Arrests Do Not Slow Down Hacking
In just the last few months, companies as diverse as Travelex and Canon have been hacked. Universities like UCSF have paid millions to criminals.
In just one news feed today, I see the following:
- AI firm Cense exposed 2.5 million records containing sensitive and confidential medical records that were supposed to be loaded into a database.
- The Ritz London’s customers are being hit by phone scams after a data breach. After stealing the data, the hackers called hotel guests and asked them to confirm their credit card information.
- Medical collection agency R1 RCM, formerly known as Accretive Health, one of the largest medical debt collection companies in the US with revenues of over a billion dollars a year was hit by a ransomware attack. R1 RCM has personal data, insurance data, treatment data and other personal information.
- 350 million email addresses were exposed on a mis-configured Amazon AWS S3 bucket. While less sensitive than other breaches, what else is incorrectly configured. As of right now, they don’t even know who owns the data.
- SANS Institute loses 28,000 customer records in a phishing attack.
These are just a few of the recent attacks.
On the other hand, in the same HACKREAD feed, Ukraine arrested a ransomware gang accused of running fraudulent cryptocurrency exchanges and laundering $42 million through underground forums.
Also in the feed is news that the FBI and NSA disrupted the finance campaigns of three terrorist groups using cryptocurrency.
And finally, again, the FBI and NSA exposed a Russian state hacking tool for Linux systems.
This is the basis of the cat and mouse game that the hackers and law enforcement play every day.
The FBI’s Internet Crime Complaint Center receives 3,000 to 4,000 complaints every day. This is not a battle that the good guys seem to be winning.
This means that you have to protect yourself. If you don’t you will wind up being one of the statistics and not a good one.
Maybe sometime in the future the cops will win. I’m not counting on it, unfortunately. Credit: Hackread