AXEL.org

cybersecurity

How Law Firms Should Handle Cybercrime

Law firms are extremely unique places of business. They don’t rely on releasing products, but on a specific service that requires the collection of confidential information from clients. Further, because law firms typically serve multiple clients at a time, they hold a wealth of information on both corporations and individuals. And this knowledge isn’t run-of-the-mill company fun facts; it’s the scandalous, salacious, highly-confidential information that would cause chaos if publicly revealed. 

Unfortunately, cybercriminals have realized this, and have taken decisive action. In the past few years, law firms have become a prime target for cybercriminal organizations because of their combination of valuable data and relatively lax cybersecurity. This culminated in a 2020 attack by REvil, a notorious ransomware gang, on Grubman Shire Meiselas & Sacks, demanding a USD $42 million ransom for the near-terabyte of stolen data [1]. Overall, 29% of firms recorded a security breach in 2020, according to an ABA survey [2].

It’s clear that law firms are a top target of cybercriminal gangs. Therefore, it’s important to stay informed on these gangs’ strategies, and the best ways to prevent cyberattacks.

How do Cybercriminals Attack Firms

Although cybercriminal organizations typically have “go-to” strategies, there isn’t one specific way that all law firms are attacked. Whether it be with phishing emails, malware, or even insider attacks, there are a variety of ways that law firms can be targeted. While large firms were mostly targeted a few years ago, cybercriminals have recently shifted their priorities. Due to the global crackdown on ransomware gangs, these diabolical organizations started to target small and mid-size firms, avoiding the publicity (and government attention) that an attack on large firms would bring. In fact, mid-size law firms have become the prime target for cybercriminals [3]. After all, these firms still have loads of valuable information, but likely have much less stringent cybersecurity measures.

Concerningly, fewer than half of all law firms use simple security measures like two-factor authorization and file encryption [2]. With a significant portion of firms having no cybersecurity protection beyond usernames and passwords, it’s no wonder that cybercriminal gangs have raked in money from desperate firms. In 2021, the average ransomware payment was USD $140,000, a massive figure for small and mid-size firms [3]. Unfortunately, if an unprepared firm is hit with ransomware, there is typically no other option but to pay the cybercriminals to unlock their encryption and return the stolen data. That’s why the best defense against cyberattacks is preparation.

Legal and Moral Obligations

While there is no federal law requiring law firms to have certain cybersecurity precautions, some individual states and industries do regulate firms’ cybersecurity practices. For example, firms that handle financial data may be subject to the Sarbanes-Oxley Act of 2002, a law that mandates stringent recordkeeping and reporting [4]. Further, certain states like New York and California have more cybersecurity regulations on their books. For example, New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act mandates prompt public disclosure in the event of a security breach [4]. These regulations ultimately help firms stay prepared for cyberattacks, while also serving the public interest if a cyberattack were to occur. Failure to follow these regulations could lead to investigations, lawsuits, fines, and an overall loss of public trust.

In addition to federal and state laws, law firms must also follow the American Bar Association’s (ABA) Model Rules of Professional Conduct. One rule states that lawyers must take

Reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating to the representation of a client [4].

Additionally, the ABA requires firms to reasonably inform clients about the status of a cyberattack. While the term “reasonable efforts” is certainly open to interpretation, the ABA is clear: It’s an ethical obligation for firms to prepare for cyberattacks. In today’s digital world, handling client data unsafely isn’t only irresponsible; it’s immoral.

What Can Law Firms Do?

So, we know that law firms are ethically, and in some cases legally, required to take reasonable precautions for cyberattacks. But what exactly can firms, particularly small and mid-size, do? Businesses like this simply can’t afford the cybersecurity infrastructure of large firms, with dedicated staff and numerous expensive programs. Thankfully, providing strong protection from cybercrime is simple and inexpensive.

The best way to prevent data breaches and ransomware attacks is to cultivate a culture of security in the workplace. Specifically, this means embracing simple safeguards like two-factor authorization and file encryption. Just taking these two precautions vastly lowers the risk of a successful cyberattack. Additionally, having yearly (or even twice-a-year!) training on cybersecurity risks helps create a culture of security as well. Think about it: Phishing emails are typically well-disguised. But if all employees know the difference between an innocent work email and a nefarious phishing attempt, your firm will be significantly safer.

Finally, in the unfortunate case that a firm is hit with a cyberattack, it’s extremely useful to have an incident response plan. As a cyberattack is occurring, every minute counts, and having a specific plan can be the difference between a devastating data breach and a failed attempt. If employees know what to do immediately, whether it be turning off all computers, shutting down Wi-Fi, or calling a trusted expert, firms can minimize the risk, or at least lessen the impact, of a surprise cyberattack. Unfortunately, just 34% of firms maintain an incident response plan [2]. While this is an increase from past years, this shows there is still a long way to go regarding cybersecurity at law firms.

