Hacks, ransomware and privacy dominated cybersecurity in 2021

0

Cyberattacks made headlines throughout 2021 as massive disruptions impacted government agencies, large corporations, and even supply chains for essential commodities like gasoline and meat.

The year started with a bad security advisory. In January, the FBI, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency jointly suggested it was Russia responsible for an attack on SolarWindsa Texas-based company whose software has been used by everything from the federal government to railroads, hospitals and big tech companies.

The attackers inserted malicious software into an update to SolarWinds’ popular Orion IT software products, which companies integrate into their own systems. Thousands of customers installed the infected update and cyber criminals were then able to gain access to their systems. The Russian government has denied involvement in the attack.

Ransomware attacks hit both Colonial Pipeline, a major pipeline operator, and JBS USA Holdings, a major meat processor, in May. Companies have paid millions of dollars and closed their operations long enough to drive up gas and meat prices. Again, Russia was blamed for the attack.

Tech companies have not been immune either. Apple and Facebook have had to deal with cyber threats that compromised the security and privacy of their users. Meanwhile, the same companies are grappling with tricky questions about how much user data that could be vulnerable in a cyberattack should be collected.

Here’s a quick look at the top cybersecurity news of 2021:

Ransomware: When the big ones go under, it affects everyone

The year has made it painfully clear that the days of junk ransomware used by script kiddies are long gone.

Ransomware that encrypts a computer until victims pay for tools to unlock their data is big business. Cyber ​​criminals have targeted large companies that pay big bucks to avoid closure.

This is what happened in the headline-grabbing cases of Colonial Pipeline and JBS USA. Both companies have made millions of dollars in ransom payments via Bitcoin, a popular cryptocurrency, after realizing their systems were locked.

The two high-profile attacks were far from the only ransomware cases of 2021.

According to an October report, suspected ransomware payments reported by banks and other financial institutions totaled $590 million in the first six months of this year report by the Ministry of Finance. The number far exceeded the $416 million in suspicious payments reported for all of 2020.

The US government has pledged to step up its approach to fighting cybercrime. The White House met in October International event to fight ransomware including representatives from more than 30 countries. group members pledged to share information and work together to track down and prosecute the cybercriminals behind ransomware attacks.

Notably absent: Russia, which the US and other countries accuse of harboring and possibly encouraging the groups behind the attacks.

A month earlier, in an effort to make it at least a little harder to blackmail US companies that said the Treasury Department It will sanction cryptocurrency exchanges, insurance companies, and financial institutions that facilitate ransomware payments.

privacy fights

Apple was also at a crossroads for privacy in 2021. The iPhone maker was forced to fend off an external hacking threat that was jeopardizing the security and privacy of its users, some of whom were well known, while trying to find a balance in its own privacy practices.

In September, Apple has released an emergency patch for the operating systems of its iPhones, iPads, and Apple Watches to patch holes that left the devices vulnerable to Israeli-developed Pegasus spyware NSO group.

Although the spyware largely only posed a threat to high-profile users who could be targeted by national hackers, the vulnerability was a black mark for Apple, which largely had a reputation for being relatively safe from viruses and online attackers.

Apple also provoked controversy with a proposed feature that would scan its devices Images of child exploitation. Privacy and security experts, as well as other critics, have charged that the approach to tackling the illegal material is tantamount to creating a backdoor that could be exploited by governments wanting to restrict free speech. Apple, which previously received praise for the refusal crack a terrorist’s iPhonedelayed the rollout of the feature.

Data breaches happen again and again

Data breaches publicly disclosed in the first nine months of 2021 exceeded the total for all of 2020, according to the Identity Theft Resource Center.

department store chain Neiman Markusstock trading platform Robin Hoodweb host Go Daddy and cell phone providers T Mobile were among companies reporting data breaches that resulted in the theft of customer data. California pizza kitchen and MC Donalds Both reported breaches that compromised data related to their operations and employees. Cyber ​​criminals have stolen data from video game companies Electronic Arts which contained the source code for the football game FIFA 21.

Last, Planned Parenthood Los Angeles confirmed that an October Data Breach Disclosed Medical Recordsincluding names, dates of birth, addresses, insurance identification numbers, and clinical data such as diagnosis, treatment, and prescription information.

Share.

About Author

Comments are closed.