In addition, we know that ransomware attacks are growing in sophistication and that a preferred method of delivery for ransomware is phishing. Consequently, organizations must provide cybersecurity training to their employees and actively foster a cybersecurity mindset. Furthermore, even with well-trained employees, businesses shouldn’t give employees access to controls, data, or tools unless they fall within the scope of the employee’s job.  Finally, we’ve learned that businesses urgently need to secure their systems and end-user devices with powerful endpoint security. 

What we’ve known all along

The lessons we’ve learned from 2020  should help us refocus on something we’ve known all along: businesses are not powerless to protect themselves. They just need to up their cybersecurity game. With training, managed employee access, and vigorous endpoint security, cyber attacks can be prevented and businesses can be protected.