About AXEL

Law firms will continue to be targeted by nefarious cybercriminals. Thankfully, AXEL is prepared. At AXEL, we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go, a secure file sharing software. AXEL Go uses military-grade encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Shankar, AJ. “Council Post: Ransomware Attackers Take Aim at Law Firms.” Forbes. Forbes Magazine, March 11, 2021. https://www.forbes.com/sites/forbestechcouncil/2021/03/12/ransomware-attackers-take-aim-at-law-firms/

[2] Loughnane, John. “2020 Cybersecurity.” Americanbar.org. American Bar Association, October 19, 2020. https://www.americanbar.org/groups/law_practice/publications/techreport/2020/cybersecurity/

[3] Dalton, Brian. “Law Firms Stagger through Ransomware Attacks.” Above the Law, November 2, 2021. https://abovethelaw.com/2021/11/law-firms-stagger-through-ransomware-attacks/

[4] “5 Cybersecurity Risks and 3 Obligations for Law Firms.” The National Law Review, July 8, 2021. https://www.natlawreview.com/article/5-key-data-privacy-and-security-risks-arise-when-organizations-record-job-interviews

National Technology Day: How Tech has Changed the Way We Live

What was life like twenty years ago? What technology did we use? How did we get work done in 2002? While twenty years may seem like a relatively short period of time, our everyday lives have drastically changed over the past two decades. We went from flip phones to iPhones, from CDs to music and video streaming, from printed-out MapQuest papers to instant GPS directions. In the past twenty years, modern technology has changed nearly every aspect of our lives. 

Because of the incredible technological advances we’ve seen in the past twenty years, AXEL founded National Technology Day, a holiday celebrated every year on January 6th. On National Technology Day, we encourage everyone to reflect on the advances made in business, culture, and entertainment. From maximizing efficiency at the office to sharing your own media online, technology has changed the way we live and will continue to change our lives in the future. While it’s unclear what the world will look like in twenty years, we do know one thing: Technology will continue to innovate.

With that said, here are a few ways how recent technological advances have radically impacted our everyday lives:

How Tech Changed Public Health

Undoubtedly, one of the greatest technological triumphs in public health in the past twenty years has been the widespread use of messenger RNA (mRNA) vaccines. Most COVID-19 vaccines are mRNA vaccines, and with billions of doses administered in one year, these high-tech vaccines have saved countless lives. But how are mRNA vaccines different from traditional vaccines? With an mRNA vaccine, a weakened pathogen isn’t injected into your body like with traditional vaccines. An mRNA vaccine delivers “coded” mRNA to your immune cells, and using that code, your immune cells can produce proteins that are found on the specific pathogen [1].

The development of mRNA vaccines was made possible by technological advances in the pharmaceutical industry. Although they are relatively new today, mRNA vaccines have been studied and theorized for decades. Finally, modern technology caught up with researchers, and a new soldier in the war on infectious diseases was created.

While vaccines have certainly had a massive impact on the world, they aren’t the only way that technology has changed public health. An obvious example is the rise of fitness and health trackers. Today, about one in five Americans use a fitness tracker and corresponding app [2]. With these trackers, users can track their steps taken, calories burned, steps climbed, blood pressure, sleep quality, and dozens of other metrics. While research on their effectiveness has been mixed, fitness trackers give people fun, convenient ways to check on their health [3].

How Tech Changed Education

If the pandemic taught us one thing, it’s that technology allows us to be connected, even when we can’t be physically present together. This was particularly apparent when schools across the world were closed and classes were taught online. Although there are certainly valid criticisms of e-learning, the fact that instruction was able to continue in the midst of a pandemic highlights just how much technology allowed education to evolve. Now, almost every lecture or assignment can be completed online, ensuring that education can continue even after future pandemics or natural disasters.

While e-learning is certainly new, the advancement of technology has always correlated with expanded access to education [4]. Think about it: 500 years ago, the only educational materials were books, and books were only available to the extremely well-off. However, the technological innovation of the printing press made books far more available for middle and lower-class people. Now, thanks to the Internet, there are millions of educational websites and videos available to all. Today, a student can learn calculus or biology from reliable sources on their own time, for free. While some may criticize technology for “dumbing down” our youth, it’s a simple fact: Technological progress leads to greater access to education.

How Tech Changed Business

Even before the pandemic, technology was radically changing the modern office. One of the biggest changes in the past twenty years has been the way employees share information with each other. Although email existed twenty years ago, it was certainly in its infancy, and when files needed to be shared, physical documents were printed off and delivered. Now, most documents are shared electronically, without the need for paper and ink, helping to save businesses time and money. Outside of file-sharing, even the way workers communicate with each other has greatly changed. Today, software applications like Slack make it easy for employees to communicate without anyone being left out of the loop. Technological advances have made office communication digital and instantaneous, making the necessary transition to remote work during the pandemic relatively simple.

Outside of office communication, technology has allowed businesses to increase efficiency in nearly every department. From resumé software to digital marketing, technology has greatly changed the way businesses operate. Unfortunately, this also means that the businesses that haven’t embraced technology are at risk of going under. After all, if your business doesn’t have a digital presence, such as social media or a simple website, it may as well not exist. 

Technology has fundamentally changed the way work gets done in the United States, and it’s not done changing either. In twenty years, Mark Zuckerberg’s vision of the “Metaverse” may become our everyday office. One thing is known: If it can save money, businesses will continue to test and use innovative modern technology.

How Tech Changed Cybersecurity

Twenty years ago, “cybersecurity” was little more than simply having a password. Unfortunately, as technology has progressed, so have cybercriminals. Today, features like encryption, multi-factor authorization, and artificial intelligence are the norm when it comes to cybersecurity. 

It’s no coincidence that the technological advancement of computers and their related technologies is correlated with the number of cybercriminal attacks [5].

In 2002, cybercriminals mostly utilized phishing attacks to make their money. Cybercriminals used fake emails and pop-ups to trick users into divulging their names, addresses, credit card information, or even Social Security numbers. Thankfully, most of these phishing attacks were easy to identify [5]. However, cybercriminals quickly learned even more efficient methods of making money. Today, ransomware is the main tool that cybercriminal organizations use to wreak havoc around the world. Much more efficient than individual phishing emails, ransomware can shut down an entire business, forcing executives to pay millions in order to get their data back. Put simply, as technology has advanced, so too have cybercriminals. It’s an unfortunate fact, but all hope is not lost.

