2019: trends and breaches
27.12.2019
Back to blog listThere haven’t been fundamentally new technologies this year, the market hasn’t moved off the beaten path: data transfer speeds increased (5G and WiFi 6th generation/802.11ax), the promptness and volume of processing (Big Data and deep analytics) were augmented.
For example, unmanned vehicles. Although they hold the attention of investors, manufacturers are bogged down with development process. Unmanned vehicles, air taxi, and drones for agricultural purposes were tested, but these are mainly prototypes. It’s not enough for mass deployment.
Self-driving cars implementation is based on deep learning for computer vision. Gartner predicts that by 2022, 30% of all cyberattacks will be aimed at spoiling data for neural networks and stealing ready-made machine learning models. Such vehicles can suddenly begin to take pedestrians for other objects. And it’s not about financial or reputational risk for manufacturers, but about people's life and health.
Customers can’t even imagine possible attack scenarios but feel there’s a risk there: they don’t trust unmanned vehicles. And the question is still not resolved in the legal field: whose fault is it if people suffer from a smart car?
The same goes for blockchain technology. Although blockchain was considered the safest method for securing online transaction, investment in such projects has dropped. Resource cost is among the reasons. The technology needs to be tailored for the infrastructure, and besides, it consumes a lot of electricity. But the main problem is the lack of regulation: there are no technical standards and legislative framework for the implementation of the blockchain anywhere in the world yet.
This autumn, experts have counted 5183 data breaches around the world compromising 7.9 billion records, and 2019 was claimed to be the worst in the history of data leakage.
The focus has been shifted onto human factor and compliance making businesses and organisations think about a concept which would reduce risk brought by human error, insider malicious behavior and third-party risk.
How was the data breached?
Yahoo
About 6000 accounts were breached by a former Yahoo employee searching for the sexual content of users among who there were his friends and colleagues. He accessed internal Yahoo structures and managed to intrude into Facebook, Gmail, iCloud and DropBox accounts and access user private data.
DoorDash
4.9 million DoorDash customers were exposed by a third party service provider and about 100,000 delivery drivers had their license numbers leaked.
Google and Apple
Google and Apple suspended reviewing of audio recorded by voice assistants for recognition enhancement. The reason for such news – the increased number of incidents occurring due to employees who misuse the procured personal information listening to private conversations.
Deutsche Bank
About 50 former employees could still access their email after being dismissed several weeks ago. According to the Financial Times one Deutsche Bank trader has already sent almost half a thousand emails although he quit the company some time ago.
Magnasoft Consulting
3 employees of Magnasoft Consulting India took confidential data and quit the job.
Zhaoping
About 160,000 CVs were copied from Zhaoping – China’s most popular recruitment platform – for further selling on the e-commerce platform Taobao by ex-employees.
Equifax
The violator of trading policies took advantage of the massive Equifax data breach and sold Equifax shares infringing trading procedures and regulations.
McAfee
Three former employees are accused of the theft of trade secrets which were taken to Tanium, their next place of employment.
Desjardins
The data of 2.7 million individuals and 173,000 businesses has been leaked by an insider – a Desjardins employee who has been fired since.
KPMG
The offenders were taking part in a fraudulent scheme which was plotted to assist KPMG, one of the Big Four audit firms, with passing the upcoming inspections. The results of these inspections go to the U.S. Securities and Exchange Commission.
The incidents have been shortlisted as the year was strikingly generous generating data leaks.