Request a Demo
Welcome to the Cygilant Blog

Breaking Down the Breaches: The Worst Cyber Attacks of 2015

Posted by Security Steve on Dec 21, 2015

This year has seen some serious cyber breaches, and some of them have deadly implications. Amongst the highest-ranking dangers are compromises of medical records, government repositories, and devices other than computers. Here’s a look at some of the biggest data hacks of 2015 and how to best prepare for 2016.

The Most Dangerous Medical Breaches

Health insurance companies suffered serious data breaches this year. Anthem Inc., the second-largest health insurer in the U.S., announced in February that almost 80 million records had been compromised in an attack that took Social Security numbers, employment data, and more. Premera Blue Cross, a Pacific Northwest-based insurance firm, revealed in March that hackers may have accessed 11 million records that contained similar personal information. Excellus Blue Cross Blue Shield, a New York health insurance company, declared in August that a nearly 2 year old intrusion campaign allowed hackers to access as many as 10 million records.

 

What makes health record breaches so harmful? One reason is that medical records of the identity theft victim can get mixed up with that of the identity thief. This can lead to dangerous consequences, such as a patient receiving the wrong blood type for a blood transfusion. What makes matters worse is that even after the incorrect data has been discovered in a medical file, it can be near impossible to remove the false information due to the complicated nature of medical privacy laws.

The Worst Government Breach

In one of the biggest breaches of government data, hackers took more than 4 million records from the U.S. Office of Personnel Management. The attack consisted of two separate but related cybersecurity incidents, in which the records taken included personal information gathered from background investigations into current, former, and prospective federal employees and contractors.

 

One of the most alarming issues of a government breach is blackmail. Government personnel with security clearances have extensive records of private information, and hackers can use that information to threaten not only federal employees but their families and friends as well. National security is at risk when hackers have access to such a large-scale database that includes addresses, financial credit records, and more.

Deadly Hacks of the Internet of Things

Automobile manufacturers are taking the next step in automotive technology: driverless cars. With smart vehicles, drivers will be able to control certain functions remotely, but that feature makes automobiles vulnerable to cyber attacks. In July, the story of white-hat hackers remotely killing a jeep with a test passenger on the highway made big headlines; the researchers installed their own firmware on the jeep's entertainment system, and used it to take over the vehicle's internal computer network.  

 

The deadly implications of hackers taking over a moving vehicle are clear. But more broadly, this widely reported stunt points to how hacks can now target more than computers and phones. The devices making up the growing Internet of Things are all potential targets. With everyday objects coming online, the number of potential fatal risks continue to grow.

Looking to 2016

With more opportunities for hackers to exploit technology, 2016 will see more deadly cyber breaches. Chancellor of the Exchequer George Osborne has warned that the Islamic State terrorist group ISIS (or Daesh) will target nationally integral services such as hospitals and power stations in cyber attacks on the UK. An Intel Security/Aspen Institute survey of IT executives in the U.S., UK, France, and Germany found that 48% believe that a cyber attack on critical infrastructure in the next three years could result in deaths.

 

With such an ever expanding threat landscape, it's imperative for companies and federal agencies to strengthen their cybersecurity approaches. The good news is, the security tools and services provided by EiQ Networks, such as SOCVue, can help protect digital networks, servers, and databases from potentially lethal attacks.

Photo: Brian A Jackson / Shutterstock

Tags: Data Breach, Cybersecurity

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Popular Posts

Posts by Topic

See All