Cyber Attacks Occurred!

This picture is not mine all right reserved to owner.

During the first 6 months of 2017, the number of network security crashes was too high. And they are not just irregularities of your standard enterprise. Only in July there were viruses, state sponsor ransomware, US intelligence agency spyware leaks, comprehensive ad hacker attacks. This is only the beginning.

The biggest network event in 2017 was reconsidered, reminiscent of how chaotic things are now, only half this year.

Shadow broker

A magical hacker organization called "shadow broker" first emerged in August 2016, claiming that it violated the NSA coalition spyware known as an equation. The shadow broker provided a sample of stolen NSA data and tried to auction larger data to track the leaks of Halloween and Black Friday in 2016.

But in April this year, the most influential release of the group. It includes so-called NSA tools, including Windows vulnerabilities called EternalBlue, where two high-profile transcript attacks.Although the identity of the shadow broker is not yet known, the group leaks resumed discussion on the use of erroneous information in commercial products to collect dangerous information. The agent keeps these defects on its own, rather than informing the company that the software corrects the vulnerability from the supplier to protect the customer. When these tools come out, there is the possibility of risking billions of software users.

Wanna Cry

On May 12th, it is called Wanna Cry's ransom series spread all over the world, destroying hundreds of thousands of targets including utilities and large companies. It is worth to temporarily use the trans transformer products Zaza Zaha Ho Hoza The Zaza, the Zaza,

Although it is powerful, there are many flaws, including security experts, in Ransomuware, and effectively use it as a killer mechanism to prevent malware from being spread while keeping malware inactive. U.S. officials subsequently entered into a "medium confidence" intended to increase revenue when the ransom was a North Korean government project and the disaster broke. In total, WannaCry becomes nearly 52 bits of the bit currency (approximately $ 130,000) deducting such a virus transcript.

The influence of WannaCry comes from the vulnerability EternalBlue of a leaked Shadow Brokers Windows. Microsoft released the wrong MS17-010 patch in March but many organizations are not applying it and are vulnerable to WannaCry infection.

Petya/NotPetya/Nyetya/Goldeneye

Shadow broker Some use of Windows, another wave of ransomware infection system using global hit target. Malware named Petya, NotPetya and others are more sophisticated than WannaCry, but there are still some flaws such as inefficient and inefficient payment systems.

Russian oil giant Rosnov researchers have infected many domestic networks like the US pharmaceutical company Merck like the Danish shipping company Maersk, but transactual ware actually shadows the target attack against Ukraine I believe it is dropping. In particular, ransomware hurt the infrastructure of Ukraine, confusing utilities such as utilities, airports, public transportation, central banking.

WikiLeaks CIA Vault 7

WikiLeaks On 7th March, a database containing 8,761 files that were stolen from the CIA was released. This file contained many documents suspected of spy and hacking tools. Revelation includes iOS and Android vulnerabilities, Windows errors, the ability to convert certain smart TVs to listening devices.

WikiLeaks is called Dump "Vault 7", and it is smaller in the first version frequently and less. These revelations have detailed tools such as tracking the location of the device using Wi-Fi signals and controlling the underlying layer code to coordinate the hardware and software to continuously monitor the Mac .

According to WikiLeaks, Vault 7 includes "malware, viruses, trojans, weapons zero day attacks, malware remote control systems, and related documentation.The actual percentage disclosed in the CIA toolbox In fact If the tool is legitimate, experts believe that they have big problems with CIA in both public opinion and operational capability, and Vault 7 like shadow broker is a digital spy tool Hot debate about issues and risks faced by government development.

Cloudflare

In February, the Internet infrastructure company Cloudflare announced a bug to its platform that caused random vulnerabilities to potentially sensitive customer data. Because Cloudflare provides performance and security services to about 6 million customer sites including mass customers such as Fitbit and OKCupid, these vulnerabilities rarely occur, but they are extracted from a large amount of information It is just a part of the data

Google's vulnerability researcher Tavis Ormandy discovered this problem on February 17th and Cloudflare corrected the mistake in a couple of hours, but data leakage was initiated as early as September 22, 2016. Leaked data is stored on a small portion of Cloudflare's customer site, and is usually not displayed on the page itself. However, search engines like Google and Bing automatically cache incorrect data when crawling the network. This means that the user's Uber account's password, Cloudflare's own internal encryption key, etc. are automatically cached.

Cloud flares are used by search engines before and after an announcement and delete leaked data from the cache. Experts point out that hackers are unlikely to use malicious data. However, when exposed to sensitive data, important risk events occur to remind the massive Internet infrastructure and to optimize services such as Cloudflare's quantity. With one of these services you can make the site more powerful and secure. But the trade-off is a single point of failure. Errors or destructive attacks that affect companies such as Cloudflare can affect the majority of the network and potentially be at risk.