It would appear SC Media’s readers are a rather eclectic bunch. Not in their personal habits, of which I have no knowledge, but in what everyone in webland found interesting on the site during 2016.
The most read stories ran the gamut from a Facebook scam that used a Brad Pitt suicide scar to entice people to click on fake Fox and NBC news articles where they would be asked for their login credentials, to the top story of the year that covered the zero-day Cerber ransomware attack on Microsoft Office 365 users that broke back in June.
But don’t feel bad for the developers of Locky, Cerber and all the other varieties of ransomware, each was well represented.
Data breaches garnered almost as much interest as ransomware with the breach at DōTERRA International in April taking top honors in that category. That breach exposed the names, Social Security numbers, dates of birth, addresses, telephone numbers, email addresses, usernames, passwords, and credit or debit card information of one million customers. While the number of people who read the story was quite high, what was more interesting was how long it remained of interest. For months after the story broke several hundred people per day were still interested in the topic.
Getting away from the nuts and bolts part of the industry, SC also saw a great deal of interest by our readers on the repercussions faced by those who were in charge when breaches or other security issues took place at their firm.
One story that played well in 2016 and may prove to be a harbinger of things to come was the sacking of Walter Stephan, CEO of the Austrian aircraft parts maker FACC which lost about €40 million pounds when it was victimized by a whaling BEC attack. So far it has been rare for a major firm to depose a CEO due to a cybersecurity breach, but with corporate attacks increasing in number and sophistication it could be one way boards show their shareholders that they take cybersecurity seriously. One positive result has been the growing inclusion of CISOs on boards as SC Executive Editor Teri Robinson wrote about earlier this week.
The Wells Fargo Bank situation was a bit different as its employees used customer information to create false online accounts in order to meet corporate sales goals, thus exposing that information to unauthorized individuals. In the end, the results were the same. Not only were 5,300 bank employees fired over the situation, but CEO John Stumpf quickly announced his retirement after the breach became public. Unlike the regular staffers let go, Stumpf did not have to worry about paying his bills ad he owned $41 million in stock and took home a salary of $19 million in 2015.
Scams similar to the one that took down Stephan were also popular over the last 12 months with many readers drawn to a phishing campaign centered on fake Paypal consumer emails and another that targeted USAA members.
Mirai and Yahoo will also help keep everyone interested right up until the ball drops, with the former exposing the danger that Internet of Things devices will pose going forward and the latter showing that even huge, supposedly tech-savvy firms can be cleaned out by cyber criminals.
And SC’s Honorable Mention list for the year certainly includes SWIFT, Hillary Clinton, Donald Trump, the DNC and the Pentagon.