In 2021, ransomware attacks targeted a wide range of prominent organizations and businesses, including Colonial Pipeline. And these cyber threats show no signs of slowing down. Around the world, hackers are exploiting security vulnerabilities and holding corporate, government and healthcare data hostage, sometimes demanding tens of millions of dollars in ransom.

What is ransomware?

Ransomware is malicious software that encrypts data on a device, rendering the files and systems that depend on it unusable. The hackers then demand a ransom in exchange for the decryption. Moreover, they often threaten to sell or leak the sensitive information if the ransom is not paid.

In other words, hackers take advantage of security weaknesses to steal sensitive data and/or lock files. And they only give the access key to the system or return the files once the ransom is paid.

Recent news has brought to light several major ransomware attacks against large organizations. But individuals and small structures are not immune either. One of the best protections against these threats is to use a reliable and updated antivirus. Thanks to its updated database, it will be able to spot malware (including ransomware) and neutralize it before it harms the system. It is then necessary to compare the best antiviruses to select the one whose options best suit your needs.

High-profile ransomware attacks in 2021

In 2021, organizations around the world have suffered such attacks, some of which have been highly publicized. In fact, only six hacker groups are responsible for breaching the cyber security defenses of 292 organizations. At present, their ransomware attacks are estimated to have earned them over $45 million . Here are the ones that marked 2021 the most:

See also  2022, the year of deep mistrust and tightening of access controls

1) Colonial Pipeline

Of all the cyberattacks in 2021, the Colonial Pipeline attack was the most publicized. With the pipeline being a crucial part of the United States’ critical infrastructure system, its ransomware attack had a huge impact. The decommissioning of the system effectively interrupted the gas supply to the entire east coast of the United States, causing chaos and panic.  

The perpetrators are the DarkSide group, which targeted the company’s billing system and internal business network, leading to widespread shortages in several states. To avoid further disruption, Colonial Pipeline ended up giving in to demands and paying out $4.4 million in bitcoins .

After the situation subsided, the government confirmed that Colonial Pipeline’s cybersecurity measures were not up to scratch. He added that the attack could have been avoided with better protection.

Luckily, the FBI tracked down the money by monitoring cryptocurrency movements and digital wallets. They were thus able to recover a large part of the ransom. However, the hackers behind the attack remain untraceable.

2) Brenntag

In early May 2021, the same group of notorious hackers also targeted Brenntag. Established throughout the world, this German company distributes chemical products to manufacturers in many sectors. After stealing 150 GB of data, DarkSide demanded a ransom equivalent to $7.5 million in bitcoins.

Brenntag quickly gave in to the demands and ended up paying $4.4 million. This is one of the highest amounts in the history of ransomware.

3) Acer

Also in May, computer manufacturer Acer came under attack from another group of hackers: REvil. These hackers are particularly known for their attack on the London exchange company Travelex in 2020.

See also  VirusTotal: analyze a questionable file or website

After exploiting a vulnerability in a Microsoft Exchange server, REvil accessed Acer’s files and demanded a $50 million ransom. The largest known to date. Unsuccessful, they then let slip sensitive financial documents.

4) NBA

Ransomware attacks target businesses and organizations across all industries. Unfortunately, the American National Basketball Association (NBA) was no exception. 

In April 2021, hacker group Babuk claimed to have stolen 500 GB of confidential data regarding the Houston Rockets, including financial information and contracts. He then threatened the NBA to make these confidential documents public if his request was not met. But to date, no ransom has been paid.

5) AXA

Finally, the European insurance company AXA suffered an attack by the Avaddon gang who accessed a massive volume of 3 TB data. It occurred shortly after the announcement of major changes in its insurance policy.

AXA has indeed said that it will stop reimbursing many of its customers for ransomware payments. This unprecedented (and rather ironic) attack on an insurance company made headlines in May 2021.

If you liked this article, please subscribe to our reddit community to discuss it. You can also find us on Twitter and Facebook.

5/5 - (1 vote)