2020 has been a tumultuous year, and with coronavirus hogging the headlines, a few cybersecurity-related stories slipped through the net.
Ransomware is on the rise across all sectors. Sophos reports that half of all companies it surveyed had been hit by a ransomware attack and 48% of financial services firms reported being targeted.
As fraudsters get more sophisticated, we will likely see more of these stories going forward. But for now, here are the five biggest cybersecurity stories we reported on in 2020.
Alpha Bank, Piraeus Bank, Eurobank and the National Bank of Greece had to cancel 15,000 credit and debit cards after a tourist services portal was hacked.
The banks issued a joint statement admitting that “a few dozen” customers had been charged with transactions they never made. All the lenders decided to gradually cancel and replace all 15,000 cards.
The tourist portal was suspected of not being up to code regarding its Payment Card Industry Data Security Standards (PCI DSS) compliance.
Postbank, the banking division of South Africa’s Post Office, had to replace more than 12 million of its customers’ cards after a group of its employees printed and then stole its master key.
The master key, a 36-digit code, allows the holder to decrypt the bank’s operations, modify the bank’s systems, and generate codes for customer cards.
Rogue employees used the key between March and December 2019 to access accounts and make more than 25,000 fraudulent transactions.
The Financial Conduct Authority (FCA) admitted to a data breach after victims of the collapsed savings firm London Capital & Finance (LCF) were sent messages by scammers.
LCF customers’ names, addresses and phone numbers were accidentally published on the FCA’s website. The details were gathered by the FCA during a complaints procedure against LCF.
The news arrived at a bad time for ex-FCA chief, Andrew Bailey, whose appointment as Bank of England governor was questioned by activists and MPs.
Diebold Nixdorf, which controls around 35% of the global ATM market, owned up to a ransomware attack in May.
It said in a statement that its customer networks were unaffected by the attack, which broke into its corporate operations.
Security researcher Brian Krebs, reports that the attackers used the ProLock ransomware, a successor of the PwndLocker kit.
ProLock works by appending its own executable file to the end of all the files it encrypts, sometimes adding it multiple times to increase the layers of obfuscation.
The infection was discovered in late April, and Diebold Nixdorf states that it did not pay the ransom demanded by the attackers.
In early April the average price asked for by attackers was around 60 BTC, or $570,000.
Travelex had a bad start to 2020. Attacked by ransomware at the turn of the year, the company initially refused to admit it had been infected.
The exchange company first reported the hack as “planned maintenance” before coming clean a few days later.
Suspending its travel money services, it caused several UK banks to shut down their currency exchange operations as well.
The Sodinokibi ransomware used in the attack was controlled by a group known as REvil.
The gang initially demanded a $3 million payment to release what they claimed were the encrypted personal files of Travelex customers.
After receiving no response, they then raised the figure to $6 million.
It took Travelex a month to get its money transfer systems back online, though its main website remained down for some time afterwards.
Travelex owner, Finablr, was also headed for insolvency after issuing £81 million in undisclosed cheques.
2020 continues to be a hard year for the currency exchange firm. It announced in August that it would be heading into administration with a loss of 1,300 jobs.