Cybersecurity breaches have become more uncontrollable and vulnerable than ever. Many ransomware attacks have created headlines in 2021, including attacks on JBS Foods and Colonial Pipeline.
Ransomware has increased by 62% since 2019, according to SonicWall’s Cyber Threat Report 2021. Considering how complex and difficult it has become to detect cybersecurity attacks, this number is predicted to rise further.
In addition to all of this, cybersecurity attacks have become even more sophisticated, and dangerous than in the past.
Let’s explore the 10 major cybersecurity threats that arose last year in 2021:
- Colonial Pipeline
In May 2021, a cyberattack took place on Colonial Pipeline, which is the largest fuel pipeline in the United States, resulting in a disruption of fuel supplies for several days in 12 States along the East Coast of the US.
The cyberattack affected the system responsible for managing the pipeline, which originates in Houston, Texas. The result was chaos and panic in the nation as millions of people had to queue for fuel.
To prevent further damages from occurring, Colonial Pipeline Company had to shut down all its operations. Hackers were paid $4.4 million in bitcoin by the company, with help from the FBI.
By keeping track of cryptocurrency movements and digital wallets, the FBI was able to recover a large part of the ransom payment a month after it was paid.
- Acer
The same hackers who attacked Travelex, a foreign exchange firm in London in 2020 also attacked the leading Taiwanese hardware and electronics company Acer with Ransomware. As a ransom, the hackers demanded 50 million dollars from Acer.
The media reported that REvil hackers hacked into Acer’s network by exploiting a vulnerability in a Microsoft Exchange server that had previously been used to access 30,000 US government and commercial emails.
A number of stolen files were also published on the internet, including images of financial spreadsheets, bank balances, and bank communications. However, the company did not confirm whether or not they paid the ransom demanded by hackers.
- JBS Foods
In May 2021, there was another major attack that targeted JBS Foods, one of the biggest meat processors in the world. It is believed that the same hacker group, REvil, is responsible for this ransomware attack.
As a result of this attack, operations in Australia, Canada, and the United States were temporarily closed. Despite this, the government informed consumers not to panic about buying meat and the attack didn’t cause any major shortages.
After consulting with cybersecurity experts, JBS paid hackers $11 million in ransom to stop further disruptions.
- CNA Insurance
CNA, one of the nation’s largest insurance firms, experienced a critical cyberattack in March 2021, which resulted in the suspension of trading for a limited period of time. CNA’s network was hacked by the attackers, resulting in the encryption of 15000 devices even including devices that were used by their remote employees.
It is estimated that 75,000 employees’ data has been compromised by this ransom attack. Among the information collected were health benefits information, Social Security numbers, contractor workers’ name, former and current employees, as well as their dependents. In addition to disrupting network operations, specific systems like email were affected by the attack.
This attack was believed to have been carried out by the Russian cybercrime group Evil Corp. In forensic analyses conducted by third parties, it was revealed that a new kind of ransomware known as Phoenix CryptoLocker had been created and used for this attack.
The media reported that CNA Insurance had agreed to pay a ransom of $40 million in order to regain access to its database.
- Brenntag
DarkSide, the same hacker group responsible for the Colonial Pipeline attack, targeted a chemical distribution company in Germany called Brenntag in early May 2021, around the same time the Colonial Pipeline cyberattack occurred.
DarkSide stole 150 GB of data and published a data page including screenshots of a few documents and a detailed description of the stolen information. Darkside demanded a ransom of $7.5 million in bitcoins. Brenntag, however, managed to negotiate the ransom price and settle for $4.4 million.
- AXA
Avaddon ransomware group attacked the European insurance company AXA in May 2021. The attack occurred in response to the company publishing a significant change to its cyber insurance policy that excluded ransom payments from its coverage.
This ransomware attack occurred shortly after the company published a major update to its cyber insurance policy, which no longer covers ransom payments.
In a statement issued on May 18, AXA announced that they had been hit by a ransomware attack that affected their operations in Hong Kong, Philippines, Thailand, and Malaysia.
The hackers accessed 3TB of massive data from Asian operations of the company, thus making headlines back then.
- National Basketball Association (NBA)
Businesses and organizations from all kinds of industries were hit with ransomware in 2021. NBA (National Basketball Association) also made it on the list.
The hacker group Babuk announced that they had stolen 500 GB of the company’s confidential information. The Babuk gang threatened to make public these confidential documents, including financial information and contracts, if NBA do not pay the ransom demanded by them.
- Buffalo Public Schools
Cyberattacks in the education industry are on the rise. Therefore, in 2021, a lot of schools were attacked by ransomware. One of these attacks took place at New York’s Buffalo Public Schools, which maintain highly sensitive information about 34000 students on their IT system.
A ransomware attack occurred on 12 March 2021, causing the entire school system to be shut down. Because of the disruption of operations throughout the district due to this cyberattack, the classes of thousands of students’ were abandoned. In addition, remote and in-person instruction was suspended for one week.
On March 15, Buffalo Schools’ Kriner Cash stated that state, federal, state, and local law enforcers, as well as cybersecurity experts, are actively investigating the cyberattack. It was not clear, however, whether any personal information had been stolen. Buffalo schools returned to normal operations on March 22.
- University of the Highlands and Islands
A cyberattack took place at the University of the Highlands and Islands on March 7, 2021. Because of this, all of the university’s research labs and colleges had to be closed.
An important aspect of the attack is the use of a penetration testing toolkit called Cobalt Strike, which is generally used for legitimate purposes. Unfortunately, no further information about this attack has been revealed by the university.
- Microsoft Exchange Server
In March, Microsoft experienced a massive cyberattack that affected millions of its clients. This attack was carried out by exploiting security vulnerabilities in Microsoft’s Exchange Server.
The operation of over 60,000 private companies and nine government agencies was disrupted by this attack. However, no further details about the attack have been released.
Conclusion
It can be difficult to stay on top of new cybersecurity threats as soon as they emerge. Since millions of hackers around the world are constantly working to find new attack strategies faster than businesses are able to update their defences, even the most robust cybersecurity system cannot provide guarantees against all attacks.
Because of this, it is critical for businesses to supplement their cybersecurity strategy with proper insurance to ensure that, even if a successful attack occurs, the damages will not result in the collapse of the business.
By using comprehensive cybersecurity measures and taking advantage of insurance, you can rest assured that you are as safe as possible.
Also Read: Cyber Security in 2019
