Company diamonds at risk!
Why are companies valuable? Because they have created values and protect them on an ongoing basis. Their company diamonds are of the most varied kinds: patents, product innovations, source code, business secrets and business plans, comprehensive production processes, databases with a wide range of (customer) data, assets and many more.
It takes many years, decades or even centuries to create all this. Nevertheless, it can be stolen or destroyed overnight, without perpetrators requiring physical access.
WannaCry and NotPetya – cyber attackers striking at off-peak times: WannaCry hit Europe on a Friday afternoon, while NotPetya was launched on the day before the Ukraine’s national holiday. Basically, NotPetya spread overnight: starting from an update of the Ukrainian fiscal software MeDoc that is used by everyone who has to pay taxes in the Ukraine. The malware propagated in a uniquely sophisticated manner. Hence it was possible for several European and US multinationals to be affected in a very short time, reporting losses in the three-digit million range and production downtimes.
But these losses could have been prevented. The attackers used vulnerabilities in outdated programs. A faux-pas from which many IT departments all over the world have learned a lesson.
The 23 December 2015 was a black day in the history of the aviation supplier FACC. It was the day on which an employee of the financial accounting department transferred the first EUR 13 million to cybercriminals. Using a fake e-mail address of the CEO, they pretended this was a highly confidential transaction for a corporate acquisition. The correspondence comprised some 40 mails to build up trust. When the transfers were noticed on 19 January, a total of EUR 50 million was gone.
In such a case, IT security engineering is powerless. It is the individual person who decides what to do, and in this case seems to have fallen for the “fake president fraud” that was very carefully prepared and completed with perfection. The tracks have been covered, and the money is likely to be lost forever.
2015, in 30 countries
Banks hold cash in custody. Therefore you would expect a high-security infrastructure – not just in physical, but also in digital terms. So it was all the more surprising when cash dispensers suddenly started to dole out lots of banknotes and there was always someone around to collect them. Millions were transferred from one account to another. For two years, the systems of 100 banks all over the world were controlled by attackers. In total, they stole up to one billion dollars.
“Carbanak” was the name of the group that hacked into the user accounts of banks, using Trojan viruses, according to media reports, gaining access to the banks’ surveillance cameras and the employees’ master accounts, thus being able to reprogram cash dispensers.
These incidents demonstrate what is possible today through detailed preparation and high-precision implementation, without the need for individuals to show up in person in any of the attacked banks. And the target was again the supposedly high-security core business of major companies.
Yahoo has 3 billion users. All user accounts were hacked. The attackers gained access to names, e-mail addresses and telephone numbers. Additionally, the confirmation messages used to restore forgotten passwords were also stolen.
Basically, this most cleverly designed attack targeting the core business of the Internet company seems to be absolutely impossible, and yet it became reality thanks to the perpetrators’ ingeniousness. And it is not only the sheer volume of the stolen data that is hardly believable, but also the discovery of the attack. The raid targeting one billion user accounts was confirmed by the company only in 2016. And it took another year for them to finally admit that not one, but three billion accounts were affected.