Post Covid-19 pandemic, professional and personal lives of people have seen unprecedented changes and an acute dependency on the Internet. Corporates have resorted to the work from home model; retail businesses have resorted to the online business model, as have many industries in brick and mortar models. Resultantly, there has been an all-time high in the ratio of people using the Internet as a means to conduct the simplest of their day-to-day tasks.
One ramification of this shift is the skyrocketing of cyberattacks. Cybercriminals have taken this opportunity to up the ante in terms of the scope and frequency of such attacks. Worryingly, such criminals do not discriminate among individuals, governments, and organizations as potential targets. According to prnewswire.com, the FBI recently reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day. In this article, we have listed the top 10 cyberattacks of 2020-21 that caused immense havoc and financial losses.
1. Marriott International
The popular hotel chain suffered a data breach in 2020. Marriott issued a statement on March 31, 2020. According to that statement, the information of 5.2 million guests was accessed using the login credentials of two employees who worked at a franchise property.
The statement further added that an application used by Marriott to help provide guest services was also affected. Upon discovering, Marriott immediately disabled the login credentials, implemented heightened monitoring, informed guests, and began an investigation.
The company believes that this activity started in mid-January 2020. Information compromised may have involved contact details and information related to customer loyalty accounts.
Twitter, one of the most popular social media platforms, was hacked in July 2020. Attackers used social engineering, confirmed by Twitter as phone phishing, to hijack many high-profile Twitter accounts. These accounts included that of Tesla CEO, Elon Musk, Amazon CEO, Jeff Bezos, and former president of the United States of America, Barak Obama.
The New York State Department of Financial Services stated, “In monetary value, the Hackers stole over $118,000 worth of bitcoin. But more significantly, this incident exposed the vulnerability of a global social media platform with over 330 million total monthly active users and over 186 million daily active users, including over 36 million (20%) in the United States.”
The attackers had stolen employee credentials and gained access to Twitter’s internal management system.
The three attackers behind the Twitter hack were nabbed, and the mastermind of the attack, 17-year old Graham Ivan Clark, was sentenced to 3 years in prison.
3. Sina Weibo
China has officially blocked Facebook and Twitter. Instead, they have Weibo, a microblogging site, one of the most popular social media platforms. It is like a combination of Facebook and Twitter.
In March 2020, news broke out that the personal details of over 538 million Weibo users were available online for sale. A hacker claimed to have breached Weibo and sold the data for $250 on the dark web. But since the data did not contain banking passwords, it probably did not lure the hackers much. However, the data contained personally identifiable information (PII) such as real names, usernames, gender, location, and phone numbers of 172 million users. Nonetheless, leakage of this information could have easily led to different scams, fraud, etc.
4. Solar Winds
The Solar Winds hack was perhaps one of the most damaging cyberattacks of 2020. It was a masterfully conducted supply chain hack that compromised multiple governments and private company systems all across the globe.
In December 2020, the attack was first discovered by a Cyber Security firm called Fire Eye. Analysts at Fire Eye found that unusual data was being sent to a server of an unknown origin. Fire Eye concluded from its investigation that the systems may have been infected as far back as early 2020.
Further investigation revealed that one of the servers was compromised that provided access to updates and patches to Solar Winds Orion tools. It allowed attackers to inject a code into the software updates and infect the data of multiple clients at once. This code allowed data modification and exfiltration. It also allowed remote access to the devices that had the malicious software installed. The attack has been attributed to an Advanced Persistent Threat (APT) actor and the Malware has been dubbed “SUNBURST.”
5. Florida Water System
On February 5, 2021, a Cyber Security breach occurred in the Florida Water System when a malicious hacker tried to poison the water supply by using a remote access software platform known as Team Viewer, which was shared by plant workers.
The hacker is said to have entered Oldsmar’s water treatment system and tampered with the levels of Sodium Hydroxide and Lye by increasing those to 100 times their normal levels. Sodium Hydroxide is generally used to remove metal from drinking water and to control water acidity. Manipulating the level could have led to poisoning and other serious health hazards.
Thankfully, an employee sensed the cyberattack and alerted the concerned employees who got the level back to a safe range. Thus, averting what could have been a frightful nightmare for Florida citizens.
