Ransomware is a type of malicious software that, when installed, prevents a user from accessing their own computer. To regain access to the system, a quantity of money must be paid to cyber-criminals or hackers.
Ransomware is aggressively targeting vital industrial sectors like oil and gas, banking, healthcare, food and drinks, and transportation, according to Chennai-based Cyber Security Works. During the continuing pandemic, the amount of ransom assaults has grown (by 37%), and Common Vulnerabilities and Exposure (CVE) has climbed by more than 356% this year relative to 2019. In June 2021, SonicWall recorded an all-time high of 78.4 million ransomware assaults globally.
Haldiram’s, Air India, and Pune’s smart city project Pimpri-Chinchwad Municipal Corporation all experienced severe cyber assaults in India.
Today, we take a look at the most significant ransomware assaults of 2021 thus far. Check out this page to learn more about last year’s assaults.
Colonial Pipeline Company
Colonial Pipeline Company, an American oil pipeline company, was hit by a massive ransomware assault in May of this year. The malware impacted its computerized equipment that manages the pipeline that originates in Houston, Texas, causing fuel supplies to much of the US East Coast to be disrupted for many days.
Despite the fact that the incident only affected its IT systems, Colonial Pipeline Company shut down its entire pipeline business to avoid additional damage. The firm paid the hackers $4.4 million in bitcoin with the assistance of the FBI.
DarkSide, as per the FBI, planned the attack. The FBI was able to confiscate a portion of the money using a private key, the Department of Justice stated a month after the transaction.
In March of this year, Taiwanese computer manufacturer Acer was struck by a REvil ransomware campaign. The hackers wanted $50 million in ransom. They distributed pictures of stolen files as evidence of Acer’s security vulnerability and subsequent data leak. Images of financial spreadsheets, bank correspondence, and bank balances were among them.
According to media sources, the gang gained access to Acer’s network using a Microsoft Exchange flaw that had previously resulted in the hacking of 30,000 emails from US federal and corporate organizations.
According to reports, the ransomware group generated more than $100 million in one year from major corporate extortions. The same hackers were behind the Travelex ransomware attack in 2020.
While the computer maker never acknowledged whether or not it paid the ransom, it stated that businesses like theirs are always under assault and that odd cases were reported to the appropriate law enforcement as well as data protection authorities.
CNA Financial Corp., located in Chicago and one of the largest insurance firms in the United States, discovered a breach in March of this year. The ransomware assault is claimed to have compromised the data of approximately 75,000 people. This information may have included the names, health insurance information, and Social Security numbers of the company’s current and past employees, dependents, and contract workers.
As per media sources, CNA Financial had obliged to give $40 million to regain access to its network later in May. According to reports, the hackers utilized Phoenix Locker software, a version of Hades created by Russian cybercrime group Evil Corp.
At about the same period as the Colonial Pipeline Company intrusion, the German-based chemical delivery company Brenntag was targeted by the hacking group DarkSide. DarkSide allegedly wanted $7.5 million, or 133.65 bitcoin, in exchange for rights to 150 GB of data. DarkSide also posted a data breach page with a summary of the stolen data and screenshots of a few files to back up its allegations.
The ransom was discussed, and Brenntag finally paid $4.4 million.
Kia Motors, a Hyundai subsidiary, was held hostage in February of this year. The DopplePaymer gang allegedly demanded $20 million for a decrypter in exchange for not leaking the stolen data. According to Kia Motors, the ensuing ‘IT outage’ affected Kia Motors America’s mobile UVO Link apps, internal sites, phone services, owner’s portal, and payment systems.
While these were worldwide assaults, India isn’t far behind in terms of cybersecurity breaches. According to media estimates, India has been the worst impacted by ransomware assaults this year. According to a CheckPoint research report, ransomware assaults increased by 102% globally in 2021 compared to the previous year, with India being the worst impacted, with 213 weekly ransomware assaults per organization. To counter the assaults, Microsoft formed a Threat Protection Intelligence Team the year before.