While cybercriminals are taking advantage of modern technology for a quick buck, more savory organizations are also working to prioritize security. Even AXEL is utilizing modern cybersecurity technology in innovative ways to protect users. One of AXEL’s patents, US11159306B2, describes a token identification system that allows users to perform transactions privately, while making the transaction verification public. This technology prioritizes the digital privacy of users, secures the specific aspects of the transaction, and offers public verification. Patents like this are being presented, approved, and utilized every day, creating a more private, secure Internet. So while cybercriminals may be quick to exploit technological flaws, an army of individuals and businesses are ready to fight for digital security.

About AXEL

Technology will continue to advance, and our lives will become more digitized than ever before. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses military-grade encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Dolgin, Elie. “The Tangled History of mRNA Vaccines.” Nature News. Nature Publishing Group, September 14, 2021. https://www.nature.com/articles/d41586-021-02483-w

[2] “19% Of Americans Use Wearable Fitness Trackers and MHealth Apps.” Mercom Capital Group, October 13, 2021. https://mercomcapital.com/90-americans-wearable-mhealth-apps/#:~:text=According%20to%20a%20new%20survey,or%20tablet%20app%20(32%25)

[3] Marks, Adam. “Do Exercise Trackers Make You Healthier?” Ace.edu, February 16, 2021. https://www.ace.edu/blog/post/2021/02/16/do-exercise-trackers-make-you-healthier

[4] “How Has Technology Changed Education?” Purdue University Online.. https://online.purdue.edu/blog/education/how-has-technology-changed-education

[5] Acharjee, Sauvik. “The Evolution of Cybercrime: An Easy Guide (2021).” Jigsaw Academy, February 13, 2021. https://www.jigsawacademy.com/blogs/cyber-security/evolution-of-cybercrime/

The World’s Top Hacking Groups – Part 2

In Part 1 of AXEL’s feature on the world’s top hacking groups, we featured some of the leading cultivators of chaos in the world. From state-sponsored groups like Bureau 121 to leaderless hacktivist organizations like Anonymous, no two hacking groups are the same. Each organization has different personnel, goals, and methods of achieving those goals, with some more successful than others. In a way, these criminal syndicates are extremely similar to traditional businesses: If you’re financially successful, your group will flourish. If you struggle to make steady income, you’ll lose employees and, eventually, your entire company.

However, just as it is in the business world, there are some hacking groups that are seemingly too big to fail. Typically, these groups are state-sponsored, and receive oodles of cash for security purposes. While these state-sponsored groups may rarely grab headlines, these are the syndicates that truly hold the most power. After all, an independent hacker group can be taken down with a thorough investigation. A hacker group supported by a powerful nation is extremely unlikely to ever face investigations or oversight from other nations.

These four groups represent some of the most powerful hacking organizations in the world:

Cozy Bear

Cozy Bear is yet another Russian state-sponsored hacking group that focuses on attacking Western governments and media [1]. This group, however, seemingly has an intense focus on the United States. In 2014, the group hacked the State Department and the White House’s email systems, and in 2020, breached the Commerce and Treasury departments [2]. As part of Russia’s foreign intelligence service, Cozy Bear, along with sibling hacking group Fancy Bear, hacked into the Democratic National Committee (DNC) in 2016. Oddly enough, Cozy Bear and Fancy Bear were unaware of each other’s activities, and both independently hacked the political committee [3].

Although Cozy Bear and Fancy Bear both breached the DNC’s servers in 2016, Cozy Bear’s latest actions show that these hacks aren’t done for partisan purposes. In July 2021, the group breached the servers of the Republican National Committee (RNC) [4]. Ultimately this highlights Russia’s main strategy regarding cyberwarfare. The goal isn’t to make sure a certain candidate wins; it’s to undermine faith in the electoral process, thus lowering confidence in the nation itself. While Russia may have a preferred candidate every four years, it’s cybersecurity actions show a clear, nonpartisan strategy to simply embarrass the United States and decrease faith in its political processes. And Cozy Bear is just one of many groups Russia uses to further this goal.

REvil

One of the newest hacking groups in the world is also one of the most notorious. REvil is a private Russian group that makes millions from its ransomware attacks on businesses. The group initially gained attention in May 2020, when it hacked an entertainment-focused law firm and stole a number of files from the firm. REvil threatened then-President Donald Trump to release compromising documents unless the group received a massive USD $42 million ransom [5]. However, cybersecurity researchers quickly believed that this was a bluff, and no compromising documents were ever released by REvil [6].

Unfortunately, REvil’s initial failure did not deter the group. In 2021, the group was responsible for two massive cyberattacks. First, in May 2021, REvil breached JBS Foods, the world’s largest beef producer. This attack forced the company to shut down some of its food processing plants, threatening a potential beef shortage. However, just one day after the initial attack, JBS paid a USD $11 million ransom to REvil to decrypt its servers [7]. While the quick payment ensured there would be no major shortages, it showed how desperate businesses can be if hit with a devastating ransomware attack. Just a month later, REvil attacked Kaseya, a networks, systems, and IT software company. This attack shut down Kaseya’s main software, ultimately affecting up to 1,500 businesses worldwide. The impacts of this attack were felt worldwide, with a Swedish grocery store chain closed because of inoperable cash registers, and New Zealand schools being taken offline [8].

Thankfully, in October 2021, REvil itself was forced offline by a multi-country operation led by the United States [9]. While this doesn’t mean REvil will never pop up again, the crackdown on ransomware shows that even the most notorious private hacking groups can be stopped.

