In 2021, cybercrime reached unprecedented heights and gained greater attention than ever before. Cybercrime’s volume, scope, and material costs are all on the rise and have hit all-time highs. On top of that, cyberspace is virtual, boundless, and anonymous, making it challenging to pinpoint the source of a cyberattack. Some of the year’s most significant cyberattacks had real-world consequences, bringing cybercrime into the spotlight and to the forefront of national security agendas. Meanwhile, the consequences of the COVID-19 outbreak loomed huge, with cybercriminals exhibiting no remorse as they sought to destabilise medical organisations.
Let us take a look back at twelve of the most distressing cybercrimes:
1. Cyberattack on the Colonial Pipeline:
On May 7, the hackers gained entry into the networks of Colonial Pipeline Co. through a virtual private network account that enabled employees to access the company’s computer network remotely. Moreover, even though the account was no longer active at the time of the attack, it could still be used to access the organisation’s network.
The Darkside ransomware attack on Colonial Pipelines, the operator of the country’s largest fuel pipeline, was one of the most significant cyber incidents in recent years; the US government was forced to declare an emergency, and the Department of Transportation temporarily relaxed regulations to improve fuel supply flexibility across most of the Mid-Atlantic and Southern US, as well as Texas.
2. The REvil crew’s Kaseya ransomware heist:
The REvil ransomware group sought a total ransom payment of $70 million from over 1,000 firms whose IT systems were locked after attacking the services provider Kaseya in a classic example of a supply chain hack on July 4. The event was so significant that REvil organisation was forced to go into hiding for a while, only to return to find that their system had been hacked back by law enforcement. One gang member faces extradition to the United States to face justice for his crimes, while others remain on the run.
3. The exploits of the BlackMatter gang:
BlackMatter assisted and encouraged a wave of assaults on various targets, including media marketing businesses, Marketron, a French beverage company, La Martiniquaise, and Iowa, the Us grain cooperative. BlackMatter has sparked warnings throughout the security industry and was among the most significant emerging ransomware gangs of 2021.
4. Inhumane cyberattack on the Irish health service:
The Conti ransomware group made headlines on the morning of May 14 following their encryption of the computers of the Irish Health Service Executive in a cruel and genuinely inhuman cyber assault. In order to contain and analyse the consequences of the cyber assault, the HSE activated its Critical Incident Process, which set in motion a series of steps that culminated in the decision to turn off all HSE IT systems and isolate the National Healthcare Network (“NHN”) from the internet. The event caused widespread disruption to patient care in Ireland. Thankfully, no fatalities were reported as a direct result of the tragedy, but the service has still not fully recovered six months later.
5. The stolen Pfizer/BioNTech Covid-19 vaccine data leak:
After the pandemic began, various threat actors, including state-sponsored hacking groups, attacked organisations involved in COVID-19 vaccine research and distribution.
In Europe, the data related to the Pfizer/BioNTech COVID 19 vaccine was leaked on the internet shortly after being stolen in December 2020. Furthermore, cyber thieves attempted to sabotage the vaccine’s roll-out in Europe using that leaked data. Email screenshots, peer review information, and other documents, including PDFs and PowerPoint presentations, were all included in the data dump.
The EMA said that the data breach was also comprehended to be limited to a single IT programme, with the attackers mainly focusing on data related to COVID-19 medications and vaccines.
6. There have been police raids all over the world as a result of investigators cracking the Anom crypto phone app in a major hacking operation:
In June, police launched multiple raids in sixteen countries after intercepting the communications of organised criminal groups.
The criminal gangs sent messages using an encrypted communications network without realising that the FBI was handling it.
This was only one of several similar raids in 2021 that, while effective in obstructing organised cybercrime, have simultaneously surfaced well-founded concerns about law enforcement’s capacity to undertake surveillance and the admissibility of the evidence collected by them.
7. Retailer FatFace pays off $2 million to the Conti ransomware gang:
The retailer FatFace had to pay off $2 million to the Conti ransomware gang in March following a cyberattack on its systems in January that led to the leak of certain customer information, including names, postal and email addresses, and even credit card data. Initially, the ransomware’s creators had sought a ransom of $8 million, or about 213 bitcoins at the time, but were successfully negotiated down through a complex negotiation process.
8. Scammers unintentionally expose fake Amazon review data:
It was comforting to realise that even cybercriminals and fraudsters have operational security issues. This unlucky fraudster unintentionally released more than 13 million entries in an open ElasticSearch database, exposing a significant phony review scam that implicated hundreds of third-party Amazon merchants in unethical and criminal behavior.
The exposed server contained direct conversations between Amazon retailers and customers ready to give phoney reviews in return for free merchandise. The hack revealed a total of 13,124,962 records (about 7 GB of data), possibly implicating more than 200,000 people in unethical behaviour.
While it is unknown who controls the database, it reveals the inner workings of a typical problem that affects the online retail business.
9. The record-breaking $50 million ransomware demand on Acer:
The members of the REvil ransomware gang released Acer’s data on its leak site in March and demanded a $50 million ransom demand, the biggest ever made at that time. Acer has made no meaningful statements on the event, stating simply that “there is an ongoing investigation and we are unable to comment on details for security reasons.”
10. The Accellion Supply Chain Attack:
The File Transfer System of Accellion’s security software business was accessed and subsequently published online in March. In this cyber-attack, confidential information from organisations such as Singtel, the University of Colorado, and the Australian Securities and Investments Commission was compromised.
11. Attacks on the Microsoft Exchange Server:
Microsoft Exchange Server serves as an email inbox, calendar, and collaboration platform. The users of this server span from multinational corporations to small and medium-sized organisations.
State-sponsored threat organisations and others are actively exploiting the four zero-day vulnerabilities in the server to introduce backdoors and malware.
In March of this year, millions of Microsoft clients were hit by a massive cyberattack, which disrupted sixty thousand commercial enterprises and nine federal entities in the United States alone.
12. JBS pays USD 11 million Cybercrime ransom:
JBS, the world’s largest meat processor, was hacked by very sophisticated criminals, forcing it to temporarily shut down operations in the United States, Australia, and Canada. The attack put supply networks in jeopardy and pushed up food prices in the United States. Moreover, the organisation had to pay a ransom of USD 11 million to avoid further disruptions.
By- Shubhangi Kumari Mishra
(Content Writer, WCSF)