With each year come extraordinary new technological innovations. Some of the most creative ones, unfortunately, come from the minds of online attackers. Others help IT teams solve some old problems, but create new ones. But after every year, good basics never lose style.
2021 was no different. Here’s a look at some of the most devastating attacks, outages, and cyber resiliency failures of the year, and the lessons we should (but probably won’t) learn from them.
Beware of misconfiguration. (And segment your networks, please.)
For six hours on October 4, Facebook, Instagram and WhatsApp darkened. Was it a sophisticated cyber attacker orchestrating a complex denial of service? No, it was a simple routing protocol misconfiguration issue, exacerbated by the sudden lack of network segmentation.
Beware of “valid configuration changes” sometimes too.
June 8 Reddit, New York Times, Amazon and other major websites are down due to outages on Edge Cloud Platform Fastly. Triggered “Undetected Software Error” by changing a valid client configuration. According to Fastly, the deployment of the software in May triggered a bug that could have been, and triggered, by a normal, valid configuration change made by a single customer.
AWS is “too big to fail” and that’s too bad.
Speaking of cloud outages, Amazon Web Services experienced three outages in December alone. On December 7, a particularly bad power outage disrupted large swaths of the internet for more than seven hours. It affected EC2 and other AWS services, causing disruptions and downtime for major AWS customers – such as Netflix and Disney Plus – as well as Amazon’s own services, such as Alexa and Ring, and its packet delivery management. Sid Nag, vice president of cloud services and technology research at Gartner, told InformationWeek’s JP Ruth: “This was one of the largest operations since AWS began running the business.”
The incidents raise questions about the reliability and resilience of the cloud and how AWS and other major technology companies are held accountable for maintaining their infrastructure.
Tricky patching program. Make it easier.
Complexities in the IT supply chain continue to make software debugging more difficult. The 2020 holiday season for security professionals, and much of 2021, has been inadvertently devastated by malicious security updates that Solarwinds runs. A year later, another holiday was destroyed, this time with a vulnerability in widely used third-party code.
Security cannot protect you from ransomware attacks.
The ransomware attack on Colonial Pipeline in May showed that risk assessments of companies could lead them to decide to swallow their pride and pay a ransom. It also showed that when pressed, people would pour gasoline into plastic shopping bags and that electronic insurance companies were tired of carrying the bag to pay multi-million dollar ransom. As Richard Ballardi wrote for InformationWeek in October, “cybercriminals have noticed that electronic insurance itself is a potential source of income, sometimes hacking insurance companies looking for their client lists – a rich source of targets. This responsibility, of course, passes on to the client.”