Chinese Cyber Operations

While not much is known about China’s cyber operations, we do know that their attacks have been effective. In 2010, China was the culprit behind Operation Aurora, an advanced, highly-sophisticated attack on dozens of American companies, including Google and Adobe [10]. In the attack, China stole intellectual property, along with access to the Gmail accounts of two high-profile human rights activists.

Following this complex cyberattack, China was accused of executing one of the worst cyberattacks of all time: The Equifax data breach. In February 2020, the United States charged four members of China’s People’s Liberation Army with the 2017 hack that leaked personal information of over 150 million Americans [11]. While the United States has no way of extraditing the four soldiers for trial, this claim highlighted the sheer power of state cyber operations groups. The Equifax hack had a profound effect on everyday Americans, and caused concern that extremely effective and damaging cyberattacks could become commonplace in the future.

In the present, China’s cyber operations have expanded. This escalation is fueled by the desire for more intelligence, particularly from the United States amid rising tensions between the two global superpowers [12]. In fact, Western governments have accused China of hacking into Microsoft’s Exchange company server. This hack affected about 250,000 organizations worldwide, allowing Chinese hackers to pilfer through company emails for intelligence. While this hack was not nearly as impactful as the Equifax breach, it highlights China’s renewed focus on gathering massive amounts of intelligence on the United States and other Western nations.

NSA Tailored Access Operations

While many of the world’s top hacking groups operate far from North America, the world’s most powerful group is undoubtedly within American borders. The National Security Administration’s (NSA) Tailored Access Operations group gathers intelligence from foreign targets by hacking into devices, stealing data, and monitoring communications. Additionally, the group develops software that can destroy a foreign target’s computer and networks [13]. The group is responsible for developing malware that targeted Iran’s nuclear program, along with regularly breaching Chinese computer networks for gathering intelligence.

The United States’ targeted surveillance capabilities should come as no surprise. After all, the NSA is well-known for its mass surveillance techniques. Tailored Access Operations is relatively similar to other state cyber operations groups: It uses targeted surveillance to gather intelligence, and uses sophisticated malware to attack its targets. Of course, because it’s the NSA, there is the possibility that the group has even more publicly unknown high-tech resources for cyberattacks. While Tailored Access Operations works in the shadows, the strength of the NSA, and the United States in general, make this group the most powerful hackers in the world.

About AXEL

Some of these powerful hacking groups will, unfortunately, continue to wreak havoc in 2022. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Meyer, Josh. “Cozy Bear Explained: What You Need to Know about the Russian Hacks.” NBCNews.com. NBCUniversal News Group, September 15, 2016. https://www.nbcnews.com/storyline/hacking-in-america/cozy-bear-explained-what-you-need-know-about-russian-hacks-n648541

[2] Nakashima, Ellen, and Craig Timberg. “Russian Government Hackers Are behind a Broad Espionage Campaign That Has Compromised U.S. Agencies, Including Treasury and Commerce.” The Washington Post. WP Company, December 14, 2020. https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html 

[3] “Bear on Bear.” The Economist. The Economist Newspaper, September 22, 2016. https://www.economist.com/united-states/2016/09/22/bear-on-bear

[4] Turton, William, and Jennifer Jacobs. “Russia ‘Cozy Bear’ Breached GOP as Ransomware Attack Hit.” Bloomberg.com. Bloomberg, July 6, 2021. https://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committee

[5] Collier, Kevin, and Diana Dasrath. “Criminal Group That Hacked Law Firm Threatens to Release Trump Documents.” NBCNews.com. NBCUniversal News Group, May 16, 2020. https://www.nbcnews.com/tech/security/criminal-group-hacked-law-firm-threatens-release-trump-documents-n1208366

[6] Vanian, Jonathan. “Everything to Know about Revil, the Group behind Several Devastating Ransomware Attacks.” Fortune. Fortune, July 8, 2021. https://fortune.com/2021/07/07/what-is-revil-ransomware-attack-kaseya/

[7] Abrams, Lawrence. “JBS Paid $11 Million to REvil Ransomware, $22.5m First Demanded.” BleepingComputer. BleepingComputer, June 10, 2021. https://www.bleepingcomputer.com/news/security/jbs-paid-11-million-to-revil-ransomware-225m-first-demanded/

[8] Satter, Raphael. “Up to 1,500 Businesses Affected by Ransomware Attack, U.S. Firm’s CEO Says.” Reuters. Thomson Reuters, July 6, 2021. https://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021-07-05/

[9] Bing, Christopher, and Joseph Menn. “Exclusive Governments Turn Tables on Ransomware Gang Revil by Pushing It Offline.” Reuters. Thomson Reuters, October 21, 2021. https://www.reuters.com/technology/exclusive-governments-turn-tables-ransomware-gang-revil-by-pushing-it-offline-2021-10-21/

[10] Zetter, Kim. “Google Hack Attack Was Ultra Sophisticated, New Details Show.” Wired. Conde Nast, January 15, 2010. https://www.wired.com/2010/01/operation-aurora/

[11] Perez, Evan, and Zachary Cohen. “US Charges 4 Members of Chinese Military with Equifax Hack.” CNN. Cable News Network, February 11, 2020. https://www.cnn.com/2020/02/10/politics/equifax-chinese-military-justice-department/index.html

[12] Sabbagh, Dan. “Experts Say China’s Low-Level Cyberwar Is Becoming Severe Threat.” The Guardian. Guardian News and Media, September 23, 2021. https://www.theguardian.com/world/2021/sep/23/experts-china-low-level-cyber-war-severe-threat

