Weekly Roundup: 2020 Year in Review

5 Mins Read

PUREVPNPureVPN UpdatesWeekly Roundup: 2020 Year in Review

The whole world will remember 2020 as the year of awareness, guilt, and a drumbeat of cyberattacks.  

Due to the pandemic, some experts are saying that digital transformation has jumped 10 years. The entire planet is using digital channels to communicate, shop, and work. This is a huge step in the grand scheme of globalization—with some strings attached, of course. 

Microsoft’s CEO, Satya Nadella, also shared his views on the digital quantum leap. 

So, in this weekly roundup, we won’t be sharing any new bone-shaking news about ransomware attacks or security breaches (though, as always, there were numerous ones in the last week). We will only discuss some of the biggest cyberattacks of 2020. 

SolarWinds Attack Compromises Servers

Starting off with the biggest shocker for the United States: Hackers stole information from 18,000 SolarWinds customers

The experts are saying that it was a nation-backed cyberattack, with fingers pointing to the nation of Russia as the orchestrator. These individuals used sophisticated tools and penetrated highly secure systems.

Hacking into a company that serves The Department of Homeland Security, government agencies, and business conglomerates is not easy. 

Surprisingly, this happened under the National Security Agency’s watch. This is an entity that keeps pushing the envelope when it comes to national security and online defense systems, constantly checking the security of their systems every now and then.

But this time, the US succumbed to a massive attack that has shaken the cybersecurity ecosystem. They keep blaming Russia and China for these major attacks. 

But is it really true?

Here is a simple loop to show you the real motive behind cyberattacks. You can see for yourself and understand how evil minds work and what triggers it to take such actions. 

Cognizant Loses Massive Shares after the Attack

 Earlier this year, cyberattackers breached Cognizant, a giant digital corporation in the United States, to take control of their billing systems and other internal networks without harming the customer support channels. Thankfully.  

The company acted quickly and shut down all compromised systems and communication streams after the attack. While this happened months ago, it’s said that Cognizant paid around $25 to $30 million in ransom. This  colors the perspective that ransomware attacks are very brutal. 

Big companies can’t compromise on their customer’s data or they will lose trust. 

This is how ransomware attackers target the pain points and fill their crypto wallets. They know the weak spots and hit them at the right time. Cognizant lost their money, reputation, and some high value customers. 

Garmin Experiences Global Outage

Speaking of customers, ransomware attackers targeted Garmin, which is a technology company that makes wearable devices. Garmin customers had to deal with connectivity issues and they can’t synchronize their data to the cloud. 

The company responded quickly and explained the customer’s data is safe. Ransomware attackers failed to access private information or payment details. The attackers used WastedLocker to carry out the attack and controlled Garmin servers. 

The attackers have no solid trace but guessing from the intensity of the attack, it can be Evil Corp, a notorious ransomware group operating from Russia. 

The FBI (Federal Bureau of Investigation) encourages companies to combat these threats rather than giving in and paying millions in ransom. But when it comes to customer data, companies like Garmin can’t take a chance.  

Zoombombing Records Private Meetings

In March 2020, every non-essential worker started working remotely and communicated via Zoom. This was a great opportunity for hackers to barge into private meetings and capitalize on Zoom’s weak security

Malicious actors also targeted and successfully penetrated up to 500,000 accounts and sold them on the Dark Web. 

Even our company was using Zoom until we found out that it was not safe. The platform sucks security-wise and no one knew that until the cyberattacks. This attack rung bells globally. Most companies cascaded down to various other communication channels like Skype or Slack. We won’t tell you what we use in this piece; you know, social engineering and all.

Hackers Breach Twitter

Despite many bullish stuff trending on Twitter every day, cyberattackers hacked the platform in the late summer to steal popular accounts and get money. According to news, cyberattacks hacked 130 Twitter accounts in July 2020 which include the likes of Barack Obama, Bill Gates, Kim Kardashian, Elon Musk, Joe Biden, Warren Buffet, and Jeff Bezos.  

After the attack, the threat actors used Bitcoin-related accounts to ask followers to donate and help the community. As wholesome as it sounds, this was actually a Bitcoin scam. This created chaos among millions of Twitter followers. 

There was no phishing attack according to reports, but experts said that hackers must have bribed Twitter employees.

Bitcoin shares experienced a spike at that time because of $500,000 transactions. Unsuspecting Twitter users believed the tweets and started sending donations via Bitcoin. No one knew about the news until it started trending on Twitter. 

The WHO was Under Attack Many Times

While the world’s best researchers were trying to make a COVID-19 vaccine, other threat actors were at play. Several malicious hackers were trying to penetrate official systems that were trying to save the world from, you know, a pandemic. 

The World Health Organization (WHO) was also an organization that caught fire and experienced a system breach.

Most of the attacks imposed upon the WHO since March were phishing attacks. Without adequate defenses, the WHO lost 400 employee credentials. This private data ended up in the hands of malicious 4chan hackers, some of whom used these credentials to get access to WHO portals. 

The WHO responded by abandoning many compromised systems and tightening their security systems. 

University of California Fends Off $1 Million in Ransom

The main target for ransomware attackers was medical organizations and their immense data. This is why the Netwalker ransomware campaign attacked UCSF’s School of Medicine and accessed encrypted data. 

The ransomware attackers initially demanded $3 million in ransom, but after negotiations, UCSF paid only $1 million. (That’s our estimate anyway.) 

What’s Next? 

  • Most companies will invest heavily in cybersecurity due to past events
  • Security services will be the name of the game in 2021
  • If you are working at a company that uses digital channels, then you might need a training session to understand and combat a phishing attack
  • The global market for cybersecurity software will skyrocket

We, The PureVengers, will also find out many ways to help you tackle these cybersecurity issues and dive into 2021 with some rock-solid resolutions. 

We hope the next year brings more happiness and peace in all of our lives. 

Let’s become digitally strong. 

Happy New Year. 

author

PureVPN

date

November 24, 2022

time

1 year ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.