The breadth and frequency of high-profile hacks seems to rise every month, but a trio of exceptionally visible and potentially catastrophic May attacks has thrust cybersecurity into the national spotlight in ways seldom seen before. From hospitals to gas stations to meat processors to home gyms, no one was safe from security breaches.
May’s Biggest Cyber Attacks
Colonial Pipeline Hack Sets U.S. Infrastructure on Edge
In what may be remembered as the hack that finally made “ransomware” a household word even for non-techies, a suspected Russian hacking group took Colonial Pipeline offline for more than three days in early May.
As , diesel fuel, and jet fuel, this represented a significant hardship. Gas prices spiked across the country, some Eastern gas stations ran out of fuel, over-the-road deliveries were delayed, and there were even reports of gasoline hoarding.
Many of the details of the hack are still being kept under wraps, but it appears likely that it was . Russia’s DarkSide collective was quick to take credit for the attack and reportedly ?(with part of that ), although there was some initial dispute about the amount or whether Colonial paid at all.
Congress did move quickly to for pipelines, but the damage has already been done in this instance.
While the alleged hackers have ever-so-graciously said that they only wanted money and didn’t intend to cause quite so much trouble, the whole affair has been a stark reminder of how vulnerable our online infrastructure really is,? and how much chaos can be created by a relatively simple act of cybercrime.
Hackers Grind Meat Industry to a Halt
In just about any other month, the temporary shuttering of the world’s largest meat producer would have been the biggest cybercrime story by far. Even with the Colonial hack dominating the headlines, the late May attack on JBS was fairly staggering. The ransomware attack on JBS servers was and halted meatpacking operations at multiple plants for upwards of five days.
Not only did the shutdown drastically disrupt meat production and distribution across the country, it also . That’s a very big deal in an industry where many workers are just beginning to recover financially from pandemic layoffs, and where meat plants often . It has not yet been disclosed how the hackers gained access to the JBS system, but the meat industry in general has notoriously outdated security measures and .
The shutdown does not appear to have impacted meat processing activities or safety measures, but experts are predicting that it will . It may also cause safety-conscious shoppers to reconsider their meat buying habits, a potential crisis for the industry. Experts also worry that recent attacks on politically controversial industries like oil and large-scale meat processing may inspire copycat attacks from activist hacker groups.
Ireland’s Healthcare System Gets Taken Ransom
If the Colonial and JBS hackers may have been counting on a certain amount of public sympathy, that doesn’t appear to be the case in Ireland, where the Russian hacker group Conti claimed credit for for nearly a full week.
The mid-May ransomware attack led the Irish Health Service to , interrupting patient care, canceling appointments, and leading officials to plead with the public to seek medical care only when totally necessary.
The attack shut down a stunning number of day-to-day operations across the system, including payroll, access to test results, and even telephone services. Beyond the disruptions in service, Irish officials have said that it is quite likely that . That represents a shocking violation of privacy for patients and sets up the possibility of further data theft and even blackmail for people with medical conditions that they want kept private.
For now the situation appears to be resolved, as Irish officials were “surprised” to be . The government insists that no ransom was paid, so perhaps the hackers had a change of heart after seeing how much havoc they’d wrought. Or, more likely, they simply decided that the purloined personal data was valuable enough that trying to collect further ransom money wasn’t worth their effort.
Either way, this episode ranks among the most frightening cyberattacks the world has ever seen, and it likely will not be the last of its kind.
Peloton Tries to Ride Out its Exposed API Issues
A presidential fitness regimen is maybe not the most obvious place for cybersecurity risks to emerge, but it’s an issue that has come up repeatedly since it was revealed that President Biden would be bringing his Peloton along to the White House. Now a recent security report has shown that those concerns were, like the fitness-conscious president, far from idle.
UK security researcher Jan Masters back in January and quickly determined that the company’s API was exposed, allowing any tech-savvy voyeur relatively easy access to Peloton users’ personally identifiable information and workout data. Masters informed the company of the issue and gave them a 90-day window to fix the problem before taking the information public. You’re reading about it now, so you can probably guess how that went.
Peloton did immediately restrict its API to members only, which would be an effective deterrent against any hacker unwilling to lay down $12.99 for a monthly membership. After built around Masters’ findings in early May, the company says it has now patched the bug entirely, but not before its amidst a variety of scandals. In the meantime, it remains unclear whether anyone took advantage of the exposure while they had the chance. That should make Peloton users ride a little uneasily, including those in the bicycle seat of power.
May was a scary month online by anybody’s measure. Will ransomware shutdowns of the energy system, the food industry, and a national health service finally prompt businesses and governments to start investing in more serious security measures, or will these kinds of attacks continue to grow until there are even more dire repercussions? Let’s hope for the former.
Additional Resources
- Join the conversation with Arctic Wolf on?,?,?, and?
- Visit?arcticwolf.com?to learn more about our?security operations solutions
- If you¡¯re ready to get started,?request a demo
