Sun Jul 04 2021
10 of the Worst Cybersecurity Attacks of 2021 and Cyber Defenses Used
The past year has been one of the most notable years in cybersecurity. It has broken all records in cyberattack statistics. The number of companies, organizations, and government agencies that experienced infiltration, data breaches, and other cyber threats have risen. Due to a sudden switch in work practices and adjustments in business operations as COVID 19 spread worldwide.
In addition, the sophistication of threats increased from the application of emerging technologies such as machine learning, artificial intelligence, and 5G, especially from greater tactical cooperation among hacker groups and state actors. There has been a steady growth in cybercrime over the last several years, and this trend appears to be continuing. Those who expected any relief from the constant stream of cybercrimes by 2021 would be in for a disappointment, as the number of attacks only increases daily.
Worst Cybersecurity Attacks Of 2021 And How They Responded
As time head deeper into 2021, it is worth exploring these worst attacks and their potential cybersecurity implications in the changing digital landscape. It can help you build your cyber defenses to defend against cyberthreats as you are making your business thrive in these challenging times.
Harris Federation
In March 2021, the Harris Federation, headquartered in London, suffered a massive ransomware attack. It was forced to temporarily shut all of the gadgets and email systems it maintains for secondary and primary academies. Over 37,000 students were unable to access their schoolwork and communications as a result of this.
The attack follows an increasing pattern of hackers accessing and targeting educational institutions and interrupting student learning, which the pandemic has significantly impacted. According to the academy, the procedures to temporarily shut down was necessary to reduce the impact of a ransomware attack that encrypted data on the schools' IT systems.
CNA Financial
One of the largest insurance providers in the United States, CNA Financial, experienced a massive ransomware assault in March this year and reportedly paid $40 million. CNA's customer and staff services were disrupted for a few days due to the cyberattack. The company was compelled to shut down to prevent additional compromise. The cyberattack made use of a new variant of the Phoenix CryptoLocker malware.
CNA announced a few days later that it had restored mail functionality, which was protected by two-factor authentication and a threat-blocking security platform. It also released the results of its forensic investigation report showing that the ransomware utilized in the cyberattack could not automatically transmit over internal and external networks.
Microsoft Exchange Mass Cyber Attack
An indiscriminate, large-scale cyberattack hit many Microsoft Exchange clients throughout the world. Threat actors were discovered to be actively exploiting four newly discovered zero-day vulnerabilities in Microsoft's Exchange Server. It has impacted several government institutions and over 60,000 private organizations in the United States alone.
Microsoft then published four essential fixes to help resolve severe vulnerabilities in Exchange Server software. It has also published security patches for the four serious zero-day Common Vulnerabilities and Exposures. Moreover, the company encouraged its clients to upgrade their systems as soon as possible with the new update.
Channel Nine
Australian broadcaster Channel Nine was struck with a cyberattack on March 28, 2021. It prevented the network from broadcasting its Sunday news bulletin and several other programs. Due to the lack of internet access at the network's Sydney headquarters, the attack also disrupted the network's publishing division. Although the station initially claimed that the outage was caused by "technical issues," it eventually confirmed the cyberattack.
According to Channel Nine, the attack was one of the most significant cybersecurity incidents on a media company in Australia's history. They also said the attack was large in scope with great potential to disrupt business, intelligent and complex. The company's IT department worked around the clock to properly restore systems, which notably impacted the network's broadcast and corporate business groups.
Florida Water System
A hacker tried to poison the Florida Water Supply by using more sodium hydroxide than required. The company uses an appropriate amount of sodium hydroxide to treat the water. Oldsmar's computer system was infiltrated by a cybercriminal, who for a brief while boosted the level of sodium hydroxide (which makes lye) from 100 parts per million to 11,100 parts per million.
