2021 saw thousands of breaches, totaling in data and crypto losses in the millions. Last year stood out more than previous years due to notable high-profile cyberattacks involving supply chain attacks, ransomware, and just plain breaches. According to the Identity Theft Research Center (ITRC) the number of recorded data breaches increased 17% during 2021 over 2020. IBM suggests the average cost of a data breach around a total of $4 million, while Mimecast estimates the average ransomware demand against US companies is over $6 million.
A review of some of the most noteworthy cyberattacks of 2021.
CNA Financial, one of the biggest cyber insurance companies in the US, faced a ransomware attack back in March of 2021. The cyber insurance company’s employees were left stranded unable to access corporate resources after the ransomware attack. The cyberattack halted the organization’s customer and employee services for three days and forced CNA to shut down its operations to prevent any further damage.
The ransomware attack involved the theft of company data, for which the company is believed to have paid a $40 million ransom. The cyberattack utilized a new version of the Phoenix Cryptolocker malware.
Source- CNA Website
Colonial Pipeline is one of the best examples of how a cyberattack can affect day-to-day life. Criminal group DarkSide breached a fuel pipeline operator, leading to the shutdown of a major fuel supply for the eastern United States. The company paid a ransom of $4.4 million to restore its systems.
The Colonial Pipeline cyberattack is particularly noteworthy. DarkSide used stolen VPN credentials to gain access to the pipeline’s IT systems.
Another severe cybersecurity incident that took place last year was the discovery of vulnerabilities in the Microsoft Exchange Server, courtesy of Hafnium, that gave them access to the email accounts of over 30,000 organizations in the US and over 250,000 worldwide. Microsoft Exchange servers compromise was caused by a cluster of zero-day vulnerabilities that became known as ProxyLogon.
Microsoft believes Hafnium targets organizations in the US for sensitive information from different sectors, including law firms, higher education institutions, NGOs, policy think tanks, infectious disease researchers, and defense contractors, to name a few.
JBS Foods is a giant meatpacking company, they also suffered one of the more high-profile ransomware attacks in May of 2021. The attack was attributed to the Russia-based hacking group- REvil. The food company suffered an impact on operations, though there were not any crucial food shortages due to the attack. The impact set back JBS Foods by $11 million in ransom after consulting with cybersecurity experts. The ransom was paid in return for a decryption key to restore access to its systems. The massive ransom was paid in bitcoin and is one of the largest ransomware payments of all time.
The same hacker group responsible for targeting JBS Foods orchestrated attacks on Kaseya. REvil sent out fake software update messages through Kaseya’s Virtual System Administrator, leading to infiltration of both Kaseya directly, along with their customers.
While REvil claimed it encrypted one million systems for ransom, Kaseya claimed the attack compromised only 50 of their clients and 1000 businesses. The hacker group demanded a $70 million ransom in Bitcoin. The FBI came to the rescue soon after the attack and gained access to REvil’s servers, obtaining the encryption keys to disrupt the breach. Fortunately, Kaseya did not have to pay any ransom, and it was able to restore its client’s IT infrastructure.
For more news and updates, visit https://blog.excellimatrix.com/
You can also reach out to us on Facebook, & LinkedIn or Contact us directly