A lot of stuff has happened in the past year, especially in the tech world. It seemed like every time you turned your head in 2021 there was a new digital disaster unfolding: Sensitive data was leaked, ransoms took networks offline and plain old fashion gender discrimination cases have all rocked the tech world in the past 12 months.
Sure, there’s been good stuff, but it was far easier to come up with this one than the former. Basically, it’s been a rough year.
You may have missed some of these items, but it’s more likely you’ve heard about each one. They were hard to miss, even among the other stories that kept us on edge this past year.
The Colonial Pipeline attack
When the Colonial Pipeline Company was forced to shut down its operations due to a ransomware attack in May, a good portion of the east coast of the U.S. was left worrying about running out of fuel, giving us one of our first real pictures of what it looked like when the threat of cybercrime spilled over into the physical world.
The attack was an eye opener that not only highlighted how dangerous ransomware could be, but also how vulnerable essential infrastructure was to attack.
To make matters worse, think about how secure infrastructure should be, and then think about yours: Are you ready for an attack like that?
In other ransomware news, it’s everywhere
As the Colonial Pipeline attack showed us, ransomware is a serious threat to everyone everywhere, even those who don’t make much use of technology: If it can affect infrastructure, it can affect everything.
To make matters worse, ransomware accounted for 69% of all attacks involving malware in Q2 2021, a 30% leap from the same period in 2020. We’ve entered the ransomware age.
Governments, medical and industrial companies, scientific institutions and educational facilities are at the highest risk of being attacked by ransomware, but they’re not the only ones who need to worry.
On a positive note, ransomware actors seem to like leveraging known security vulnerabilities, so keeping your systems updated should go a long way toward reducing your attack footprint.
Bitcoin sets the world on fire
Yeah, Bitcoin is hot this year, but that’s not what I mean: I’m talking about the massive energy and carbon footprint that has bloomed up as the Bitcoin network continues to grow. We’ve finally started to pay attention to it in 2021, with Elon Musk calling its energy consumption “insane,” and calling into question its usefulness (neither Tesla nor Musk have divested themselves of Bitcoin holdings).
It’s true that Bitcoin uses an absurd amount of energy, and 2021 was the year that it truly skyrocketed, rising from somewhere around a 77 TWh/year forecast in the beginning of the year to more than 200 TWh/year by December 25. At this point, the Bitcoin network is burning through the same amount of power and fuel as some medium-sized countries, and an individual transaction eats up more power than an average U.S. household uses in 70 days.
Bitcoin, and other cryptocurrencies, need something big, like a transition to proof-of-stake, if they’re going to survive a larger global transition to greener energy.
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
SolarWinds attackers keep hacking
In late 2020, a group of what is now believed to be Russian state-sponsored hackers broke into government systems by exploiting flaws in SolarWinds’ Orion network management software. It was a sophisticated attack that leveraged deep-level vulnerabilities and it left the cybersecurity world scrambling.
The team behind it didn’t let up, and is believed to be responsible for a series of phishing attacks against government agencies and NGOs in May, and attempts it made to impersonate cloud service resellers in a bid to gain access to customer IT systems in October.
The group behind the attacks is known as Nobelium, and it’s just the latest in a string of government-sponsored attacks against IT infrastructure and companies in foreign countries. It’s unlikely to be the last group either, so continue to be on guard, especially if you do work in an affected industry. You may not think it, but your organization could serve as an unnoticed way in for dangerous attackers.
The chips are very, very down
It’s been a rough couple of years for anyone who manufactures products that make use of semiconductors. Unfortunately, that means mostly everyone in the modern world.
The chip shortage that started as a result of COVID-19 supply chain interruptions continues on unabated, leaving countless products deprived of essential components.
The big problem with the semiconductor industry is how rigid it is, and needs to be: Material costs are high, products are made-to-order and sudden interruptions in the supply chain can lead to years of delays, as we’re experiencing now.
Predictions as to an ending vary, but expect us to operate in some sort of shortage until at least mid-2023 or early 2024.
Exchange gets pwned
If there are a few stories duking it out for the title of worst of the year, the four zero-day Microsoft Exchange server vulnerabilities discovered in March are definitely a contender.
