7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

LILY HAY NEWMAN SECURITY 07.05.19 07:00 AM

THE BIGGEST CYBERSECURITY CRISES OF 2019 SO

FAR

ARIANA DREHSLER/AFP/GETTY IMAGES

SIX MONTHS OF 2019 are on the books already, and certainly there have been
six months' worth of data breaches, supply chain manipulations, state-
backed hacking campaigns, and harbingers of cyberwar to show for it. But
the hallmark of 2019, perhaps, is feeling like the worst is yet to come.
Ransomware is an ever-growing threat, corporate and US government
0
security
FREE is still a mess,
ARTICLES and
LEFT THIS | Get unlimited
geopolitical
MONTH tensionsaccess.
areSubscribe Sign In EXPAND
rising worldwide.

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 1/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

Before we see what the future holds, though, let's recap some of the major
SUBSCRIBE

cybersecurity incidents that have cropped up so far this year.

US Customs and Border Protection Contractor Perceptics

In May, a surveillance contractor for Customs and Border Protection suffered
a breach and hackers stole photos of travelers and license plates related to
about 100,000 people. The Tennessee-based contractor, a longtime CBP
affiliate known as Perceptics, also lost detailed information about its
surveillance hardware and how CBP implements it at multiple US ports of
entry. The Perceptics breach was first reported by The Register, and CBP
officials later disclosed the incident to the Washington Post. Though CBP
was hesitant at first to admit that Perceptics was the contractor that had
suffered the breach, the agency sent a Microsoft Word document to the Post
titled "CBP Perceptics Public Statement" in its initial response. Days later,
hackers posted the stolen Perceptics data to the dark web. On Tuesday, CBP
suspended Perceptics from federal contracting, though it did not say why.

LILY HAY NEWMAN COVERS INFORMATION SECURITY, DIGITAL PRIVACY, AND HACKING FOR WIRED.

CBP has spent the past two decades ramping up its use of border surveillance
technologies, and there appears to be no end in sight. For example, the
agency wants facial recognition scans to be standard in the top 20 US
airports by 2021. But civil rights and privacy advocates say that these
aggressive initiatives pose a danger to US citizens and the global community
in general. The Perceptics incident is seen as a clear example of those risks.
As Jeramie Scott, senior counsel at the Electronic Privacy Information
Center, told WIRED in June, "The agency simply should not collect this
sensitive personal information if it cannot safeguard it."

Ransomware
Ransomware attacks are truly nothing new at this point, but 2019 is looking
like a banner year for them. Criminal groups continue to target businesses,
healthcare providers, and, most visibly, local governments with these brash

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 2/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

hacks, in which malware is specially designed to encrypt a system's data and

SUBSCRIBE

demand a ransom to decrypt it—swindling billions of dollars per year in the

process. "We are seeing an increase in targeted ransomware attacks," the FBI
told WIRED in a statement just this week. "Cyber criminals are opportunistic.
They will monetize any network to the fullest extent."

In 2019, though, ransomware isn't just targeting hospitals and small

businesses. A destructive strain called LockerGoga has specifically been
victimizing industrial and manufacturing firms—at times forcing production
plants to switch to manual control or exacting long-term damage on systems
that control physical equipment. For now, incident responders say that
LockerGoga is only being used by financially motivated criminals. It's easy to
imagine, though, how this type of attack could be used by state-sponsored
critical infrastructure hackers, especially given how both North Korea's
WannaCry and Russia's NotPetya were ransomware-like worms crafted with
each country's geopolitical agenda in mind.

Supply Chain Attacks

A legitimate software vendor pushes out what looks like a trustworthy
software update to users, but it's really a destructive instrument of
cyberwar. That is the evil genius of the supply chain attack. The most famous
example is likely 2017's NotPetya attack, when Russian hackers spread
destructive malware in part by compromising the update mechanism for a
Ukrainian accounting software. And this type of malicious hacking has been a
particular signature of 2019 so far.

In March, following a research report from the threat intelligence firm

Kaspersky, computer maker Asus disclosed a supply chain attack sometime
in the second half of 2018 that had compromised the company's Live Update
tool to push malware to almost 1 million customers. Victim devices accepted
the tainted software because the attackers signed it with a real Asus
certificate (used to verify the legitimacy of new code). Though the hackers
infected a huge number of machines through the attack, they seem to have
been specifically targeting 600 computers, which they then hit with a
second-stage attack.

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 3/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

LEARN MORE

THE WIRED GUIDE TO DATA BREACHES

Researchers call the group behind the Asus supply chain compromise Barium
or ShadowPad. Little is known about the affiliation of the group, but it is
thought to be Chinese-speaking. Barium was also connected to another
famous supply chain hack in 2017 of the popular computer cleanup tool
CCleaner. And at the end of April, the Kaspersky researchers also discovered
indications that Barium has used a supply chain attack shortly after the Asus
assault to compromise Microsoft's development tool Visual Studio. This, in
turn, seeded backdoors into the products of three different video game
companies that use Visual Studio in their coding pipeline—allowing hackers
to plant malware in certain games, and potentially infect hundreds of
thousands of targets.

American Medical Collection Agency breach

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 4/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

One of the most concerning corporate data breaches so far this year isSUBSCRIBE
that of
the American Medical Collection Agency, a massive healthcare-related debt
collector. The company discovered that it had been breached in March, and
filings with the US Securities and Exchange Commission indicate that the
intrusion on AMCA's systems lasted from August 2018 through March 2019.
The incident was first publicly reported at the beginning of June after the
medical testing firm LabCorp said that 7.7 million of its customers had data
exposed because of AMCA, and Quest Diagnostics said it had had records
from 12 million patients exposed. AMCA said that the compromised
information included first and last names, dates of birth, phone numbers,
addresses, dates of medical services, healthcare providers, and data on
balances due. The stolen information did not include insurance ID numbers
or Social Security numbers.

