Ransomware assaults have been escalating at an alarming rate over recent years. According to the 2021 Verizon Data Breach Investigations Report, the frequency of ransomware attached has doubled in 2021.
This malevolent conduct threatens every industry, and every computer file is at risk of being encrypted. Ransomware is a type of malware (malicious software) that encrypts data on a computer system, until the victim pays money to the cybercriminal to get a decryption key – in other words, it holds your data or machine hostage and only releases them after the ransom is paid.
Here are some of the recent ransomware attacks of 2021:
Top ransomware attacks of 2021
CNA Financial Corp., one of the largest insurance companies in the U.S., was hit by ransomware earlier on March 21.
An unauthorized gang targeted CNA's network, encrypting 15,000 devices, including many PCs used by remote employees. According to a data breach report issued with the Maine attorney general's office in July, the attack exposed the names, personal identification numbers, and Social Security numbers of more than 75,000 people.
An investigation indicated that the cybercriminals accessed corporate networks and copied a small quantity of data before installing the malware. The attack on CNA disrupted the network, affecting certain systems, including business email. It also rendered CNA's website inoperable, turning it into a static display. According to Bloomberg, CNA paid the adversaries $40 million to restore control of its computers.
The REvil hacking gang, also responsible for an attack on London foreign exchange business Travelex, targeted the computer maker Acer. The ransom demand of $50 million was the greatest amount known to date. To access Acer's information, attackers exploited a weakness in a Microsoft Exchange server, leaking photos of crucial financial papers and spreadsheets.
According to Acer’s official statement:
"We've been steadily improving our cybersecurity architecture to ensure business continuity and data protection. We advise all businesses and organizations to follow cybersecurity best practices and be on the lookout for any unusual network behavior."
A Taiwanese company that makes MacBooks and other Apple products have become the subject of a $50 million ransomware assault in April 2021.
REvil, a Russian hacker group, was behind the leak. Quanta declined to pay the $50 million ransom for the data; the cyber gang began uploading the stolen photographs on April 20, timed to coincide with Apple's newest "Spring Loaded" event.
The organization hasn't specified the exact magnitude of the leak yet.
The long-held idea that the pipeline's activities were separate from the data systems seized by DarkSide, a cyber gang based in Russia, was proven to be incorrect.
Colonial Pipeline, an American oil pipeline system in Houston, Texas, and mostly transports gasoline and jet fuel to the Southeast United States, was hit by a ransomware cyberattack on May 7, 2021, affecting computerized pipeline management equipment. Colonial Pipeline Company responded by halting all pipeline operations to limit the attack. This resulted in a chain reaction that included panic purchasing at the pumps and a hushed dread among government officials that the harm would spread swiftly.
Colonial Pipeline paid the proposed 75 bitcoins or $4.4 million within hours of the attack. Colonial Pipeline was subsequently handed a software application by the adversaries to restore their network, although it was reported to have run slowly.
Direct attacks on operational technology are uncommon as these systems are generally more secure. As a result, the adversaries are more likely to have acquired access to Colonial's computer system through the company's administrative side.
JBS, the world's largest meat processing company, has paid a ransom of $ 11 million to stop a huge cyber-attack.
Third parties are conducting forensic investigations, and no conclusions have been reached as of now. According to preliminary investigation findings, no corporate, customer, or employee data was compromised in the incident. According to a person acquainted with the situation, the intrusion against JBS was carried out by a hacker gang affiliated with Russia. REvil and Sodinokibi are the names of the Russia-linked cyber gang. The ransom was paid in bitcoin.
ExaGrid specializes in providing backup storage to organizations. The company became a victim of a ransomware assault in May 2021.
The ExaGrid network was infiltrated by the Conti ransomware gang, which took papers and data. Conti gained 800GB of sensitive information, including customer details, contracts, and source codes. Negotiation continued further till May 13, later ExaGrid spent roughly US$2.6 million to regain its files and gain access to encrypted data.
Businesses must prioritize cybersecurity and allocate sufficient resources to it. Secondly, more highly trained cybersecurity specialists are needed to combat the present epidemic of ransomware assaults. Many businesses and organizations still do not have adequate security, which requires ongoing monitoring and upgrades rather than a single promotion. We will start to see fewer attacks as more businesses take cybersecurity seriously and commit the time and resources needed to counteract them.