Hackers launched over 133,000 cyber-attacks against the G20 network at a recent meeting of world leaders in China, according to security vendor NSFOCUS.
The firm was hired by China’s Ministry of Public Security to provide round-the-clock protection for the event, which is always a honeypot for nefarious online activity.
In total, it defended 133,254 attacks on the G20 network, and a further 1.9 million attacks against organizations which provide services to the summit.
Stepping stone attacks targeting third parties as an easier route into an organization are a commonly used tactic. Contractors were compromised to infiltrate the Office of Personnel Management (OPM) and retailer Target, leading to the breach of tens of millions of records.
There were 169,919 web attacks on G20 and G20-affiliated networks and 1,984 DDoS attacks, according to NSFOCUS.
What’s more, the vendor found 611,356 vulnerabilities, of which 190 were high-risk, prior to the summit, highlighting the importance of web scanning and effective patch management policies.
“Securing an event of the size and prominence of G20 is an enormous undertaking. Cybercrime is evolving with hackers moving beyond traditional attacks to more advanced threats, and geopolitical conferences are always an ideal target for malicious activity,” explained the firm’s SVP of global threat research, Richard Zhao.
“In order to combat these threats and ensure the security of the summit, NSFOCUS took a holistic approach and implemented an integrated and layered security solution to protect the G20. As a result, the event carried on as planned, and the striking number of incoming attacks did not disrupt activities.”
The G20 is always a big target for hackers, attracting hacktivists out to make a point and state-sponsored operatives looking for geo-politically important information which could give their employers an advantage at the negotiating table.
But sometimes employees at the event are their own worst enemy.
At the Brisbane summit last year a hapless member of staff accidentally exposed the personal information of several world leaders including Barack Obama, Angela Merkel, Xi Jinping, David Cameron and Vladimir Putin, by emailing them to an unintended recipient.