Before COVID, experts predicted 2020 to be a more challenging year for IoT security than before. Amid COVID, those predictions became a reality. Pre-COVID lockdowns were mostly business as usual; all industries were under constant attack from malware, ransomware, and persistent threats. But once it became clear that COVID-19 would be the most significant factor of the year, the threat against healthcare and critical infrastructure became exponentially more important.
Beginning in March, much of the United States (and the rest of the world) was locked down in a pseudo-quarantine. Millions of Americans started working from home overnight, and millions of others lost their jobs. This period was a scramble adapting to profound and swift changes. Spring was not a particularly busy time for attacks as everyone, including attackers, adjusted to the new world.
In April, attackers hit Nintendo with a mass compromise when criminals took over 160,000 accounts. By July, when Nintendo had all the information, it was closer to 300,000 accounts compromised in this early major attack in 2020.
In the early summer months, stores began to reopen, and consumers started visiting shops, restaurants, and bars in person. At the same time, many continued to work remotely, attend classes virtually, and most hospitals were running in emergency procedure mode.
IT was under even more strain as organizations hurried to push employees to work remotely with little regard for the security implications of moving entire workforces to home networks. Healthcare was pushed to the limit as hospitals had to reduce staff and resources not directly involved with patient care. Additionally, almost every kind of upgrade, update, assessment, and fix planned for 2020 was deferred indefinitely, which means that even known vulnerabilities and issues remain.
July saw the announcement of one of the most newsworthy attacks in our IoT and IT Security 2020 review when Twitter revealed that they had lost control of their internal systems to a group of malicious actors pushing a bitcoin scam. This attack was high profile because numerous politicians, celebrities, and executives were among those accounts compromised. Attackers used the criminal access to garner illegal bitcoin transactions totaling near $100,000. While troublesome, imagine if the attackers used that access to impersonate executives to make announcements that could change the stock market or worse.
The rest of the year was mostly more of the same. Before any overview of 2020 is complete, it is essential to discuss how ransomware has evolved and, of course, the biggest hack of the year.
Do You Know Your IoT Risks?
Find Out in Minutes…FREE
Share This Blog