Since 2018, along with colleagues first at VICE Motherboard, and now at TechCrunch, I've published a year-end list highlighting the best cybersecurity stories reported by other media outlets. Cybersecurity, surveillance, and privacy are huge topics that no single publication can effectively cover on its own. Journalism by definition is a competitive field, but also a very collaborative one. This is why it sometimes makes sense to refer our readers to other publications and their work to learn more about these complex and widespread rhythms.
Without further ado, here are our favorite cybersecurity stories of the year, written by our friends at rival outlets. – Lorenzo Franceschi-Bicchierai.
In one of the largest and most brazen mass hacks in recent history, hackers this year attacked hundreds of unsecured cloud storage accounts hosted by cloud computing company Snowflake, which is backed by some of the world's biggest companies. technology and telecom in the world. The hackers then held a large amount of stolen data for ransom. One victim of the hacks, AT&T, confirmed it lost the call and text records of “almost all” of AT&T's 110 million customers in the breach, accounting for more than 50 billion call and text records.
Days after AT&T went public with news of its breach, freelance security reporter Kim Zetter broke the news that AT&T had weeks ago paid a hacker $370,000 to wipe the vast cache of stolen phone data and not publicly published data. Zetter's reporting revealed a major piece in the puzzle of who was behind the hacks — at the time known only as UNC5537 by Mandiant — and who were later identified as Connor Moucka and John Binns and indicted for their roles in the massive thefts. from Snowflake client accounts. – Zack Whittaker.
Kashmir Hill's recent investigative report in The New York Times found that automakers are sharing consumer behavior and driving habits with data brokers and insurance companies, which use the data to raise customer rates and premiums. , a dystopian use of the driver's own information against them. For GM vehicle owners, drivers are often unaware that enrolling in its Smart Driver feature will automatically result in the vehicles sharing their driving habits with third parties. The story prompted a congressional investigation that found carmakers were selling consumer data in some cases for pennies. – Zack Whittaker.
This is just a wild story. If this story were a movie—hell, it should be—it would still be shocking. But the fact that this actually happened is simply unbelievable. Zach Dorfman did a tremendous job of reporting here. Writing about intelligence operations is not easy; by definition, these are supposed to remain secret forever. And this is not one of those stories that the intelligence community would secretly be happy to see out there. There is nothing to be proud or happy about here. I don't want to spoil this story in any way, you just have to read it. It's so good. – Lorenzo Franceschi-Bicchierai.
This isn't just a cybersecurity story, but in some ways crypto has always been a part of hacker culture. Born as a libertarian dream, it has been clear for several years that Bitcoin and all its crypto offshoots have nothing to do with what Satoshi Nakamoto, the mysterious inventor of cryptocurrency and blockchain technology, envisioned in 2008 in his founding document on Bitcoin. . Now, crypto has become a tool for the far right to use their power, as Charlie Warzel explains so well in this piece. – Lorenzo Franceschi-Bicchierai.
Bloomberg's Katrina Manson got what no one else could: Drug distributor Cencora paid a $75 million ransom to an extortionist to not release sensitive personal and medical data on more than 18 million people after a previous cyber attack. Cencora was hacked in February, but has steadfastly and repeatedly refused to say how many individuals had their information stolen — even though public filings showed over 1.4 million individuals affected and counting. TechCrunch had been following this story about the alleged ransom payment for some time (and we weren't the only ones!) after hearing rumors that Cencora had paid what is believed to be the largest ransomware payment to date. Bloomberg's Manson obtained the details of the bitcoin transactions and confirmed the ransom payments. – Zack Whittaker.
I've covered ransomware for years, and while the hackers behind these data-stealing attacks are often willing to talk, the victims of these attacks usually aren't as willing to open up. Bloomberg's Ryan Gallagher accomplished the nearly impossible by forcing UK-based delivery company Knights of Old to reveal all about a ransomware attack that resulted in the company shutting down after 158 years in business. Paul Abbott, co-owner of Knights, spoke candidly about the attack, giving readers a glimpse of the devastation wrought by the Russian-linked hacker gang. Abbott revealed how — and why — the company decided not to negotiate, resulting in the release of more than 10,000 internal documents. That leak, Abbot found, meant the company could not secure a loan or sell the company, forcing it to close its doors for good. – Carly Page.
404 Media has absolutely killed it in the year or so since it launched. There have been many great stories, but this one stood out for me. Here, Joseph Cox and other journalists took the same data set, and he smartly decided to focus on a key issue in his story: How cell phone location could help identify people visiting abortion clinics. With Donald Trump back in the White House and the Republican Party controlling all branches of government, it's likely we'll see further challenges to abortion rights and access, making this type of oversight especially dangerous. – Lorenzo Franceschi-Bicchierai.
I've been covering crypto hacks and heists consistently for several years now. It's a fascinating world full of robbers, crooks, hackers – and dense investigators. One of the most intriguing characters is a man who goes by ZachXBT. For years, he has uncovered some of the most complex crypto mysteries, hacks, thefts, scams and money laundering operations. This year, Andy Greenberg at Wired did a great job profiling ZachXBT. And even if Greenberg couldn't reveal the detective's real-world identity and withheld too much identifying information, the story painted a vivid picture of the investigator and his motivations. – Lorenzo Franceschi-Bicchierai.
Wired's Andy Greenberg got the scoop on another major Chinese-backed hacking campaign. The eye-opening report, published in October, reveals how researchers working for Chengdu-based cybersecurity firm Sichuan Silence and the University of Electronic Science and Technology of China spent years researching vulnerabilities in Sophos' firewalls. The vulnerabilities were then used by Chinese government-backed hacking groups such as APT41 and Volt Typhoon to plant backdoors in Sophos firewalls used by organizations around the world and steal their sensitive data . The five-year campaign, also detailed by Sophos itself, resulted in the compromise of more than 80,000 firewall devices worldwide – including some used by the US government. Following Greenberg's reporting, the US government sanctioned the Chinese cybersecurity company and one of its employees for their role in the widespread hacking campaign. – Carly Page.
The Salt Typhoon hack of US phone and internet giants will not only go down as one of the biggest cyber security stories of 2024, but also one of the biggest attacks in history. The Wall Street Journal took the story seriously, reporting in October that Salt Typhoon, a hacker group backed by the Chinese government, had penetrated the networks of a number of US telecommunications providers to access information from systems the federal government uses for court-ordered requests. authorized to intercept the network. The WSJ's blistering reporting launched months of follow-up and prompted action by the US government, which has since urged Americans to switch to encrypted messaging apps, such as Signal, to minimize the risk of their communications being intercepted. – Carly Page.
KYC, or know-your-customer checks, are some of the techniques banks and tech companies rely on to prove they're really about you. KYC involves looking at your driver's license, passport or other form of identification and verifying – to the greatest extent possible – the authenticity of the document. But while forgeries and forgeries are inevitable, generative AI models are rendering these KYC checks completely useless. 404 Media explored the underground site where “neural networks” rapidly generate fake IDs, which was a great way to expose how easy it is to generate fake IDs on the fly that are capable of enabling bank fraud and criminal laundering. money. The site went offline after 404 Media reported. – Zack Whittaker.