6. Microsoft Exchange
Microsoft faced a very serious Cyber Security breach from January 2021 to March 2021. Hackers attacked the on-premises Microsoft Exchange Servers by exploiting zero-day vulnerabilities (computer software security flaws). The malware attack affected nine government agencies and over 60,000 private companies worldwide.
Microsoft pinned the attack on a Chinese state-sponsored hacker group called “Hafnium.” The USA and UK, along with their allies, also attributed the attack to hackers affiliated with the Chinese government. The Chinese government rejected all claims.
Soon, Microsoft sent a notice to all its consumers to check whether they have suffered data leakages. This hacking attack highlighted how Microsoft’s on-premise email servers provided the key to hackers to unlock sensitive data from governments and private companies.
Taiwanese computer manufacturer Acer became the latest target of the REvil ransomware group in March 2021. A $50 million ransom was demanded. It was also said that if the ransom was not paid within the stipulated time, the hackers would double up the ransom amount to $100 million. Acer had initially agreed to pay $10 million. However, it was not reported whether Acer ultimately paid the ransom to the REvil group or not.
The REvil group had gained access to the back-office network of Acer through a Microsoft vulnerability. The data leakage included financial spreadsheets, bank balances, communication with the bank, etc.
REvil hacked the database of Acer and got access to customer details, including customer account numbers and posted it as an auction list on their site.
8. Airplane Manufacturer Bombardier
Canadian airplane manufacturer Bombardier confirmed in February 2021 that it had suffered a data breach. The breach compromised the confidential data of suppliers, customers, and around 130 employees in Costa Rica.
An initial investigation by the company revealed that an unauthorized party had accessed and extracted data by exploiting a vulnerability, affecting a third-party file transfer application.
Since then, Bombardier has been proactively contacting their customers and other stakeholders whose data was hacked. Incidentally, this data was leaked on a site operated by the Clop ransomware gang.
9. The US Fuel Pipeline
In May 2021, a Russian group known as Dark Side compromised the network of the Colonial Pipeline. They had locked real-time data and also stolen around 100GB of raw data to demand ransom. The Colonial Pipeline incurred a huge loss as it had to put the remaining systems offline for a few days. The Colonial Pipeline carries around 2.5 million barrels of petrol, diesel, and jet fuel every day from the Gulf Coast to the Eastern Seaboard.
The cyberattack created history, for, in almost 60 years of the company’s existence, this was the first time that their gasoline pipeline was inoperable.
The Colonial Pipeline confirmed that it paid $4.4 million in cryptocurrency to Dark Side to avoid any consequence in the future.
10. Channel Nine
In March 2021, the Australian broadcaster Channel Nine suffered the largest cyberattack ever on a Media company in the country’s history that exposed a nationwide vulnerability. Channel Nine described the attack as sophisticated and calculated. The cyberattack resulted in television and digital systems being offline for more than 24 hours.
The attack is believed to have impaired the broadcaster’s telecast from its Sydney studio and forced the media company to shift its operations to the Melbourne studio. It was reported that the cyberattack was a variant of ransomware.
However, it is yet to be validated if Channel Nine ultimately received any ransom demand.
The cyberattacks mentioned in this article speak aloud the audacity and desperation of cybercriminals. Quite evidently, cybercriminals seem to be capable of out-maneuvering even the most elite of organizations. Sometimes cyberattacks are state-sponsored, while at other times, these are carried out by individuals or groups. But one thing is for certain, the world needs an army of trained Cyber Security professionals to outpace this unlawful yet suave brigade of cybercriminals.
Well, if the cause thrills and motivates you, enroll in a Cyber Security program at EC-Council University (ECCU). Develop the knowledge and skills required to mitigate cyberattacks, and access affordable learning to be future-ready.
The Cyber Security industry is looking for skilled Cyber Security professionals. But the demand for skilled Cyber Security professionals exceeds the supply. The Cyber Security talent crunch will create 3.5 million unfilled jobs by the end of 2021 (Source: Cyber Security Ventures). Let a reputed institution like ECCU help you fill this void. Cash in on this opportunity. The world is waiting for you.