Cyber Attacks are not new – cyber attacks and cyber crimes have existed since the dawn of the internet and become more commonplace each year. The COVID-19 pandemic and the resulting migration of business dealings to online also saw a major uptick in cyber crimes. According to ABC News, cyber attacks and phishing incidents increased 600 percent in May of 2020 following the pandemic’s onset and continue to grow.
According to Check Point Software Technologies, ransomware and related activity increased by 93 percent in the first half of 2021 alone and the World Economic Forum’s 2020 Global Risk Report expects IoT cyber attacks to double by 2025 (Embroker, Dec 2021).
Riding on the coattails of 2020’s covid-related cyber attacks, 2021 saw some of its own major cybersecurity breaches that have had devastating effects on individuals and organizations all over the world.
Colonial Pipeline Hack
In May of 2021, Colonial Pipeline – the largest fuel pipeline in the United States – was hacked using compromised employee credentials. Once in the system, hackers used malware to access sensitive data and compromise Colonial’s billing system. In an effort to contain the attack, Colonial shutdown its servers and, ultimately, its business which caused a huge oil shortage that ended up halting business operations for many companies.
In the end, Colonial paid a $4.4 million ransom to gain back control of their billing system and compromised data.
Similar to the Colonial Pipeline Hack, CNA Financial – one of the largest commercial insurance companies in the United States – suffered a ransomware attack which resulted in the exposure of 75,000 people’s personal information and data. CNA Financial paid $40 million to regain control of their accounts – one of the largest ransomware payoffs to date.
Log4J Zero-Day Vulnerability
Most recently, a critical vulnerability in the open source Apache Framework‘s widely-used logging tool Log4j has left many, many online services and java-based web servers – like Twitter, Amazon, Microsoft, Apple, IBM, Oracle, Cisco, and Google – at risk for ‘remote code execution’. (RCE) attacks. RCE attacks allow hackers to run commands and code remotely without the physical device. Essentially, the vulnerability could allow a hacker to take control of a system, causing disastrous effects for those reliant on them.
You can learn more about the Log4J vulnerability here. Rest assured, Nx Witness VMS and other Powered by Nx products are not affected by the zero-day exploit.
Beyond the major attacks seen in 2021, individuals and organizations encountered cyber attacks of a varying scale everyday this past year. 2021’s most frequent cyber attacks, according to a study conducted by IBM, are as follows:
Compromised Credentials / Password-Cracking
In password-based attacks, hackers use software and brute force attacks to access secure accounts.
Phishing is a method of sending fraudulent communications – usually email – which mimic a reputable source in order to obtain login credentials.
Cloud Misconfiguration occurs when gaps or weak points in a cloud’s configuration leaves it at risk for attacks.
Vulnerability in 3rd Party Software
A potential threat to an organization’s data, internal information, etc. caused by a vulnerability in a 3rd party’s supply chain or other outside parties.
Physical Security Compromise
Physical Security Compromises occur when sensitive data or files have been breached due to the theft or unauthorized access of physical hardware.
A security risk that originates from within the targeted organization – via a current or former employee or business associate who misuses their access to sensitive information or privileged accounts.
A breach in security due to weaknesses brought about by a system error or misconfiguration.
The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
Other popular Security Threats include:
Malicious software that installs on computers through a vulnerability in an operating system or a piece of software.
This type of attack occurs when the attackers insert themselves into the middle of communications between two parties in order to intercept sensitive data. Typically this is accomplished by monitoring network traffic or through the use of Malware.
Distributed Denial of Service Attack (DDOS)
This type of attack is designed to flood systems, servers, or networks with traffic to exhaust resources, effectively killing the system’s ability to perform normally.
SQL injection occurs when a malicious actor inserts code into a server running an SQL database that forces the server to reveal information.
A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented.
As new advancements in tech continue cybercriminals also continue to develop new tactics and strategies to target organizations. Although the forecast looks a little bleak, it’s important to be aware of where the cybercrime / cybersecurity landscape is headed in order to identify threats early on and ensure your organization is prepared with the best defenses possible.
Some cybercrime trends to look out for in 2022 and onward include:
Within the first six months of 2021, ransomware-related payouts totaled around $590 million – $200 million more than in the entirety of 2020 . These success stories are likely to incite many copycat ransomware attacks in the years to come.
On top of that, the increasing popularity and advancement of Ransomware as a Service (RaaS) in the cybercrime realm is expected to allow cybercriminals to launch ransomware attacks more effortlessly and more frequently.
With the upcoming 5G rollout comes a faster, more reliable network with a larger capacity for devices. Although 5G’s enhanced interconnectivity will serve as a huge benefit, it also has the potential to increase the public’s vulnerability to cyber attacks.
The less centralized and more virtualized nature of the 5G network will likely make managing and maintaining cybersecurity more difficult, leaving it open to new points of attack. Additionally, 5G will lead to more and more vital infrastructure moving online, giving hackers the potential to pull off bigger, more devastating attacks in the future.
IoT Cyber Attacks
The world’s ever-increasing number of connected devices – accelerated by the 5G rollout – provides cyber criminals with countless access points and mediums for which to aim their attacks. In fact, the World Economic Forum’s 2020 Global Risk Report expects IoT cyber attacks to double by 2025 (Embroker, Dec 2021).
Although the cybersecurity threats listed above are important to be aware of, Powered by Nx product users and resellers can rest assured that Nx video management software was engineered to be secure. Nx VMS is continually improved to address cyber security threats by using a combination of secure technology and process measures outlined below.
Nx has advanced User Rights capabilities that allow Administrators to implement strict controls over what operators are able to accomplish in the system and which resources they are allowed to configure and interact with.
Single System Owner with Super User rights
Customizable User Rights & Roles
All user actions are logged for review by system administrators
Nx requires a minimum level of security when creating passwords.
Minimum password strength during account creation
Secure password reset via Nx Cloud
Complex Multi-Level Salted/Hash password storage
User Enumeration Detection
Nx Server and Cloud applications detect and prevent user enumeration (brute force attacks, guess and confirm attacks) through the use of timeouts.
Integration with LDAP
Integration with LDAP enables centralized management / reset of IT credentials by IT administrators.
Nx also includes key technologies to ensure the integrity of information within and produced by a system. These include:
Archive Integrity Check
Nx notifies operators when archived video has been modified indirectly (e.g. deleted / replaced files).
Watermarking for Chain of Custody
Nx has built-in watermarking, allowing operators or viewers to check the authenticity of a video exported from a system and preventing the manipulation of evidentiary video.
Nx includes many protections for system communications over both secure (e.g. LAN/WAN/VPN) and unsecure (e.g. Internet) networks.
OpenSSL for Network Connections
Encrypted Client-Server Communications
Encrypted Video Traffic
Custom SSL Certificates
Cloud Connection Proxy
Network Optix also institutes processes to ensure threat assessment and resolution is part of our core culture. These steps include:
Extensive Quality Assurance Testing
External Security Auditing
Online Support Portal