Editor’s take -- cybersecurity: Major breaches, new attack methods and new approaches for cyberdefense
Cybersecurity continues to grow as an area of concern for businesses and government agencies worldwide, and news about the latest major breaches were among the most popular stories in SmartBrief on Cybersecurity in the first quarter of 2019. Other major topics of interest involved new attack approaches and emerging cyberdefense strategies, as well as a look at presidential candidate Beto O'Rourke's hacker past.
Major hacks and breaches
The most popular story among SmartBrief on Cybersecurity readers was probably the biggest and longest-running breach to be exposed in the quarter -- a series of hacks that exposed more than 772 million email addresses and nearly 22 million passwords dating back to 2008.
Other major attacks involved a breach of a major insurance group by hackers that threatened to release sensitive documents related to 9/11, an email provider having nearly two decades of infrastructure taken down by a hacker and a breach of software-maker Citrix by an Iranian hacker group.
New and emerging attacks
New types of attacks or technological advancements made by hackers were also key areas of interest. The second-most read story of the quarter detailed how blockchains, touted as being "unhackable," were not as secure as promised, enabling hackers to steal as much as $1 billion from cryptocurrency exchanges.
Another popular story involved a new cyberthreat called "formjacking." In a formjacking attack, cybercriminals use malicious code to steal credit card or other personal data from retail websites. Formjacking is seen as an online equivalent to putting a "skimmer" on an ATM to steal debit card numbers.
Finally, a topic that garnered attention involved the growing prevalence of "cryptojacking," which involves unauthorized use of computing resources to mine cryptocurrency and its rapid growth in comparison to ransomware attacks, which are on the decline as authorities advise victims not to pay the demanded ransom.
New defense tools and strategies
With major breaches and new types of attacks always on the mind of cybersecurity professionals, it comes as no surprise that another category of interest in the quarter included stories detailing new cyberdefense tools and strategies. The National Security Agency’s release of cybersecurity tools for public use and an argument for adopting a "zero trust" approach to promoting security were among the top five stories of the quarter.
Another top story involved recommendations of a "zero trust" approach to cybersecurity, advocated by Google and others, that shifts away from securing the "perimeter" of a system using virtual private networks or firewalls. Instead, the system builds its own security perimeter after each log-in to the system.
Top cybersecurity stories of Q1
- Data breach includes millions of email addresses, passwords
- Recent attacks show that blockchains can be hacked
- NSA to make cybersecurity tool accessible to public
- The "zero trust" approach to cybersecurity
- Hackers demand payment to prevent release of sensitive 9/11 information
- Hackers erase 2 decades of US email provider's infrastructure
- Beto O'Rourke was once a member of famed hacker club
- FBI investigates Iranian-linked breach of software-maker Citrix
- DHS issues emergency directive after DNS attacks
- New ransomware attack also includes phishing cam
- Cryptojacking overtakes ransomware as top cyberthreat
- Passport numbers were biggest target in Marriott breach
- Latest malware brings dose of double trouble
- Cybersecurity pros self-medicate to cope with stress
- Hacker exploits ASUS software update process
Learn more about how SmartBrief can help align your company with the trending topics and events of the year. Download the 2019 SmartBrief on Cybersecurity Media Kit to get started.
Brian Hammond is technology news editor at SmartBrief. He was previously managing editor at Telecommunications Reports International, a Washington-based publisher slate of news and research products for telecom insiders, including Telecommunications Reports, TRDaily and Cybersecurity Policy Report. Brian has a B.A. from the University of Virginia and an MBA from Virginia Commonwealth University.