As the business world moves more and more into the digital space, it becomes more vulnerable to intruders every year. Now, instead of attacking banks with firearms, they hide in the online world, looking for vulnerabilities in companies’ security systems and rushing at their victims as soon as a weak point is discovered. It is about the loudest of these cases in 2021 that you will read below.
Colonial pipeline
Colonial Pipeline is the largest pipeline system in the United States that supplies refined petroleum products. It was attacked by DarkSide cybercriminals, who, using ransomware, were able to disrupt the supply of automotive and aviation fuel on the east coast and southern United States for almost a week. Fuel shortages have led to higher prices and long queues at gas stations, with some motorists panicking and buying petrol in cans. This led to the fact that people began to store gasoline in flammable bags and tanks, which can lead to disastrous consequences. The crisis also affected Atlanta’s Hartsfield-Jackson International Airport and Charlotte Douglas International Airport, where American Airlines had to change some flights from direct to transit due to fuel shortages. The company ultimately paid a $4.4 million ransom to restore access to the system, although the Justice Department later announced that they were able to recover an estimated $2.3 million.
solarwinds
SolarWinds operates in the IT field and develops industrial software for network, systems and infrastructure management. Some of the company’s clients are government agencies (US Department of Homeland Security, National Nuclear Security Administration, Federal Aviation Administration) and private enterprises. The company was infected with a Trojan that allowed hackers to get a lot of information about the US government and the private sector. For example, criminals gained access to the mail of Secretary of State Chad Wolfe and other officials of the Trump administration.
Kaseya
Kaseya develops software that helps large companies with IT management. The REvil hacker group sent out a fake software update through Kaseya’s Virtual System Administrator, which began infiltrating the company’s customers’ computers, encrypting their systems. As a result, about 50 Kaseya customers and 1,000 businesses were affected. The hackers demanded $70 million in bitcoin in exchange for a decryptor that would unlock all the files, but the FBI was able to access REvil’s servers and get the encryption keys, solving the hack without paying a ransom.
Accellion
Accellion specializes in secure file sharing and collaboration. She was the victim of a zero-day attack targeting her own file transfer application. And while the company quickly released patches to address this issue, not everyone installed it in time, giving hackers the opportunity to steal Accellion user data. As a result, many faced extortion and fraud attempts. Victims of the hack included the Reserve Bank of New Zealand, the Australian Securities and Investments Commission, cybersecurity firm Qualys, law firm Jones Day and the University of Colorado.
Poly Network
In one day, Poly Network, a blockchain platform, managed to lose $611 million worth of crypto assets. The hacker who stole the funds found a vulnerability and decided to show a hole in the system in this way before someone else finds it and uses it to actually steal the funds. Some time after the hack, the hacker returned more than $260 million, then posted a Q&A where he stated that he was keeping the funds in storage until the vulnerability was fixed. After all the corrections, the funds were returned. The platform also promised the hacker a $500,000 reward, which he later refused, for identifying weaknesses in their system and offered him the position of chief cybersecurity adviser.
Log4j
Log4j is a vulnerability inside a Java application. The potential victims are many, as nearly a third of all web servers in the world use Java software. Millions of people and thousands of companies are at risk as industry giants (Amazon, Twitter, Google and Microsoft) use Java. The vulnerability can be exploited relatively easily, so that professionals were able to record a total of 3.7 million hack attempts, 46% of which were committed by known groups of cybercriminals, according to Check Point, a cybersecurity company.
Twitch
In addition to companies involved in finance, software development and other things, the entertainment industry has also suffered. In October 2021, an unknown user posted 125 GB of Twitch data on 4chan. There was platform source code for mobile devices, PCs, and consoles; proprietary features; information about internal security; encrypted passwords and payouts to creators and streamers for 2019. The leak caused Twitch users to panic as they urgently needed to change their account login details before anyone decided to hack them. At the same time, some had to quickly change passwords on other services, as many use the same data to enter different sites and applications. Twitch was hacked by changing the server configuration, which allowed access to confidential data.
Scripps Health
Scripps Health is a San Diego-based healthcare system with five hospitals and 19 outpatient facilities that treats half a million people each year. On May 1, 2021, Scripps was forced to shut down part of its network for several weeks due to ransomware that infected the system. This led to a violation of the rules of patient care, and many health workers had to urgently switch to paper records, which reduced their efficiency. The infection stole data from more than 150,000 patients, including addresses, social security numbers, dates of birth and account numbers. Patients have filed a class action lawsuit against the company, accusing system leaders of failing to protect their personal data.
CNA
One of the largest insurance companies in America, which is also engaged in cyber insurance. In March 2021, a ransomware group calling itself Phoenix was able to encrypt 15,000 devices, including the equipment of employees working from home. The group gained access to a large amount of CNA data, which in the future could lead to more sophisticated attacks aimed at the company’s customers. To prevent this from happening, the CNA paid the criminals $40 million, also taking back control of the gadgets. This amount is a record among publicly known payments in such situations.
United States Metropolitan Police Department
In April, the Babuk group stole 250GB of sensitive police department data, which included disciplinary files related to former and current police officers; intelligence on protest activity; and what is most unpleasant – data on informants embedded in criminal networks. For the ransom of information, the hackers demanded 4 million dollars, and at the same time threatened that if their demands were not met, the data would be leaked. Despite this, the police did not agree to the terms and offered to pay 100,000 dollars, but the hackers refused this amount, and after a while all the stolen data was posted on the network.
Source: Trash Box
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
