What we're talking about… Categories / Cybersecurity

Cyber-Attacks in 2017: The Year in Review

Cyber-Attacks in 2017

Cybercrime has continued apace this year. A large number of high profile cyber-attacks in 2017 have affected prominent organisations worldwide.

The past 12 months have seen a continued rise in damaging cyber-attacks affecting organisations throughout the world. Cyber-attacks in 2017 have taken many forms, from ransomware to social engineering email attacks. Regardless of the methods employed, many have caused significant operational, financial, and reputational damage to their victims. In this blog post we take a look at some of the high-profile cyber-attacks in 2017.

High-Profile Cyber-Attacks in 2017

WannaCrypt Ransomware

On Friday 12th May 2017 news broke of a successful cyber-attack on the NHS that resulted in severe operational issues for hospitals throughout the United Kingdom. The NHS – along with hundreds of thousands of other victims in 150 countries – were attacked by WannaCrypt ransomware. WannaCrypt is only the latest of a number of strains of ransomware to emerge in recent years, following the likes of CryptoLocker, CryptoWall, and Locky.

WannaCrypt is a form of ransomware. Ransomware’s primary aim is to extort money from businesses and individuals who are infected. It achieves this by encrypting files that are saved locally and on shared drives connected to affected machines. Once files have been encrypted, the user is notified and asked to pay money in Bitcoins (an online value and payment method) in order to obtain a key that will unencrypt the files.

Petya Ransomware

News of the spread of Petya ransomware began to circulate on Tuesday 27th June 2017, and it wasn’t long before the story was picked up by the world’s major news networks. Petya ransomware has caused havoc at a number of prominent organisations. However, what makes Petya different is that it isn’t really ransomware at all, at least in terms of execution and (likely) motivation. The Petya ransomware’s payment systems are not sophisticated in the least. A single email address – which was quickly taken offline by the email provider – was provided for victims to send a confirmation email and arrange payment of a $300 ransom.

This has proven totally ineffective, suggesting that the cybercriminals who instigated the Petya ransomware attack were not interested in making money. Instead, it seems that their primary motivation was causing as much chaos and damage as possible.

Emmanuel Macron Email Hack

On the eve of the French presidential elections in May 2017, thousands of emails and documents were released from the campaign of candidate Emmanuel Macron. This was the result of a “massive and coordinated” hacking attack designed, some say, to destabilise the election.

The stolen documents were shared via the website Pastebin, from where they were passed to WikiLeaks under the heading #MacronLeaks. WikiLeaks then posted a link to download the documents on Twitter.

The Emmanuel Macron email hack is said to have been perpetrated by the same Fancy Bear hacking group who claimed responsibility for the US presidential election hack of Democratic campaign officials.

Equifax Data Breach

The credit reference agency Equifax suffered a huge data breach between Mid-May and July 2017. The hack wasn’t identified until 29th July 2017, at which point any further intrusion was halted. Cybercriminals accessed information from hundreds of thousands of UK customers, including names, dates of birth, email addresses, and telephone numbers.

The Equifax data breach led to the FCA launching an investigation into the firm. In a statement, the regulator said that “the FCA announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent.”

Stay Safe From Cyber-Attack

Cyber-attacks in 2017 have targeted organisations of all sizes, causing significant damage. As we move into 2018, cyber-attacks aren’t going away. Cybercriminals will continue to become more sophisticated, more persistent, and more dangerous. Protecting your business has never been more important; at Capital Support, our suite of Managed Security services will help you improve your security posture. Contact us to learn more.

Toby Shackleton
Toby Shackleton