Where does large-scale cybersecurity of major corporations start and where does it interfere with our personal feeling of safety? 

After the lockdown hacks of 2020, 2021 proved to be even worse for businesses across the globe struggling to ensure their cybersecurity. The biggest hacks of the year show that protecting the digital assets of organizations is essential to the protection of citizens too. 

Already by June, global cyber attacks had increased by 29%. Triple extortion ransomware and supply chain attacks led the statistics, with major hacks against all industries — from critical infrastructure, food suppliers, and digital companies to healthcare facilities, educational organizations, and insurance providers. 2021 showed that no industry is safe anymore

The worst cybersecurity attacks during the past year have affected millions of people at once — illustrating in practice the importance of cybersecurity for organizations of all sizes. Below is an overview of the major hacks of 2021. 


The Colonial Pipeline Ransomware

We can’t help but start with an infamous one — the May 2021 ransomware attack against the US East Coast’s fuel supply. The Colonial Pipeline runs a 5,500-mile fuel pipeline. In May 2021, it was forced to stop a part of the supply because of a ransomware attack that threatened to release 100 GB of company data. This led to a major gas supply shortage in the southeastern US. The energy crisis got so bad that the Department of Transportation had to interfere to allow emergency truck fuel distribution.   

Colonial Pipeline had to pay more than $4 million (75 bitcoin) to the ransomware gang DarkSide, which is linked to Russia. A part of it was recovered later on. Nevertheless, the attack remains as one of the biggest attacks against critical infrastructure — which sets the alarm about the huge cybersecurity risks globally.   


CNA Ransomware

Next in line is the March 2021 ransomware attack against the major US insurance company CNA — which even sells cyber insurance. The ransomware group Phoenix got access to its data, threatening to expose the personal information of its customers. 

CNA Financial Corp. paid $40 million in ransom to get back control over its networks. This was a record high amount among the publicly available data for such cases. The data that hackers obtained was super sensitive and is said to enable future attacks, but that seems unlikely, given the bombastic ransom paid. 


JBS USA Ransomware

If you think food supply is safe from cyber attacks, the ransomware against JBS USA will prove you wrong. In May 2021, the largest meat processing company in the world JBS SA suffered an attack against its US subsidiary’s servers. This brought down parts of its systems in the US, Canada, and Australia. 

The impact on the meat industry was substantial — with consumer supply chain problems, plant closures, and employee layoffs. The ransomware gang REvil that stood behind the attack received a $11 million ransom (paid in bitcoin) to decrypt the data and provide it back to JBS. 


Twitch Data Breach and Exposure

Another important hack of 2021 is the data breach suffered by the Amazon-owned live streaming service Twitch. In October 2021, a large amount of proprietary data — 128 GB — was released on the 4chan forum as a torrent. This included the company’s full source code, internal documents, and individual streamers’ revenue. 

The company announced that the breach was caused by a server configuration change that allowed attackers to gain access to sensitive data. Twitch claimed that login data was not jeopardized. The attackers remained anonymous but announced that the data dump aimed to disrupt the online video streaming ecosystem and to bring about more competition in that space. 


Kaseya Ransomware

Along with the big supply chain hits against SolarWinds and Codecov, the ransomware attack against the IT management software provider Kaseya stands out too. In July 2021, the attackers used a flaw in the Virtual System Administrator (VSA) tool offered by Kaseya to infect thousands of organizations worldwide. 

The ransomware attack against Kaseya was also caused by the Russia-based group REvil, which targeted JBS USA. The VSA tool is used by managed service providers that supply other organizations with IT support, and the attack took advantage of the interdependent ecosystem. REvil asked for $5 million from managed service providers and $45,000 ransom from individual companies. The group announced a decryption tool for nearly $70 million, but then it got into hiding. Kaseya used a universal decryptor to help out the users down the line. 


Having the Right Cybersecurity Protection is Paramount

The biggest hacks of 2021 illustrate the power of cyber attackers to control various aspects of our lives. That makes it crucial for businesses across industries to address cybersecurity threats and take effective preemptive actions. 

Having a trusted partner like Amatas is the key to protecting your company and your customers from ransomware, data breaches, and various other cyber risks. We offer the right portfolio of services — from Managed Extended Detection & Response to Virtual CISO — to ensure your organizations’ security across the board. 

If you’re ready to effectively tackle your cybersecurity management, just get in touch with us at Amatas.

Ralitsa Kosturska in AMATAS