[13] Peterson, Andrea. “The NSA Has Its Own Team of Elite Hackers.” The Washington Post. WP Company, August 29, 2013. https://www.washingtonpost.com/news/the-switch/wp/2013/08/29/the-nsa-has-its-own-team-of-elite-hackers/

The World’s Top Hacking Groups – Part 1

Click here to read Part 2 of AXEL’s blog on the world’s top hacking groups

Ever since the invention of computers, there have been hackers. However, in the early history of computers, “hackers” weren’t seen as shadowy, havoc-wreaking figures, but simply as enthusiasts. These early hackers tinkered with computers, and ended up creating some of the earliest computer programs. But as computers rapidly gained popularity in the 1980s, cybersecurity cracks were starting to show, and skilled individuals took advantage. In 1989, Joseph Popp created the first ransomware device: A floppy disk sent to world health professionals disguised as medical research. When inserted, the disk locked the user’s computer, and demanded the victim mail $189 to a PO Box in Panama [1]

While this early example of hacking is easy-to-understand, modern hacking and ransomware is far more complicated, not just from a technological standpoint, but from an organizational standpoint as well. Gone are the days of individual, hoodie-clad loners furiously typing on their computers in the dark. Today, the people who carry out the world’s worst hacks are part of hacking groups. After all, hackers are smart, and realize that they can do more damage working together, rather than alone. Most of the world’s worst hacks have occurred at the hands of a few hacking organizations, committed to causing chaos around the globe.

These groups have the money and manpower to cause digital devastation on a global scale:

Bureau 121 & Lazarus

North Korea has long been a mysterious, yet aggressive nation, and its state-sponsored hacking group is no exception. Although not much is known about Bureau 121, cybersecurity experts have tied the group to the North Korean government. However, because of the country’s poor infrastructure, experts believe that Bureau 121 plans and executes its operations in Shenyang, China, a city just 100 miles from the North Korean border [2]. The organization mostly targets South Korean businesses, unsurprisingly. One of its biggest attacks was a ransomware attack on South Korea’s Hydro & Nuclear Power Company, resulting in a massive data breach.

While North Korean hackers mostly focus on their South Korean neighbors, it gained worldwide notoriety when Lazarus Group, an affiliate of Bureau 121, attacked Sony Pictures. First, the group leaked thousands of emails between Sony Pictures executives, and leaked unannounced, upcoming films from the studio. More concerningly, the group threatened to commit acts of terrorism at movie theaters unless Sony’s film “The Interview,” a comedy whose plot includes the assassination of Kim Jong-Un, North Korea’s leader, was pulled from theaters [3]. The United States quickly tied the hack to North Korea, but because of the countries’ icy relationship, no arrests have been made.

Syrian Electronic Army

The Syrian Electronic Army (SEA) was formed during the Arab Spring, a series of anti-government protests and uprisings in the Middle East in the early 2010s. It was created to protect controversial Syrian President Bashar al-Assad from Syrian dissidents during the widespread protests [4]. Interestingly, cybersecurity experts are unsure if the group is sponsored by the Syrian government, or is simply a group of pro-Assad hackers [5]. In either case, the SEA is a vehemently pro-Assad organization that has two goals: Punish media organizations that are critical of Assad, and spread Syria’s state-sponsored narrative [4].

One of the SEA’s most famous hacks occurred in 2013, when the group hacked into the Associated Press’ Twitter account and falsely reported that then-President Obama was injured in an explosion at the White House [6]. This single Tweet caused stocks to plummet, highlighting just how much damage can be caused from hackers thousands of miles away. In addition to this notable AP hack, the SEA has hacked Western media organizations, including Facebook, Microsoft, and The New York Times.

Fancy Bear

Although this group may have a cuddly name, its actions are anything but soft. Cybersecurity experts widely believe Fancy Bear to be a Russian-sponsored hacking group responsible for a variety of hacks to advance Russian interests [7]. The group has committed attacks on Germany’s Parliament, French President Emmanuel Macron, and a variety of other Western governments [8]. The group typically uses well-disguised phishing emails to gain access to restricted information.

Fancy Bear used this strategy to pull off its most daring, consequential hack: an attack that leaked thousands of Democratic National Committee (DNC) emails in 2016 [9]. The cyberattack resulted in the public reveal of thousands of DNC emails, many of which were seen as controversial or simply embarrassing. While many countries spy on others during elections, this was one of the first times a foreign country was able to successfully meddle in a United States election. Although it’s impossible to determine if the 2016 Presidential election would have been different if Fancy Bear didn’t commit the attack, this hack showed how valuable, and devastating, cyberattacks can be before elections.

Anonymous

Perhaps the most famous hacking organization in the world, Anonymous is unlike any other group. Anonymous is decentralized, with no leader or physical hub. While this may sound like a disadvantage, this organization ensures that the group can continue its activities even if members drop out or are apprehended. Anonymous is a “hacktivist” group, and does not have specific goals or enemies. However, Anonymous certainly has a broad aspiration to promote freedom of speech and diminish government control [10].

Anonymous gained notoriety during its 2008 cyberattacks on the Church of Scientology, when the group managed to shut down the Church’s website. Following this attack, the organization gained popularity around the world, expanding the group’s hacking capabilities (and potential targets). The group targeted Tunisia’s government during the Arab Spring protests, Visa and MasterCard for declining to do business with WikiLeaks, and Bank of America for its shady mortgage practices [11].

