Thursday, August 18, 2022

Biggest Cyberattacks of 2021

2021 came, and with it came the wave of emerging technologies in various sectors, be it medical, sustainability, blockchain technology, and much more. And while 2021 wasn’t as intense as its predecessor, the year still brought with it some challenges that were quite an ordeal to overcome, or even avoid, for that matter. With this year came some of the most extensive cybersecurity infiltrations up to date. So, let’s guide you through some of the biggest cyberattacks of 2021.

A cyber breach is the most effective way for hackers to obtain what they seek by accessing an organization’s networks by targeting information systems’ infrastructures, computer networks, or personal computer devices. This occurs by employing diversified types of cybersecurity attacks to steal, change, or even damage data or information systems.

Cyber breaches on some major global organizations have left companies and governmental entities questioning their ability to safeguard their cybersecurity infrastructure and protect their consumers’ and employees’ data.

Throughout 2021, cybercriminals worldwide made it their mission to exploit any security weakness of any organization for their vendetta, be it for cryptocurrency ransoms, or to access and obtain data – the most precious asset of our time.

According to Identity Theft Resource Center (ITRC) research, the accumulative number of cyber breaches through September 30, 2021, already surpassed that of 2020 by 17 percent, “with 1,291 breaches in 2021 compared to 1,108 breaches in 2020,” according to Security Magazine.

While a cyber security breach is mainly directed at organizations hackers are targeting, and the damage is not confined within the borders of the company or agency, consumers are also affected given their data is being accessed and used as collateral for cybercriminals to get what they want.

So, let’s dive right into 2021’s recent cyber security breaches.

Kaseya

In July, a ransomware group that goes by the name REvil gang caused one of the most memorable cyber heists of all time. By manipulating a flaw in Kaseya’s on-premises virtual storage appliance (VSA), remote monitoring, and management tool to encrypt data and seek payment from almost 1,500 of Kaseya’s end-user customers.

The cyber security breach weaponized REvil with the needed means to take advantage of the VSA’s basic efficacy to deploy ransomware to customers. The breach paralyzed more than 36,000 managed service providers (MSPs), with no access to the company’s VSA product for almost ten days.

As for REvil, the cybercriminal group demanded the heftiest ransom in the history of cyber-attacks. On July 4, the group asked for $70 million to deliver the universal decryptor key for all the victims exposed to the cyber security breach.

However, Kaseya never ended up paying the ransom money and nineteen days after the breach, it gained access to the key, which in return – with the help of Emsisoft – helped it in unlocking customers’ ransomed files.

Acer

In March, the same group responsible for the Kaseya breach claimed that it had also broken into Acer’s servers and accessed unencrypted data. On their official site, the infamous group publicized alleged images from its financial sheets, bank balances, and bank communications.

On March 14, REvil communicated with Acer, stating that it is willing to offer the giant a 20 percent discount if PC titan finalized the ransom payment by March 17. In parallel, the group’s affiliates revealed that they are willing to deliver a decryptor, a vulnerability report, and delete the stolen files.

After not receiving an answer from the Taiwanese giant, REvil demanded a $50 million ransom on March 19.

The Colonial Pipeline Attack

In May, the U.S. suffered from one of the most damaging cyberattacks to date. Deemed the biggest cyberattack of 2021, the colonial pipeline infiltration shut down a 5,500-mile natural gas pipeline – of one of America’s largest oil and gas companies – for five days. The infiltrators? A ransomware group known as, DarkSide.

Darkside managed to gain access into the Colonial Pipeline networks, resulting in more than 10,000 gas stations across Southeastern America running out of fuel. Following the breach’s discovery, Darkside publicly threatened to expose almost 100 gigabytes of data.

The organization ended up paying a $4.4 million ransom on May 8, hoping the money would reinstate operations for its pipeline as soon as possible. While the ransom was already paid before restoring functions, federal officials managed to retreat most of the money.

“The Colonial Pipeline attack made such an impact because the pipeline is an important part of the national critical infrastructure system. Taking the system down disrupted gas suppliers all along the East Coast of the United States, causing chaos and panic,” Touro College Illinois Cybersecurity Program Director Joe Giordano said in a statement.

CAN Financial

Chicago-based insurance company, CNA Financial, was exposed to a cyber breach in March of 2021, where thousands of employees, contractors, and policymakers’ information got exposed.

The breach directly impacted more than 75,000 personas: revealing names, private identification, and social security numbers.

The cyber security breach left behind a disruption in CAN’s network, impacting significant systems, as well as corporate email. In parallel, it flatlined the functionality of the company’s site, decreasing it to a static display.

According to CAN’s statement to the Securities and Exchange Commission (SEC), there was a high chance the company’s insurance policy might not cover the damage created by the attack.

In the end, the insurance mogul ended up paying the infiltrators a $40 million ransom by the end of March, only two weeks after a mass of CAN data was obtained and company officials could not access their network, according to Bloomberg.

Despite initially planning to disregard the cybercriminals’ demands while it pursues alternatives to re-obtain the stolen data, eventually CAN succumbed and began negotiations with the hackers, a move that placed it in some of the biggest cyberattacks of 2021.

The cyberattacks of 2021 have left businesses and governments questioning the sustainability of their cybersecurity infrastructures. Cybersecurity threats are perceived as the ever-growing enemy, exposing national and public security, and economic challenges to grave hazards.

As the world further intertwines through technology, people and communities from all around the globe connect, socialize and organize themselves through cyberspace. Cyber security breaches are subjecting organizations and governments to tremendous pressures to safeguard their data, with many establishments and federal agencies aiming to seek out the threat before it occurs.