U.S. is biggest cybertheft target in world as pandemic shifts people online, study finds

The United States is the largest data theft target in the world and Americans are the most likely victims, a new study has found.

The COVID-19 crisis forced more people onto unsecured Wi-Fi and exposed more data to attacks, said Nick Baker, a broadband expert at Uswitch, a price-comparison service that conducted the study.

Uswitch found more than 6 billion recorded data breaches in the U.S. since 2013, or nearly 1.88 million breaches per every 100,000 Americans. The next biggest cyber victims are South Korea and Canada with 446,129 breaches per 100,000 and 243,311 breaches per 100,000, respectively.

Mr. Baker said the U.S. tops the list because of several factors, including Americans’ high levels of internet use that means the vast majority of the population shares information online consistently. Several of the world’s largest corporations and the government, as a preeminent political power, also make the U.S. a top target for cybercriminals.

Cybersecurity experts say Americans concerned about hacks and data breaches have a multitude of options to defend themselves:

• Use high-quality antivirus software;

• Choose obscure passwords;

• Activate multi-factor authentication to log in to sensitive networks;

• Back up important information in multiple locations;

• Be mindful of what devices you choose to connect on a home network.

Still, the coronavirus pandemic made the cyberthreat environment worse.

“The sudden shift to remote and home working by companies that may not have been fully prepared to roll out said infrastructure has left many opportunities for cybercriminals to gain access to data and information,” Mr. Baker said. “Regulating employees no longer based in an office or no longer using a company intranet, for example, becomes an increasing and expensive challenge for many businesses, something which cybercriminals have looked to exploit during 2020.”

The latest high-profile victim was GoDaddy, the largest web domain registrar.

Hackers allegedly manipulated the company’s employees into handing over access of various websites to cybercriminals. GoDaddy said Monday that a “small number” of customer domains and account information had unauthorized changes.

“Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees,” a GoDaddy representative said in a statement. “We immediately locked down the accounts involved in this incident, reverted any changes that took place to accounts, and assisted affected customers with regaining access to their accounts.”

The spokesperson said GoDaddy is constantly educating employees about new security measures to take against sophisticated and aggressive attacks aimed at the employees.

Among the affected users were cryptocurrency trading platforms, such as Liquid and NiceHash, which said that GoDaddy incorrectly turned over control of their domains to malicious actors this month.

Liquid CEO Mike Kayamori wrote on the company’s blog that the access GoDaddy gave a bad actor provided the actor with the ability to change domain name service records, control internal email accounts, gained access to document storage, and “partially compromise” the company’s infrastructure.

NiceHash froze all wallet activity on its platform for 24 hours after it discovered the problem and then resumed service except for withdrawals, which it said would resume after an internal audit.