Major security breaches are ubiquitous in 2019. New breach stories are written every week – state-owned petroleum companies, major healthcare providers, police and intelligence agencies. And they aren’t going anywhere. As we work tirelessly to enhance our capabilities, theirs get even more sophisticated.

We’d like to shine a light on three significant breaches from 2019, showing that hackers are still interested in money & data, but also disruption.

The Energy Industry
This month, a ransomware attack targeted servers of the Mexican state oil company, Pemex. This was yet another victim of the Ryuk ransomware, hitting companies with revenue topping $500 million. Luckily, the damage looks to have been minimal, but according to Reuters, “three Pemex employees said work ground to a halt on Monday because staff could not access a range of computer systems, such as those dealing with payments.”

While not wildly successful, this attack does shine a light on how vulnerable we may become if an attack such as this is affects our energy sources for any sustained period of time.

Hacking & Heart Attacks
According to Krebs On Security, researchers at Vanderbilt University examined data from the Department of Health and Human Services (HHS) and used it to uncover data about patient mortality rates at more than 3,000 Medicare-certified hospitals. Of those, almost 10 percent had experienced a data breach.

Their data showed that as many as 36 additional deaths per 10,000 heart attacks occurred each year after data breaches. According to the researchers, “Breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes. Remediation activity may introduce changes that delay, complicate or disrupt health IT and patient care processes.”

Now imagine needing to ask a hospital if they have experienced a data breach before checking yourself in for care.

Law Enforcement Agencies
In October, the Chilean national police force was hit, admitting that more than 10,000 files were exposed, including intelligence. While this was deemed an act of “hacktivism”, a practice that has dropped more than 95% since 2015, it does highlight the ability for cybercriminals to not only access law enforcement systems, but also the protocols that those same agencies might employ to stop them.

Breaches are a mainstay in our society today. It is critical that organizations take an active approach to defending themselves. It doesn’t matter if you are a utility, a hospital, law enforcement, Fortune 500 company, or a local electrician shop – you are threatened. As we move into 2020, we expect more of the same. As long as there are vulnerable systems and people and as long as there is money to be made or power to be gained, hackers will be active and seeking new ways to attack.

Sources:
Ciper Chile
Reuters
Krebs On Security


About Security On-Demand

Security On-Demand is an industry pioneer and recognized innovator within the managed security space. We are leading the industry in threat detection through behavioral analytics and machine learning.

Back to the Blog   Subscribe to the Blog

Contact Us

We're threat hunting! Send us a quick email here and we will get back to you asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search