Introduction
This year so far on a near multiple-week basis whether back-to-back days in a week or one day in a week, someone or some company has been hacked. Cyberattacks have become a common occurrence in our day-to-day lives, it is as ordinary as the birth of a newborn child.
Ha-ha! I'm confident that you are wondering how the analogy of a newborn child and a malicious cyber-attack align with each other. Both take place every day, some instances of both make big headlines, some don’t. They won’t stop occurring any time soon.
So, what are cyber-attacks? Types of cyber-attacks? Why are they dangerous? How can we prevent them? Down below I'll not only answer these pressing matters but also hit you with the synopsis on the instances of cyber-attacks this year and their impacts on society.
What is a Cyber-Attack?
First, we discuss what a cyber-attack is. In simple terms, a cyber-attack is a series of malicious attacks performed by individuals or an organization to breach the information system of an organization or another individual.
The purpose of a cyber-attack is to alter, block, erase, manipulate, or steal the data stored in computer systems or to disable, disrupt, destroy, or control these systems.They may operate independently, in tandem with other assailants, or as a unit of a gang of organized criminals. They look for flaws in computer systems and attempt to take advantage of them to further their objectives.
You are probably also wondering how cyber-attacks work and why they happen. Depending in large part on whether they are assaulting a targeted or an untargeted entity, threat actors deploy a variety of cyberattack strategies.
In an untargeted attack, where cybercriminals are attempting to hack into as many systems or devices as they can, they typically search for software code flaws that will allow them to enter without being noticed or stopped. In a targeted attack, the threat actors are going after a specific organization, and the methods used vary depending on the attack's objectives.
Cyber-attacks are mainly due to 3 major reasons. Financial gain, disruption and revenge and lastly cyber warfare. In the case of disruption and revenge, cyber criminals initiate attacks with the intention of causing mayhem, confusion, dissatisfaction, frustration, or mistrust. They can be doing this to exact revenge for actions that have been made against them.
The majority of cyberattacks, especially those directed at businesses, are carried out for financial gain. These attacks frequently try to steal sensitive information, such as employee or consumer credit card numbers, which hackers can use to access money or products using the victims' identities.
In the scenario of cyberwarfare, governments all across the world are also implicated in cyber-attacks, with several national governments admitting to or being accused of planning and carrying out attacks against other nations as part of ongoing political, economic, and social disputes.
Types of Cyber-Attacks
Now to the types of cyber-attacks. There are quite a number of them, more than 50 to be exact. However, we will focus on 2 of them in this discussion. We’ll kick off with Malware. The most known and common cyber-attack. Malware is malicious software, whether a program or code that intends to harm a computer or network server.
Malware can come in many different forms, e.g., ransomware, spyware, trojan, worms and etc. Malware enters a network by exploiting a weakness. When a user visits a risky link, downloads an email attachment, or uses a pen drive that has been infected. You can prevent malware attacks by using antivirus software, firewalls or staying alert and avoiding clicking suspicious links.
Next at number 2, we have a phishing attack. A phishing attack is a sort of social engineering assault in which the attacker poses as a trusted contact and sends the victim phony emails. The victim opens the email without realizing what has happened, clicks on the malicious link, or opens the attachment.
By doing this, attackers are able to access private data and login credentials. A phishing attack can also be used to install malware. A phishing attack can be prevented by updating your passwords regularly and or comparing the emails or messages you have received with the ones of legitimate resources.
Instances of Cyber-Attacks
Barely 5 months into the new year and some of the cyber-attacks have been nothing less than mind-blowing. In Kenya, big names companies/institutions such as Jubilee Insurance, Kenya Airports Authority, Naivas and even Kabarak University have dealt with a cyber-attack.
KAA and Jubilee Insurance from this group were the first to be hacked in March of this year. Both cases were ransomware attacks, performed by a notorious hacking group by the name of Medusa and LockBit. In the data breach of KAA, Medusa released 514 GB worth of data demanding Ksh 67.6 million claiming to have secured KAA's procurement plans, physical plans, site surveys, invoices and receipts.
Onto Naivas, a well-renowned supermarket across Kenya. Naivas also suffered a ransomware attack on the Sunday of April 23rd, where a group by the name of Threat Actor breached the supermarkets' systems and stole data.
Lockbit claimed to hack Jubilee Insurance, doing away with 662 GB worth of data. The hackers had given them until April 14th, 2023, to pay the ransomware before they could return the data.
Reluctantly for Naivas Customers, the intrusion was not a complete crisis, the supermarket acted quickly by preventing external access and engaging with cybersecurity experts of CrowdStrike to ensure system integrity. Naivas does not hold onto debit or credit/debit card information, such users were not affected by this attack.
In my opinion, this next one was the most shocking and embarrassing cyber-attack of many that has taken place this year. Not only because it is the institution that I am currently studying at but also how the attack went down.
Kabalak! I mean Kabarak University a private university located in Nakuru, Kenya. On the evening of May 4th, 2023, Kabarak University's Facebook Page was hacked by an unknown individual from Jakarta-based IT-based High Schools in Indonesia who started posting photos and media that was contradicting the institution's Christian beliefs and foundation.
This individual demanded a payment of Ksh 68,500 for the university to regain its account. 5 days later, the account was recovered. Kabarak University reached out to Meta, Inc and they were able to resolve the issue of the hacked account.
Elsewhere in the US, data breaches have affected them in a heavy way this year. Notable companies such as Activision, ChatGPT, Discord and even the U.S. Government dealt with data breaches. Get the full stories here in this link Data Breaches That Have Happened in 2023 So Far - Updated List (tech.co).
Takeaways
Q1 2023 has been a dreadful period for companies globally to say the least. Cyber-attacks have increased worldwide by 7% in Q1 2023 in comparison to Q1 of 2022, with each firm facing at least 1248 attacks per week. South Africa and Nigeria. Possible reasons for the rise in cyber-attacks are the move to cloud security and remote work.In the case of cloud security, resource misconfiguration is an occurrence when a tool, asset, or IT system is configured improperly, making it open to criminal activities and risking data security. As well as unpatched vulnerabilities, a preferred entry point for malicious actors to compromise networks. They happen when security teams neglect to fix a bug in popular software, which then serves as a ransomware attack vector.
For small to medium-sized businesses or even big businesses, the best practices you can undertake to prevent such attacks are by ensuring visibility into your cloud environment, evaluating and addressing gaps in your cloud security and lastly investing in tools such as firewalls and cloud security programs.
Now to the issue of remote work. This has posed major security risks such as unsecured and vulnerable networks, unsecured and vulnerable hardware and more. Some solutions to these risks are the implementation of basic security controls, proper ensuring of cloud configurations and more that can be found in this link Remote Work Cybersecurity: 12 Risks and How to Prevent Them (techtarget.com).
Conclusion
That's a wrap for this article about cyber-attacks in Q1 2023. A busy season for sure for hackers globally. Feel free to drop questions below in the comment section if you have any. See you next time!