The quartet of exploits came to light when attacks by a Chinese state-sponsored actor known as Hafnium were detected targeting on-premise Exchange servers with the primary objective of exhilarating sensitive or otherwise valuable data.
Patches for this exploit have been released, so anyone responsible for a machine running Exchange Server 2013, 2016 or 2019 should be sure those patches are applied. If you don’t install them and get hit you’ll only have yourself to blame.
NFTs: You’re buying nothing, but someone’s gaining
If you read my previous article on the best tech of 2021, you might be confused to see NFTs here, because they’re in there, too.
The concept of the NFT is great: They’re unique tokens that live on a blockchain and can be tied to anything, which gives them plenty of potential applications. So far, the only application to gain steam has been yet another speculative market akin to the one surrounding Bitcoin.
NFTs have largely been used to sell digital artwork and other collectible items by ostensibly naming the NFT the “original” digital item. In most cases, buyers don’t get any form of copyright control or reproduction rights—that usually stays with the creator or seller.
So, what are you buying when you buy an NFT? Nothing. How much are you spending? Potentially millions. An NFT could rise in value, or it could turn out we all decide they’re just as valuable as beanie babies, Troll dolls or Tomagotchi.
SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)
AWS crashes … and crashes … and crashes
We’ve come to rely on the cloud in a relatively short amount of time, and we became even more dependent on it thanks to the COVID-19 pandemic. It’s supposed to be stable, but Amazon’s AWS hosting service, which accounts for a significant portion of the sites on the internet, just kept going down in December. As of publication, AWS has had three outages in December, bringing business to a halt for its customers at an incredibly crucial time.
Digital transformation initiatives compressed from years to weeks due to the pandemic, and an ever-increasing number of companies going cloud native means we’re pushing our infrastructure harder than ever. AWS, arguably the leader in all things cloud, isn’t scoring any points with its customers with continued outages. If it doesn’t step up its game in 2022 others will surely try to take its place.
Facebook has had a YEAR
It’s been a rough year for Facebook, and that’s putting it lightly. 2020 was bad, too, and a lot of the public ire that Facebook incurred in 2021 was sewn in an already fertile bed fertilized with last year’s data privacy scandal.
Don’t get me wrong: Facebook’s rough year has been entirely of its own making. The biggest story, Facebook product manager Frances Haugen’s whistleblowing, opened up some deep closets full of dirty laundry that Mark Zuckerberg would likely rather stayed closed.
Haugen came to the public armed with a trove of over 1,000 pages of internal documents that revealed Facebook’s awareness of the problems it stoked by allowing misinformation to spread and failing to police content.
Meta’s new goal seems to be all about creating a digital “metaverse” where it sees humans working and playing in a digital world of Facebook-based, er… “Meta”-based virtual reality.
It remains to be seen if Facebook/Meta has enough brand capital to succeed in the face of so much recent negative publicity.
We learned how far we still have to go on equality
It’s not exactly a secret that the tech industry has long had a problem with gender equality. Women in tech regularly say they’ve experienced sexism first hand, and studies have found for some time that women continue to make less than men doing the same work.
To make matters worse, the COVID-19 pandemic has hit women in the tech sector particularly hard, with many saying it has caused a regression of gender roles that has set women’s advancement in the industry back by decades.
To wrap it all up with a not-so-pretty bow was the revelations that came out of World of Warcraft publisher Activision Blizzard that showed a pervasive culture of sexism and gender discrimination, which is putting it lightly.
There are a lot of ways that the tech industry has been made to reflect on itself in the past couple of years, and this issue is no different.
Shareholders are now suing Activision Blizzard for economic damage incurred as a result of withheld information, all while four Blizzard employees have mounted a lawsuit alleging discrimination and hostility at work. Oh, toss an SEC investigation into the allegations onto the pile, too, and players unhappy over both the company situation and what they see as poor storytelling in World of Warcraft leaving in droves.
All of the blowback Activision Blizzard is getting feels like the first example of a mega corporation being driven to dire straits as a result of the poor behavior of its leadership team. Those who allow, perpetrate or ignore bad behavior at major corporations should keep a watchful eye on these proceedings and their outcome.