Local and federal investigators tried to determine how the cybercriminal could access the computer, but no arrests have been made thus far. It has not been determined whether the attempt was carried out by a local or someone outside the area. The attempt failed, but if successful, it may have resulted in widespread poisoning. Fortunately, a supervisor recognized the malicious adjustments in time.
Acer
The global computer manufacturer Acer became a victim of a ransomware assault, resulting in a $50 million ransom demand. That surpassed the previous record ransom amount for a single entity of $32 million. Criminals suspected to be part of a criminal organization called REvil are believed to be responsible for the attack. Additionally, the threat actors published details of the hack on their website and provided some photos of the stolen material.
Accellion Supply Chain Attack
Accellion Supply Chain was the victim of a breach in its file transfer system and impacted many of its clients. Kroger, Singtel, the University of Colorado, Qualys, and the Australian Securities and Investments Commission were among the high-profile businesses that have been caught in the attack. Many confidential and sensitive data was taken from multiple firms and exposed online by exploiting weaknesses in Accellion's FTA tool.
The corporation has understated the event's magnitude, initially claiming that it affected less than 50 clients globally. However, a rapidly rising list of breach disclosures by FTA customers worldwide implies that the actual number of victims was more significant. The supplier stated that it discovered the breach in mid-December and issued a patch in less than 72 hours. A further update in February revealed that the attackers had exploited not one but numerous FTA flaws. Accellion asked FTA customers to migrate as quickly as possible to the company's newer Kiteworks technology.
Bombardier
There was a significant data breach at Bombardier, a prominent Canadian jet maker, in February 2021. The confidential data of suppliers, customers, and around 130 Costa Rican employees was compromised due to the incident. According to the probe, the unauthorized entity gained access to the data through a vulnerability in a third-party file-transfer application. In addition, the stolen data was made available for download on the Clop ransomware gang's website.
The breach revealed third-party information entrusted to Bombardier, emphasizing the need for end-to-end supply chain integrity. However, it is worth noting that Bombardier's preventive countermeasures helped contain the attack. While the company did not disclose the type of infrastructure equipment that was penetrated, the device in question is likely the Accellion FTA. It is a file-sharing web server that enterprises may share huge files with customers and employees that is included in this list as well.
University Of The Highlands and Islands
The University of the Highlands and Islands (UHI) was the subject of a cyberattack recently. It forced the university to close all 13 colleges and research institutions to students for a day. Security experts discovered that the attack was carried out with the help of Cobalt Strike, a penetration testing toolkit commonly used by security researchers for legitimate purposes. That is just the latest in a string of cyberattacks on the education sector. According to Hefestis, a technology and information services group that works with Scottish colleges and universities, the incident is thought to have originated in Eastern Europe or the Baltic region. Furthermore, it was a "polymorphic attack" with various malware components.
Sierra Wireless
Sierra Wireless, a multinational IoT device manufacturer, was hit by a ransomware attack against its internal IT systems on March 20, 2021. The attack forced it to halt production at its manufacturing sites. However, its customer-facing products weren't affected, and the company was able to resume production in less than a week.
Following the incident, the corporation claims it conducted countermeasures to neutralize the attack following existing cybersecurity protocols devised. That is in collaboration with third-party cybersecurity advisers who were also involved in the investigation.
Final Thoughts
Understanding the extent of damage of these cyberattacks can be reason enough to take the necessary preventive measures right away. Do not wait to be included in this list. Instead, reinforce your organization's cybersecurity framework and keep it shielded from cyberattacks. One of the most effective ways to protect your company from cyberattacks is to educate your employees about current and emerging cyber threats. Make it a priority to address the identified flaws. Taking precautions is better than trying to contain any infiltration.
Author: MARICAR MORGA
Maricar worked as a marketing professional for almost a decade and handled concerts, events and community service-related activities. Leaving her corporate job for good to pursue her dreams, she has now ventured in the path of content writing and currently writes for Softvire Australia and Softvire New Zealand. A Harry Potter fan, she loves to watch animated series and movies during her spare time.