The year 2021 technically marks the beginning of the 2020s, which means it’s time to look back. Here at Clarity Sec, we spent the last ten years in the front lines, protecting against the world’s top cyber threats as they emerged. Over the last decade, we’ve seen the emergence of several ominous new trends, such as the first attacks to hit physical infrastructure, the rise of state-sponsored criminal hacking groups, the emergence of ransomware, and the continually-eclipsed title of the Largest Cyberattack in History.
So much happened in the last ten years that it’s hard to imagine it all put together. Here are the highlights—a collection of incidents from the past that will help inform the way that we can defend the future.
2010—Hackers Reach Out and Touch the Real World
Although Stuxnet had been around since at least 2005, 2010 was the first year that it was made public. It was also the first time that attackers revealed they had the power to damage or destroy physical infrastructure. By secretly distributing malicious USB drives to scientists and workers at Iran’s Natanz nuclear research facility, attackers were able to breach the air gap—infecting logic controllers that were never connected to the public internet. By doing this, the attackers were able to damage and destroy centrifuges that were being used to enrich uranium.
Attacking a physical plant using malware is no mean feat. It wasn’t replicated again (as far as we know) until 2015, when Russian attackers were able to attack and destroy part of the Ukrainian power grid. Since then, these attacks have been picking up speed—2021 has already seen two such attacks, first in the form of the Colonial Pipeline hack, and then recently in the form of an attack on JBS
2014—Rogue Nation States Flex Their Cyber Muscle
Most countries have included cybersecurity amidst their intelligence agencies since the 1980s, but rogue nations began to gain parity with developed countries during the 2010s. This was dramatically proven during the 2014 Sony Pictures hack, in which North Korean hackers breached the entertainment company and leaked sensitive internal documents, including a number of unreleased films.
Although it’s funny to imagine a bunch of North Koreans getting so angry at a movie studio that they decided to vandalize it over the internet, subsequent nation-state attacks haven’t been funny at all. Russian, Chinese, and North Korean cyberattacks have repeatedly struck major centers of government and industry, most recently in the form of the 2020 SolarWinds breach which affected victims ranging from US government agencies to companies like Intel and Microsoft.
2015—The Rise of Ransomware
Ransomware has been around in one form or another since the 1980s, but it hit its stride in 2015. Whereas approximately 200,000 ransomware strains were known to be active in 2012, over 700,000 strains were known to be active by the middle of the decade.
Ransomware is an enormous problem, and it’s getting worse. Attacks rose 21% in the first quarter of 2021, and 7% in April 2021 alone. Increasingly hackers are using malware that both steals and encrypts data—attackers can extort money for decryption, and then extort even more money by threatening to release or sell their stolen information. Because of this, 51% of victims will pay a ransom in the event of a cyberattack.
2016—Attackers Get Political
Was the 2016 election really five years ago? Although nation-state accounts had been extremely successful prior to 2016, this was the year that these attackers moved from stealing information to spreading mis-information. In addition to hacking the Democratic National Committee (DNC), Russian attackers also deliberately attempted to influence the 2016 election by using social media to inflame voters using lies and fake news.
Although 2016 was a first, it definitely wasn’t the last time that nation state attackers attempted to get involved in US politics. Groups from Russia and other states attempted to influence the outcome of the 2020 election, and they’ll most likely be back in 2022, 2024, and so on.
The 2017 Equifax data breach wasn’t the largest data breach in history (that would be the 2014 Yahoo breach, which comprised detailed information from an estimated 3 billion accounts) but it may be among the most damaging. The cyberattack was able to uncover the name, birthdays, addresses, and social security number’s of nearly 150 million customers, meaning that any attacker who has this information would be able to conduct widespread identity fraud. What’s worse, this information remains a ticking time bomb—four years after the fact, it’s yet to be used or sold.
2021 has already seen one historic cyberattack in the form of the Colonial Gas pipeline cyberattack, and the year is less than halfway through as of this writing. Hopefully, a trend towards increased attacks against infrastructure isn’t truly in the cards for the next decade, but if it is—hang on. Attacks against infrastructure can generate huge downstream information security problems for other industries, making them more reliant on backups and disaster recovery, and thus even more susceptible to cyberattacks that can target these data stores and hold them for ransom.
Here at Clarity Sec, we try to see the future of information security with the precision that our namesake suggests. Whether this includes an increase in infrastructure attacks, a new form of ransomware, or a proliferation of nation-state attackers, we’ll try to get ahead of the trend and help our customers prepare for it with their eyes open. Learn how partnering with Clarity Sec can help you defend yourself against a more hostile future for information security—contact us today!