2015 is the year of cyber-attacks: more and more companies of all sizes have been the victim of crimes online. It has become something all companies must guard against, especially in industries where sensitive information about customers is stored. ‘More of our lives are carried out online,’ says James Chappell, co-founder and CTO of cyber security intelligence company Digital Shadows. He goes on in a recent article on FusionWire (powered by Misys): ‘Because of that, many types of fraud we’ve experienced as traditional crime are also moving online.’ All industries need to have protections in place to ensure both their customers and their business’ reputation are protected.
The size and scope of the internet means tracking cyber criminals is much trickier than it used to be but with the right technology, there is no excuse for any big corporation not to protect their customers. Below is a closer look at some cyber-attacks which ran the risk of ruining companies and effecting both their business’ survival and their customers’ security.
Anthem USA, February 2015
Anthem, the second largest health insurer in the USA, lost millions of customers back in February and it was all down to hackers. The cyber criminals stole the personal details of customers from all of Anthem’s business units and security experts estimated tens of millions of people’s details could have been stolen.
The severity of the attack meant it was reported to the FBI and whilst Anthem said no banking details or private medical information was disclosed, it still effected customer’s trust in the company.[i]
NatWest and RBS, July 2015
At the end of summer, customers banking with the NatWest and RBS group found their service disrupted. Customers were unable to access their accounts after a malicious Distributed Denials of Service (DDoS) attack from cyber criminals and some customers even found payments they’d made into their accounts hadn’t arrived. The bank were quick to assure customers that the attack didn’t affect their financial information or provide the attackers with access to their accounts but it did serve as an inconvenience, with downtime at the end of July, when many people would have been expecting wages and other payments. [ii]
AshleyMadison.com, July 2015
The hacking of AshleyMadison.com has been one of the highest profile attacks in a long time, in part due to the nature of the website: it caters to men and women looking to have an extramarital affair. Over 37 million users are said to have had their personal details shared publicly, as well as other information from internal company servers like employee account information and company bank account data. Users who have had their details leaked have filed a huge lawsuit against the company behind Ashley Madison. The cyber criminals behind the attack describe themselves as The Impact Team.[iii]
Apple, September 2015
Apple is renowned for ensuring its technology is impossible to hack, but in September the company suffered its first large scale cyber-attack in China. Hackers managed to crack the Apple code and embedded malicious software into hundreds of different iPad and iPhone apps. Hundreds of millions of users could potentially have felt the impact of the effected apps but Apple acted quickly, responding immediately to the issue and as yet, the firm appears to have uncovered no examples of data theft due to this attack.[iv]
Experian / T-Mobile USA, October 2015
At the beginning of October Experian plc, the consumer credit monitoring firm, disclosed a huge data breach which jeopardised the sensitive personal data of around 15 million people who had recently applied for service with T-Mobile US Inc. This is the second breach that Experian has allowed in the past few years, with a previous security breach in 2012 and it has led many people, including industry experts, to question the security systems in place at Experian and whether they’re resilient enough to stand up against persistent cyber-attacks. The new breach is being investigated both internally and externally and Experian are a company who definitely need to take a close look at the safeguards they have in place to protect against cyber criminals.[v]
According to Symantec there were more than 317 million new pieces of malware created in 2014 and this number is bound to rise so companies need to wise up about how they tackle this issue and how they protect their company – and more importantly, their customers.