Now we are well on our way into the new year, we can have a proper look back at the last 12 months and what it means for 2019.
How can we start talking about data and 2018 without mentioning everyone’s favourite regulation – GDPR?
Despite all of the news around GDPR, many businesses made the mistake of putting any changes off until the last moment, ensuring a mad scramble for everyone to become “compliant”. Months after the new rules came into place as the dust began to settle, everyone realised that they are still getting too many marketing emails, leaving some regretting that they deleted their mailing list! Most of the major breaches that have surfaced since GDPR, actually took place before May 2018 so they are not in the firing line. I think that 2019 will be the year that we start to see some major fines coming into play.
Corporate Data Theft
WOW, what a good year it was for hackers stealing corporate data.
2018 was another year of significant data breaches, the year ending with two huge breaches in the form of Marriott hotels and knowledge sharing platform Quora. Both of these significant breaches involved stolen credentials and hundreds of millions of stolen customer details. We were also kindly provided with the news that Cathay Pacific had suffered a significant data breach. Unfortunately, they waited at least 6 months after finding the breach to tell us, therefore giving bad actors 6 months to potentially abuse the stolen credentials.
Everyone thought that 2018 would see the decline of ransomware after such profound attacks like WannaCry that hit the NHS and 150,000 companies and Petya.
Unfortunately, cybercriminals didn’t agree. In 2018 we saw the resurgence on Locky, the emergence of Grandcrab and the old school SamSam malware. With this variety of attack types, 2018 has been a busier year for security professionals around the world. A continued upward trend of ransomware attacks will likely mean 2019 is even more active.
Finally, we will look at cryptocurrencies and how despite their undeniable strength in security, there was over $1 billion of crypto stolen in hacks and scams in 2018, yes over $1 Billion!!!
With many attacks now exploiting the “human element,” such as the Coin Hoarder phishing scheme stealing over $50 million, it shows that crypto firms, exchanges, and users need to be educated on the risks that their industry poses. Where there is money to be made there is definitely money to be lost!
What was your most memorable moment from 2018?
That’s it for our 2018 review, if you enjoyed the content please give it a like or a share and follow our page Phishing Forensics. If you agree or disagree with any thing I have said, or if you have something to add, then please tell me in the comments!