Because AMCA contracted with so many companies, it's possible that

additional organizations—and therefore other patients—were affected as
well. But almost 20 million patients between LabCorp and Quest alone is bad
enough. In mid-June, Retrieval-Masters Creditors Bureau Inc., which
operates as AMCA, filed for Chapter 11 bankruptcy protection as a result of
costs associated with the breach.

First American
Not all data security incidents are breaches. Sometimes data is improperly
stored and publicly accessible—it may not have been stolen, but it was still
exposed. And First American, the massive real estate and title insurance
firm, offers a crucial cautionary tale of how dangerous data exposures can be.
Discovered in May by security journalist Brian Krebs, the incident exposed
885 million sensitive customer financial records going back to 2003. They
were accessible to anyone on First American's website. It isn't known
whether anyone actually found and stole the information before the company
locked it down, but it was extremely easy to grab. Social Security numbers,
driver's license images, bank account numbers and statements, mortgage
and tax documents, and wire transaction receipts from millions of Americans
were all included in the trove. As a title insurance provider, First American is
often party to both the buyer and lender sides of real estate deals, so if

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 5/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

anyone did steal this information they would have access to a real goldmine
SUBSCRIBE

for identity theft, financial scams, and even espionage.

One to Watch: Iran

Ever since President Donald Trump withdrew the United States from the 2015
Iranian nuclear agreement last year, international relations and
cybersecurity experts have been warning that the move could escalate
tensions between the two countries, particularly in cyberspace. This
appeared to hold true in the second half of 2018, and the first six months of
2019 have borne even more marked escalations. Iranian hackers have ramped
up campaigns around the world, and particularly against US targets, as the
two countries clash more openly in the physical world.

June, in particular, saw tensions continue to rise with a series of incidents in

the Middle East. On June 13, two fuel tankers were attacked in the Gulf of
Oman. The US blamed Iran, and also accused Iranians of attempting to shoot
down a US drone. One week later, Iran succeeded in shooting down an
unmanned surveillance drone, which it claimed had entered Iranian airspace.
Trump considered then ultimately aborted a kinetic strike in response to the
provocation, but US Cyber Command was approved to launch a damaging
cyberattack against Iran's rocket and missile launch control systems,
however. The hack reportedly took weeks or months for Cyber Command to
design and orchestrate. Meanwhile, Iran has been digitally clapping back at
the US. The question now is whether cyberstrikes can really be used as an
alternative to kinetic conflict—as some war scholars have proposed—or
whether they only serve to escalate real-world combat.

More Great WIRED Stories

Apollo 11: Mission (out of) control

The simple way Apple and Google let abusers stalk victims

Notifications are stressing us out. How did we get here?

One boy’s dream vacation to see construction equipment

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 6/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

How nine people built an illegal $5 million Airbnb empire SUBSCRIBE

Want the best tools to get healthy? Check out our Gear team’s picks for
the best fitness trackers, running gear (including shoes and socks), and
best headphones.

📩 Get even more of our inside scoops with our weekly Backchannel
newsletter

RELATED VIDEO

CULTURE

Hacker Breaks Down 26 Hacking Scenes From Movies & TV

Hacker and security researcher Samy Kamkar takes a look at a variety of hacking scenes from popular
media and examines their authenticity.

#HACKS #CYBERATTACKS #DATA BREACH

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 7/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

VIEW COMMENTS

SPONSORED STORIES
POWERED BY OUTBRAIN

MANSION GLOBAL
Mansion Global Daily: Most Expensive Home Ever Sold in L.A., How to Build a Smart
Game Room and More

THE BEST EMULATOR FOR FREEFIRE

Get Free Fire On Your Desktop Today And Get Improved Game Experience!

GREEN BUILDER
The Summer Winds Bring Allergy Season Into Full Swing

MORE SECURITY

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 8/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

WIRED OPINION

How to Protect Our Kids' Data and Privacy

WIRED OPINION

HACKER LEXICON

What Is Credential Dumping?

ANDY GREENBERG

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 9/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

SECURITY NEWS
China Distributes Spyware at Its Border and Beyond
LILY HAY NEWMAN

TECH IN TWO

Beware Location Apps, Airport Facial Recognition, and More News

ALEX BAKER-WHITCOMB

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 10/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE
P R I VA C Y

The Simple Way Apple and Google Let Domestic Abusers Stalk Victims
ANDY GREENBERG

WIRED OPINION

I Opted Out of Airport Facial Recognition—It Wasn't Easy

ALLIE FUNK

GET WIRED
FLASH SALE
SAVE 50%
SUBSCRIBE
NOW

GET OUR NEWSLETTER

WIRED’s biggest stories delivered to your inbox.

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 11/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE

Enter your email

SUBMIT

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

FOLLOW US ON YOUTUBE
Don't miss out on WIRED's latest videos.

FOLLOW

SUBSCRIBE ADVERTISE

SITE MAP PRESS CENTER

FAQ ACCESSIBILITY HELP

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 12/13
7/8/2019 The Biggest Cybersecurity Crises of 2019 So Far | WIRED

SUBSCRIBE
CUSTOMER CARE CONTACT US

SECUREDROP COUPONS

NEWSLETTER WIRED STAFF

JOBS RSS

CNMN Collection

© 2018 Condé Nast. All rights reserved.

Use of and/or registration on any portion of this site constitutes acceptance of our User Agreement (updated
5/25/18) and Privacy Policy and Cookie Statement (updated 5/25/18). Your California Privacy Rights. The
material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with
the prior written permission of Condé Nast. Ad Choices.

https://www.wired.com/story/biggest-cybersecurity-crises-2019-so-far/ 13/13