We Review The Major Cyber Attacks In 2021
Over the past few years, the frequency of cyber-attacks has been on the rise, and 2021 has proven no different. There have been a wealth of attacks just this year alone, enough to fill pages upon pages if we were to explore every one of them. The CSIS, the Center for Strategic and International Studies, lists over one hundred attacks, many involving high-ranking government agencies, and their list only covers up until October.
Let’s look at some of the biggest ransomware attacks of the past year.
Colonial Pipeline, The Biggest Cyber Attack In 2021
The biggest story in the cybersecurity world was the May 7 attack on Colonial Pipeline, a 5,500 mile-long pipeline system that carries jet fuel and gasoline from Houston, Texas to the Port of New York and New Jersey. The attack, which was the largest cyberattack on an oil infrastructure target in US history, was carried out by the hacking group DarkSide, which is believed to be based in Eastern Europe.
The resulting gas shortage sent consumers into a frenzy and the news was filled with accounts of people hoarding gasoline in unauthorized containers, creating several unsafe situations. DarkSide asked for $4.4 million in bitcoin in ransom, which Colonial Pipeline paid within hours. In June, the Department of Justice announced that it had recovered around $2.3 million of the ransom money, though the hackers have yet to be caught.
REvil Hacks Acer, Quanta, and Apple in Massive Cyber Attack, 2021
In March, hacker group REvil exploited a vulnerability in a Microsoft Exchange server to access the files of computer manufacturer Acer. They threatened to release financial documents and spreadsheets if the company didn’t pay a ransom of $50 million, which was the highest ransom demand to date. Acer offered to pay $10 million, which the hackers rejected.
Acer wasn’t the only company in REvil’s sights. Computer manufacturer Quanta, a major business partner of Apple, suffered a similar attack and was also hit with a $50 million ransom demand. After Quanta refused to comply, the hacker group turned their attention to Apple, releasing Apple product blueprints that they had stolen from Quanta’s servers. They threatened to release more sensitive documents, but by May the group seemed to cease the attack.
The NBA Gets Attacked By Babuk, 2021
There’s no telling who hackers will go after. Possibly the strangest target of 2021 was the National Basketball Association. A hacker group going by the name Babuk stole 500GB of confidential data on the Houston Rockets and threatened to release it if their ransom wasn’t paid. To date, no payments have been made.
Data Backup Saves CDProjekt Red, 2021
In a rare instance of a ransomware attack having a happy ending, video game developers CDProjekt Red had source code stolen by hacker group the HelloKitty gang. Fortunately, CDProjekt Red had all of the data backed up on other servers, so they refused to pay any ransom money.
Our Thoughts For Cyber Attacks in 2022
Going forward, it’s hard not to imagine cyberattacks getting even worse. There is a desperate need for cybersecurity experts. Companies simply don’t take cybersecurity seriously enough, as evidenced by how many attacks result in the companies giving in and paying whatever ransom is demanded. There’s very little pushback against these attackers because companies simply don’t have the resources to do so.
In November, Europol managed to identify and arrest five associates of REvil, who had participated in approximately 5,000 ransomware attacks. While this is definitely good news, and will hopefully result in hackers feeling a little less invincible, the focus needs to be on preventing these attacks in the first place.
Until these companies start investing in skilled, ongoing cybersecurity, expect the ransomware attacks to continue and expect companies to continue caving to the ransom demands.