SUBSCRIBE
SIX MONTHS OF 2019 are on the books already, and certainly there have been
six months' worth of data breaches, supply chain manipulations, state-
backed hacking campaigns, and harbingers of cyberwar to show for it. But
the hallmark of 2019, perhaps, is feeling like the worst is yet to come.
Ransomware is an ever-growing threat, corporate and US government
0
security
FREE is still a mess,
ARTICLES and
LEFT THIS | Get unlimited
geopolitical
MONTH tensionsaccess.
areSubscribe Sign In EXPAND
rising worldwide.
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 1/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
Before we see what the future holds, though, let's recap some of the major
SUBSCRIBE
LILY HAY NEWMAN COVERS INFORMATION SECURITY, DIGITAL PRIVACY, AND HACKING FOR WIRED.
CBP has spent the past two decades ramping up its use of border surveillance
technologies, and there appears to be no end in sight. For example, the
agency wants facial recognition scans to be standard in the top 20 US
airports by 2021. But civil rights and privacy advocates say that these
aggressive initiatives pose a danger to US citizens and the global community
in general. The Perceptics incident is seen as a clear example of those risks.
As Jeramie Scott, senior counsel at the Electronic Privacy Information
Center, told WIRED in June, "The agency simply should not collect this
sensitive personal information if it cannot safeguard it."
Ransomware
Ransomware attacks are truly nothing new at this point, but 2019 is looking
like a banner year for them. Criminal groups continue to target businesses,
healthcare providers, and, most visibly, local governments with these brash
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 2/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 3/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
LEARN MORE
Researchers call the group behind the Asus supply chain compromise Barium
or ShadowPad. Little is known about the affiliation of the group, but it is
thought to be Chinese-speaking. Barium was also connected to another
famous supply chain hack in 2017 of the popular computer cleanup tool
CCleaner. And at the end of April, the Kaspersky researchers also discovered
indications that Barium has used a supply chain attack shortly after the Asus
assault to compromise Microsoft's development tool Visual Studio. This, in
turn, seeded backdoors into the products of three different video game
companies that use Visual Studio in their coding pipeline—allowing hackers
to plant malware in certain games, and potentially infect hundreds of
thousands of targets.
One of the most concerning corporate data breaches so far this year isSUBSCRIBE
that of
the American Medical Collection Agency, a massive healthcare-related debt
collector. The company discovered that it had been breached in March, and
filings with the US Securities and Exchange Commission indicate that the
intrusion on AMCA's systems lasted from August 2018 through March 2019.
The incident was first publicly reported at the beginning of June after the
medical testing firm LabCorp said that 7.7 million of its customers had data
exposed because of AMCA, and Quest Diagnostics said it had had records
from 12 million patients exposed. AMCA said that the compromised
information included first and last names, dates of birth, phone numbers,
addresses, dates of medical services, healthcare providers, and data on
balances due. The stolen information did not include insurance ID numbers
or Social Security numbers.
First American
Not all data security incidents are breaches. Sometimes data is improperly
stored and publicly accessible—it may not have been stolen, but it was still
exposed. And First American, the massive real estate and title insurance
firm, offers a crucial cautionary tale of how dangerous data exposures can be.
Discovered in May by security journalist Brian Krebs, the incident exposed
885 million sensitive customer financial records going back to 2003. They
were accessible to anyone on First American's website. It isn't known
whether anyone actually found and stole the information before the company
locked it down, but it was extremely easy to grab. Social Security numbers,
driver's license images, bank account numbers and statements, mortgage
and tax documents, and wire transaction receipts from millions of Americans
were all included in the trove. As a title insurance provider, First American is
often party to both the buyer and lender sides of real estate deals, so if
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 5/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
anyone did steal this information they would have access to a real goldmine
SUBSCRIBE
The simple way Apple and Google let abusers stalk victims
Want the best tools to get healthy? Check out our Gear team’s picks for
the best fitness trackers, running gear (including shoes and socks), and
best headphones.
📩 Get even more of our inside scoops with our weekly Backchannel
newsletter
RELATED VIDEO
CULTURE
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 7/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
VIEW COMMENTS
SPONSORED STORIES
POWERED BY OUTBRAIN
MANSION GLOBAL
Mansion Global Daily: Most Expensive Home Ever Sold in L.A., How to Build a Smart
Game Room and More
GREEN BUILDER
The Summer Winds Bring Allergy Season Into Full Swing
MORE SECURITY
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 8/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
WIRED OPINION
HACKER LEXICON
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 9/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
SECURITY NEWS
China Distributes Spyware at Its Border and Beyond
LILY HAY NEWMAN
TECH IN TWO
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 10/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
P R I VA C Y
The Simple Way Apple and Google Let Domestic Abusers Stalk Victims
ANDY GREENBERG
WIRED OPINION
GET WIRED
FLASH SALE
SAVE 50%
SUBSCRIBE
NOW
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 11/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
SUBMIT
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
FOLLOW US ON YOUTUBE
Don't miss out on WIRED's latest videos.
FOLLOW
SUBSCRIBE ADVERTISE
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 12/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED
SUBSCRIBE
CUSTOMER CARE CONTACT US
SECUREDROP COUPONS
JOBS RSS
CNMN Collection
Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated
5/25/18) and Privacy Policy and Cookie Statement (updated 5/25/18). Your California Privacy Rights. The
material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with
the prior written permission of Condé Nast. Ad Choices.
https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 13/13