From ransomware to spyware, from private networks to data breaches, we know a lot more about cybersecurity than we used to.
Cybersecurity felt like a roller coaster ride in 2021. While businesses are now better positioned to respond to the crisis, hackers have become way smarter in their approach, launching more targeted and severe attacks. This new level of cyber threat comes at a time when the world is more dependent on technology than ever. As we move into the new year, learning from the past can help us become stronger and more resilient. So, let’s look back at the year that’s been and reflect on the lessons we learned along the way.
- Ransomware hurts businesses because of lost productivity more than ransom payments
The plague of file-encrypting malware continues. Ransomware this year blocked paychecks, forced entire towns offline, and caused fuel shortages, as company networks were held for ransom in exchange for millions of dollars in cryptocurrencies.
The U.S. Treasury estimated that ransomware agents will make more from ransom payments in 2021 than they did in the past 10 years. But research shows that the businesses face the biggest losses through lost productivity, downtime, and the tiresome task of cleaning up after a ransomware assault — which include legal support and incident response.
- The Federal Trade Commission can order mobile spyware makers to notify their victims
SpyFone became the first spyware maker to be banned in the U.S. following an order from the FTD this year in September. The FTC accused the “stalkerware” app maker of creating stealthy malware that allows stalkers and domestic abusers to access real-time data, like messages and location history, on their victims’ phones without the victims’ knowledge.
The FTC ordered SpyFone to delete its illegal data collection, for the first time, notify those whose phones were hacked by its software.
- Cybersecurity Venture Capital funding doubled from last year
It was indeed a record-breaking year for cybersecurity VC funding. By August of this year, investors had pumped $11.5 billion in total funding. That’s more than double the $4.7 billion spent during the same period in 2020. The biggest raises include a $525 million Series D for Lacework and $543 million Series A for Transmit Security. Investors said a boon in cloud computing, risk and compliance, and security consulting helped fuel the investments.
- One third of all legal orders for user data from Microsoft are attached with gag orders
Everyone is aware that tech companies are some of the biggest holders of user data, and therefore, the government often request them to provide information for ongoing criminal investigations. But this year Microsoft warned of the alarming trend of the government attaching secrecy orders to search warrants, preventing Microsoft from informing its users when their data is being breached due to an investigation.
Microsoft said one-third of all legal demands come with secrecy clauses, many of which are “unsupported by any meaningful legal or factual analysis,” according to Microsoft Consumer Security Chief Tom Burt. Microsoft also said that orders of secrecy were prevalent across the whole tech industry.
- The FBI was given permission to hack private networks to clean up after a cyberattack
In April this year, the FBI launched a first-of-its-kind operation to remove backdoors in hundreds of U.S. company email servers left behind by hackers. China was ultimately blamed for the mass exploitation of glitches in Microsoft’s Exchange email software, which hackers used to attack thousands of company email servers around the United States to steal mailboxes and contact lists. The devastating hacks left over a thousand servers vulnerable to glitches, forcing companies to scramble to fix various flaws, but patches often didn’t remove a backdoor left behind, allowing hackers to easily regain access.
A federal court in the state of Texas authorized the operation permitting the FBI to exploit the same vulnerabilities as hackers in order to remove the backdoors, before they could be further exploited by bad actors. Other countries have carried out similar “hack and patch” operations to take out botnets before, but this is the first known time the FBI effectively cleaned up private networks after a cyberattack.
- Scamsters are targeting car insurance websites to receive unemployment benefits
This year several car insurance companies were targeted for an unlikely but now common scam. Metromile stated a bug in its website used for storing insurance quotes was misused to obtain the driver license numbers of many customers. Geico said the same thing was happening to them.
Geico’s data breach notice blamed fraudsters who used the stolen license numbers to fraudulently apply for unemployment benefits in a customer’s name. Many U.S. states require people to have a driver’s license before they can apply for unemployment benefits, which is why car insurance companies like Metromile and Geico were targeted.