I thought I’d do an A to Z look at 2020, but honestly, like most of you, I’m tired and just want 2021 to get here. I don’t need fanfare. No glass of wine. No cocktail franks or cheesecake. No countdown to the ball dropping because, after all, what fun is watching the ball drop-in Times Square without the thousands of revelers freezing in the cold for a chance to be seen kissing on camera.
Given all that’s happened in 2020, it seems fitting that a year in review wouldn’t go from A to Z, but instead Z to A. With all the weirdness, it also seems appropriate to skip whole sections of the alphabet and limit the list.
Here are a few of the cyber-related highlights of 2020:
Z – 2020 was the year when Zoom went from being a company with a video conferencing platform to a word that could be used as a noun and a verb. “I have a Zoom” and “I’m Zooming” became household phrases, and not just for remote workers. Many teachers and school children were forced to quickly adapt to remote learning situations, and the children, like their parents, learned it can be exhausting sitting in virtual meetings all day. Zumping also emerged in 2020. For those of you not into online dating, zumping is when someone dumps someone else via Zoom. Of course, no entry for Zoom, especially in a blog about cybersecurity, would be complete without mentioning zoombombing, which is when intruders hijack a Zoom meeting by attending via an unprotected link.
V – V is for virtual. Meetings and learning weren’t the only things to go virtual in 2020. Conferences, including the cybersecurity-related ones I’ve attended regularly the last few years, were held virtually too. That meant I didn’t go to San Diego, Dallas, Denver, Atlanta, and Tampa and missed seeing the many friends and acquaintances I’ve made over the past few years. Maybe I’ll see you in 2021…my new luggage I’ve used once is patiently waiting.
R – Ransomware, especially in the healthcare sector, was prevalent. In September the first known fatality related to ransomware occurred in Duesseldorf, Germany when a woman with a life-threatening condition had to seek services at a hospital 20 miles away because a closer hospital was the victim of a ransomware attack. The delay in treatment reportedly resulted in the woman’s death. Throughout the fall, hospitals and other facilities in the United States suffered attacks too, prompting an advisory in late October coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). The University of Vermont Medical Center, for example, is hoping to have its applications fully restored in early January.
M – Misinformation was EVERYWHERE. In May, Twitter updated its approach and began labeling tweets containing misleading information and disputed claims. The company expanded its civic integrity policy in October and added more warnings and restrictions, such as turning off the ability to like, retweet, and reply to tweets containing misinformation. In December, Facebook updated its ad policies related to COVID-19 vaccines, allowing those that “highlight the ability of a COVID-19 vaccine to prevent someone from contracting the virus” and “promoting ways to safely access” vaccines, but prohibiting ads that “exploit the pandemic for financial gain” or “claim the vaccine is a cure for the virus.”
D and B – Once again, data and breaches went hand in hand. According to Security magazine, adult live-streaming website CAM4 dot com (website Not Safe For Work or security) topped the list of Top Ten Data Breaches in 2020 with 10.88 billion records containing Personally Identifiable Information (PII) compromised in a data leak. Other companies making the list included Advanced Info Service, Keepnet Labs, BlueKai, Whisper, Sina Weibo, Estee Lauder, Broadvoice, Wattpad, and coming in at number 10, Microsoft.
C and A – We certainly ended the year with a bang. On December 13, CISA issued an emergency directive to mitigate compromise of SolarWinds Orion products that called for federal civilian agencies to review networks and “disconnect or power down SolarWinds Orion products immediately”. Then on December 17, CISA issued an alert titled “Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations.” The alert was updated again on December 18 and 23. The most recent update indicated additional initial access vectors. Why C and A? The Russian hacking group known as Cozy Bear, also referred to as APT 29. is reported to have been behind the attacks, and the one against FireEye, though the company has only named the adversary as “a nation with top-tier offensive capabilities.”
2021 may prove to be another roller coaster ride, but I’m ready to take my chances. Are you?
—————————–