Since 2008, Anonymous has continued to attack governments and organizations that break the group’s core beliefs. However, the long-term impact of these attacks are often negligible. Anonymous’s main strategy is a distributed denial of service (DDoS) attack. While DDoS attacks are successful in shutting down websites and gaining notoriety, once the website is back up, there are few long-term effects of Anonymous’s involvement. So although Anonymous is one of the most notorious hacking collectives in the world, more organized groups are able to cause greater long-term effects with their cyberattacks.

About AXEL

Hacking groups aren’t going away any time soon. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Kelly, Samantha Murphy. “The Bizarre Story of the Inventor of Ransomware.” CNN. Cable News Network, May 16, 2021. https://www.cnn.com/2021/05/16/tech/ransomware-joseph-popp/index.html

[2] Lee, Dave. “Bureau 121: How Good Are Kim Jong-Un’s Elite Hackers?” BBC News. BBC, May 29, 2015. https://www.bbc.com/news/technology-32925503

[3] VanDerWerff, Emily, and Timothy Lee. “The 2014 Sony Hacks, Explained.” Vox. Vox, January 20, 2015. https://www.vox.com/2015/1/20/18089084/sony-hack-north-korea

[4] Harding, Luke, and Charles Arthur. “Syrian Electronic Army: Assad’s Cyber Warriors.” The Guardian. Guardian News and Media, April 30, 2013. https://www.theguardian.com/technology/2013/apr/29/hacking-guardian-syria-background

[5] Perlroth, Nicole. “Hunting for Syrian Hackers’ Chain of Command.” The New York Times. The New York Times, May 17, 2013. https://www.nytimes.com/2013/05/18/technology/financial-times-site-is-hacked.html?pagewanted=all&_r=0

[6] Moore, Heidi, and Dan Roberts. “AP Twitter Hack Causes Panic on Wall Street and Sends Dow Plunging.” The Guardian. Guardian News and Media, April 23, 2013. https://www.theguardian.com/business/2013/apr/23/ap-tweet-hack-wall-street-freefall

[7] O’Flaherty, Kate. “Midterm Election Hacking — Who Is Fancy Bear?” Forbes. Forbes Magazine, August 23, 2018. https://www.forbes.com/sites/kateoflahertyuk/2018/08/23/midterm-election-hacking-who-is-fancy-bear/?sh=5bccc7aa2325

[8] Hern, Alex. “Macron Hackers Linked to Russian-Affiliated Group behind US Attack.” The Guardian. Guardian News and Media, May 8, 2017. https://www.theguardian.com/world/2017/may/08/macron-hackers-linked-to-russian-affiliated-group-behind-us-attack

[9] Frenkel, Sheera. “Meet Fancy Bear, the Russian Group Hacking the US Election.” BuzzFeed News. BuzzFeed News, October 15, 2016. https://www.buzzfeednews.com/article/sheerafrenkel/meet-fancy-bear-the-russian-group-hacking-the-us-election

[10] Sands, Geneva. “What to Know About the Worldwide Hacker Group ‘Anonymous.’” ABC News. ABC News Network, March 19, 2016. https://abcnews.go.com/US/worldwide-hacker-group-anonymous/story?id=37761302

[11] “The 10 Craziest Hacks Done by Anonymous.” Complex. Complex, May 31, 2020. https://www.complex.com/pop-culture/2011/08/the-10-craziest-anonymous-hacks/

2021 Cybersecurity Year in Review

Throughout 2021, cybersecurity incidents have grabbed headlines across the world. Although the topic may not have been at the forefront of most people’s minds in 2021, cybersecurity has greatly affected everyone’s life in some way. From vicious cyberattacks to genuine progress on user privacy, cybersecurity has undoubtedly had a long, eventful year. And although exciting progress has been made in some areas of cybersecurity, cybercrime and other online attacks will, unfortunately, continue into 2022 and beyond.

2021 has been a long year for many, particularly for cybersecurity experts. Here are all the ways cybersecurity has changed for the better (and worse) throughout the past year.

COVID Phishing

Near the beginning of 2021, COVID-19 vaccinations became readily available to people in the United States. While this helped minimize the negative effects of the pandemic, it also offered a new opportunity for scammers. As businesses and governments began to mandate COVID vaccinations, cybercriminals responded by creating phishing emails that disguised themselves as genuine business emails [1]. From fake vaccine-record upload sites to emails from phony public health organizations, scammers used the uncertainty and anxiety of COVID to make a quick buck off of unsuspecting people.

Unfortunately, phishing emails aren’t the trick cybercriminals are using. COVID scams are coming from all angles, including texts, social media posts, and robocalls. In fact, the Federal Trade Commission (FTC) has logged over 600,000 complaints in 2021 regarding COVID-related scams. In all, these scams have cost consumers over USD $600 million [2]. And with COVID remaining in the public spotlight into 2022, these scams are likely to continue. With this in mind, it’s important to brush up on cybersecurity tips. Check out AXEL’s blog, The History of Internet Spam, to learn how to protect yourself from phishing emails, social media spam, and more.

Colonial Pipeline Attack

In May, the Colonial Pipeline, an oil pipeline that supplies much of the gasoline to the Southeastern United States, was struck by a ransomware attack. Interestingly, the cybercriminals attacked the pipeline’s billing system, rather than its operational systems [3]. Because of this, Colonial itself shut down its own pipeline, as the company would have been unable to bill customers with the ransomware. Soon after the sheer scale of the attack was realized, Colonial Pipeline paid the nearly USD $5 million ransom.

While Colonial Pipeline quickly paid the ransom, the negative consequences of the attack were felt by consumers for weeks. States from New Jersey to Texas faced severe gas shortages, causing price jumps and panic buying [4]. In all, the Colonial Pipeline attack affected millions of consumers, and caused a severe breach of trust in Colonial Pipeline. Undoubtedly, 2021’s most memorable cyberattack was a doozy.

