Hacks, ransomware, and data protection dominated cybersecurity in 2021

0

Ransomware made big headlines and a lot of money in 2021.

Getty Images

Cyberattacks made headlines throughout 2021 as massive disruptions affected government agencies, large corporations, and even supply chains for essentials like gasoline and meat.

The year started on a sour note of safety. In January, the FBI, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency jointly proposed that Russia was responsible for an attack on SolarWinds, a Texas-based company whose software has been used by the federal government to railways, hospitals, and large technology companies.

The attackers inserted malware into an update to SolarWinds’ popular Orion IT software products that companies integrate into their own systems. Thousands of customers installed the tainted update and cyber criminals were then able to access their systems. The Russian government has denied involvement in the attack.

Ransomware attacks hit both Colonial Pipeline, a major pipeline operator, and JBS USA Holdings, a major meat processor, in May. The companies paid out millions and ceased operations long enough to drive up gasoline and meat prices. Again, Russia was blamed for the attack.

Tech companies weren’t immune either. Apple and Facebook had to grapple with cyber threats that threatened the security and privacy of their users. The same companies, meanwhile, were grappling with tricky questions about how much user data that could be vulnerable in a cyberattack should be collected.

Here’s a quick look at the top cybersecurity news of 2021:

Ransomware: When the big ones go under, it affects everyone

The year made it painfully clear that the days of junk ransomware used by script kiddies are long gone.

Ransomware, which encrypts a computer until victims pay for tools to unlock their data, is big business. Cyber ​​criminals target large companies that will spend large amounts of money to avoid closure.

It happened in the headline-grabbing cases of Colonial Pipeline and JBS USA. Both companies released millions in ransom through Bitcoin, a popular cryptocurrency, after discovering their systems were locked.

The two high-profile attacks were by no means the only ransomware cases in 2021.

The suspected ransomware payments reported by banks and other financial institutions totaled in the first six months of this year, according to an October report. to a total of $ 590 million report from the Treasury. The number slightly exceeded the $ 416 million in suspicious payments reported for all of 2020.

The US government has pledged to step up its approach to tackling cybercrime. The White House entered in October international event to fight ransomware including representatives from more than 30 countries. Group members pledged Share information and work together to track down and track down the cyber criminals behind ransomware attacks.

Strikingly absent: Russia, which the US and other countries accuse of harboring and possibly encouraging the groups behind the attacks.

A month earlier, to make it at least a little more difficult to buy US companies out, the Treasury said It will sanction cryptocurrency exchanges, insurance companies, and financial institutions that facilitate ransomware payments.

Privacy battles

Apple, too, was at a privacy crossroads in 2021. The iPhone maker was forced to fend off an outside hacking threat who compromised the security and privacy of its well-known users while trying to strike a balance in its own privacy practices.

In September, Apple has released an emergency patch for the operating systems of its iPhones, iPads and Apple Watches to close loopholes that made the devices vulnerable to the Israel-developed Pegasus spyware NSO group.

While most of the spyware was a threat only to high-profile users that could be attacked by nation-state hackers, the vulnerability remained a black mark on Apple, which, for the most part, had a reputation for being relatively safe from viruses and online attackers.

Apple also sparked controversy with a proposed feature that would scan its devices for Images of child exploitation. Privacy and security experts, as well as other critics, have argued that the approach to tackling the illegal material is tantamount to creating a back door that could be exploited by governments seeking to restrict freedom of expression. Apple, which had previously been praised for its refusal crack a terrorist’s iPhone, delayed introduction of the function.

Data breaches keep going

Publicly reported data breaches in the first nine months of 2021 exceeded, according to the Identity Theft Resource Center.

Department store chain Neiman Marcus, Stock trading platform Robin Hood, Web host Go Daddy and cellular providers T-Mobile were among the companies that reported data breaches that resulted in the theft of customer information. California pizza cuisine and MC Donalds both reported security breaches that compromised data relating to their operations and employees. Cyber ​​criminals stole data from video game companies Electronic Arts This contains the source code for the soccer game FIFA 21.

Last, Planned Parenthood Los Angeles confirmed that an October Data breach uncovered patient recordsincluding names, dates of birth, addresses, insurance numbers, and clinical data such as diagnosis, treatment, and prescribing information.


Source link

Share.

About Author

Comments are closed.