Five recent cyber hacks

No matter how big or small a party is, they can always be vulnerable to a cyber-attack or threat actors. That is why it's important to try and keep yourself as secure as possible. These are some high-profile cyber-attacks that have transpired over the year 2022 so far. 

1. March 7th, 2022: Samsung’s source code was stolen by a well-known hacker group called LAPSU$. As of writing, they have been affiliated with at least 8 other attacks against big tech companies this year. In Samsung's case, they are being hit with a lawsuit for negligence due to vulnerable data. Despite this, Samsung has assured their customers and employees that their data is safe.

 

2. June 1st, 2022: The biggest DDos attack ever recorded, attacked Google with 46 million requests within 69 minutes. The attack came from 5,256 Ips’, originating from 132 different countries and was 76% larger than the previous attack. The attack was spotted and blocked by Google's own Cloud Armor software which netted a win for Google’s cloud protection software.

 

3. June 2022- As of writing: An advanced persistent threat (Known as an APT) nicknamed, ‘scattered spider’, has been constantly targeting companies within the telecoms industry, using the same tactics against each company. A range of techniques have been used against companies to try and gain access from social engineering to using vulnerabilities within the company systems. It has been noted in all investigated attacks, the threat actor has tried to gain access to mobile networks and sim card information. 

 

4. October 14th, 2022: A phishing attack was used to obtain source codes from dropbox, the threat actor pretended to be a company called CircleCL, who attempted to acquire workers’ logins and authentication information. With this they were able to access their GitHub source code repositories and API keys. Dropbox claimed that these were linked directly with the dropbox application and more third-party applications.

 

5. November 1st, 2022: Royal Mail’s click and drop service was suspended temporarily for a few hours on November 1st due to a data breach. It was reported that some customers were unable to login into their account whilst other customers were seeing information from other individuals’ accounts. To protect customer data, the service was disabled until it was fixed, and Royal Mail suggested using paperwork to send any urgent post.

 

References:

 

1: https://www.forbes.com/sites/daveywinder/2022/03/08/samsung-confirms-massive-galaxy-hack-after-190gb-data-torrent-shared-via-telegram/?sh=6a01ef42658c 

2: https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps  

3: https://www.securityweek.com/scattered-spider-cybercrime-group-targets-mobile-carriers-telecom-bpo-firms  

4: https://blog.gitguardian.com/dropbox-breach-hack-github-circleci/ 

5: https://heimdalsecurity.com/blog/royal-mails-website-suspended-due-to-a-data-breach/#:~:text=The%20British%20postal%20service%20company,access%20to%20other%20customers'%20information.  

 

This was made by Morgan Burton