Ransomware is Evolving

When thinking of ransomware, many people picture a single offender, causing digital chaos while hunkered in a dark basement. However, this stereotype of modern cybercriminals is far from the truth. In 2021, ransomware groups are practically businesses, regularly recruiting new hackers to join criminal enterprises. Nowadays, just a handful of organizations are the perpetrators of most ransomware attacks [5]. And these shady organizations have ransomware down to a science.

Some ransomware organizations even offer customer service help desks to help victims pay the ransom and receive the decryption key. This is possible because of skyrocketing ransom demands. In fact, the average ransom payment was over USD $310,000 last year [5]. But because there’s little action that can be taken after being struck with ransomware, businesses and firms are usually forced to pay the extraordinary cost. In 2021, cyberattacks aren’t just individuals wreaking havoc; they’re carried out by well-funded, well-organized criminal syndicates. That’s why it’s vital to stay up to date on the latest strategies to protect yourself, your business, or your firm.

Crackdowns on Russian Cybercrime

One of the most notorious ransomware organizations is REvil, a Russian-based cybercrime syndicate responsible for many of the most expensive ransomware attacks. REvil had a successful first half of 2021, attacking JBS Foods and extracting USD $11 million from the meat-processing giant [6]. However, following this attack, REvil finally began to face crackdowns from law enforcement.

In September, the FBI hacked into REvil’s servers, obtaining a universal decryption key. Even worse for the group, the FBI remained hidden even after gaining access to REvil’s information, giving law enforcement more time to prowl around the servers of the shadowy criminal enterprise [7]. With this information, the United States Department of Justice coordinated arrests against two alleged REvil members, along with retrieving USD $6 million in cryptocurrency from the group [8]. This action greatly impaired REvil’s work, highlighting the strategies law enforcement can take in the future to shut down similar criminal organizations.

The Rise of Multi-Factor Authentication

Whenever you log in to Google, Facebook, or nearly any other secure website, a password simply isn’t enough anymore. Multi-Factor Authentication (MFA) has become the norm among most sites, requiring anything from text authentication to security questions to successfully log in. While this can be a headache for some users, it undoubtedly prevents countless cyberattacks each year. After all, passwords just aren’t the same as they used to be.

In fact, Microsoft is even allowing users to simply not have passwords. Instead, the company offers a mixture of authenticators including security keys, SMS verification, and email verification [9]. While the traditional password is unlikely to go away soon, the pivot to MFA highlights the extra security measures that companies are taking to protect users (and themselves). MFA is one of the cheapest, easiest, and quickest ways to protect user privacy, and its widespread adoption is a positive step toward a more secure digital future.

What to Expect in 2022

While there have been both positive and negative developments for cybersecurity in 2021, the problems that have plagued individuals and businesses are likely to continue into 2022. Ransomware isn’t going away any time soon, even with the crackdown on REvil. Phishing emails will remain, and will simply take advantage of other current events to harm individuals. Finally, MFA will remain widespread, and will hopefully lead businesses to take even more precautions against cybercrime. In 2022, cybersecurity will remain a vital issue for businesses and individuals alike. However, if appropriate precautions are taken by all, we can make 2022 a disastrous year for cybercriminals.

About AXEL

In today’s chaotic Digital Age, hacks, data breaches and ransomware attacks are an everyday occurrence. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Hunter, Tatum. “That Email Asking for Proof of Vaccination Might Be a Phishing Scam.” The Washington Post. WP Company, September 24, 2021. https://www.washingtonpost.com/technology/2021/08/24/covid-vaccine-proof-scam-email/

[2] Waggoner, John, and Andy Markowitz. “Coronavirus Scams – Beware Fake Claims, Phony Websites.” AARP, December 6, 2021. https://www.aarp.org/money/scams-fraud/info-2020/coronavirus.html

[3] Bertrand, Natasha, Evan Perez, Zachary Cohen, Geneva Sands, and Josh Campbell. “Colonial Pipeline Did Pay Ransom to Hackers, Sources Now Say.” CNN. Cable News Network, May 13, 2021. https://edition.cnn.com/2021/05/12/politics/colonial-pipeline-ransomware-payment/index.html

[4] Bair, Jeffrey, and Javier Blas. “Petrol Shortages Sweep Us as Colonial Pipeline Remains Down.” Oil and Gas News | Al Jazeera. Al Jazeera, May 11, 2021. https://www.aljazeera.com/economy/2021/5/11/petrol-shortages-sweep-us-as-colonial-pipeline-remains-down

[5] Bajak, Frank. “Ransomware, Explained: How the Gangs That Shut down Colonial Pipeline, JBS USA Operate.” USA Today. Gannett Satellite Information Network, June 3, 2021. https://www.usatoday.com/story/tech/2021/06/03/how-does-ransomware-work-colonial-pipeline-jbs-usa-attacks-explainer/7520704002/

[6] Montalbano, Elizabeth. “JBS Paid $11m to Revil Gang Even after Restoring Operations.” Threatpost English, June 10, 2021. https://threatpost.com/jbs-paid-11m/166767/

[7] De Chant, Tim. “FBI, Others Crush Revil Using Ransomware Gang’s Favorite Tactic against It.” Ars Technica, October 22, 2021. https://arstechnica.com/tech-policy/2021/10/fbi-others-crush-revil-using-ransomware-gangs-favorite-tactic-against-it/

[8] “Revil: Day of Reckoning for Notorious Cyber Gang.” BBC News. BBC, November 8, 2021. https://www.bbc.com/news/technology-59215167

[9] Warren, Tom. “Microsoft Accounts Can Now Go Fully Passwordless.” The Verge. The Verge, September 15, 2021. https://www.theverge.com/2021/9/15/22675175/microsoft-account-passwordless-no-password-security-feature

Enron, Ethics, and the Fight for Privacy

In the modern history of business, few names are as synonymous with corruption, deceit and greed as Enron. For years, the Texas-based energy giant engaged in rampant, systematic accounting fraud, covering up massive losses through shady, illegal business practices. After years of abnormally high stock prices, the massive fraud of Enron was uncovered in 2001. Following these revelations, on December 2, 2001, Enron filed for bankruptcy. It was a swift downfall for a formerly massive energy corporation. However, many executives and insiders were aware of Enron’s deceptive accounting practices before the public knew, and took decisive (and illegal) action[1].

In mid-2001, Enron announced a massive USD $638 million loss in its third quarter, shocking investors. Following this report, accountants at Arthur Andersen, Enron’s auditor, began shredding documents related to the fraud[2]. Andersen did this to hide Enron’s documents from the Securities and Exchange Commission (SEC). However, revelations of this illegal shredding came out quickly, and Arthur Andersen, the company itself, was convicted of obstruction of justice. And because the SEC did not allow felons to hold Certified Public Accountant (CPA) licenses, this ruling effectively put Arthur Andersen out of business, costing 85,000 innocent employees their jobs[2].

Arthur Andersen’s illegal paper shredding was one of the most infamous aspects of the Enron scandal, highlighting how far the auditing agency went to protect its client. Unfortunately, this illegal act caused tens of thousands of innocent employees who knew nothing about Enron’s blatant fraud to lose their jobs. However, there’s more to the story than just deception and fraud. Enron and Arthur Andersen’s actions highlight just how important ethics are when handling clients’ documents.

AXEL’s Layers of Protection

Here’s the thing: Protecting your clients and their privacy isn’t an inherently bad thing. After all, that’s exactly what a business should do for its customers. Arthur Andersen, unfortunately, just went way too far, breaking laws and ethics to protect its client. A business ought to do everything in its power to protect its client, while also upholding the law and ethics. And that’s exactly what AXEL does. In fact, AXEL even “shreds” documents too, but we do it to protect you from cybercriminals, not the feds.

Whenever you use AXEL’s network, your documents are split up into digital shards and sent to dozens of different servers across the world. This shredding technique keeps your files safe because even if a hacker compromises a single server, they don’t have access to the full file. This means your file remains whole for you, but separate and illegible for any potential cybercriminals. It’s a vital part of AXEL’s decentralized technology, giving users another layer of protection against cybercrime.

Privacy isn’t the Problem

When Arthur Andersen shredded Enron’s documents, that was an explicitly illegal and unethical act. The accounting firm knew that Enron’s numbers were fudged, and were trying to cover their tracks, as well as Enron’s. However, the problem with Arthur Andersen isn’t what they did. It’s why they did it. Doing everything to keep your client’s files private is perfectly ethical. Doing everything to keep your client’s files private because you know they committed illegal acts is absolutely unethical. So what can we learn from Enron and Arthur Andersen’s actions? Well, if you commit illegal acts, you’re probably going to get caught. But more importantly, there’s nothing wrong with desiring privacy.

For years, anti-privacy activists and lawmakers have repeated a slogan: “If you have nothing to hide, you have nothing to fear.” This Orwellian saying has especially gained popularity in today’s era of mass surveillance, where nearly everything we do is being recorded in some form. Taking a walk outside? There will be cameras to keep an eye on you on street corners. Staying in to go online shopping? Your computer will remember every single search and click. With surveillance taking place inside and outside our homes, it’s easy to forget how much we’re being tracked by governments, businesses and advertisers. With the sheer amount of surveillance occurring in our everyday lives, who can blame anyone who is searching for more privacy?

However, just because this surveillance is happening doesn’t mean it has to stay this way. At AXEL, we believe privacy is a human right. That’s why all of our products and technologies are made with one focus in mind: Privacy. Nearly every popular online space is controlled by a few megacorporations that have shown time and again that they don’t care about privacy. They collect data about you, track you, and know every detail about your life. However, this bleak reality doesn’t have to be our future as well. A better, more private digital future is possible. And AXEL is leading that charge.

Keep Your Clients Safe (Legally)

Whether it’s a small business, massive corporation or mid-sized law firm, it’s their responsibility to protect their clients. Of course, that responsibility ends once a client asks you to break the law like Enron, but a business or firm ought to do everything to protect its customers. And in today’s digital age, protecting customers means protecting them online as well. From ransomware to data leaks, there are a variety of digital threats that are ever-present. Clients and customers don’t only give money to a business; they give them their trust as well. It’s up to businesses and firms to uphold that trust by recognizing digital threats and taking appropriate precautions.

One way to take action is to use AXEL Go, the innovative, secure file-sharing software. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file sharing storage software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. There are a variety of cloud storage options available to businesses and individuals, but none can match the security and simplicity of AXEL Go. If you’re ready to take back your data security, get two free weeks of AXEL Go here.

[1] Bondarenko, Peter. “Enron Scandal: Downfall and Bankruptcy.” Encyclopædia Britannica. Encyclopædia Britannica, Inc., November 30, 2021. https://www.britannica.com/event/Enron-scandal/Downfall-and-bankruptcy

[2] Dowell, Steve. “The Decline and Fall of Arthur Andersen.” ToughNickel. ToughNickel, February 24, 2015. https://toughnickel.com/industries/The-Decline-and-Fall-of-Arthur-Andersen