Learn more about ransomware attacks
Ransomware attacks have been rising and continue to grow more complex each year. Did you know that the first few months of 2021 saw nearly 500 million ransomware attacks? In this blog, we will be looking at some of the major ransomware attacks of 2021-2022 in greater detail.
As we step into the second half of 2022, ransomware attacks have already impacted businesses and government organizations across the globe.
Like the COVID-19 virus, ransomware strains don’t stop evolving and become more destructive over time. This year has already seen the evolution of many new Ransomware-as-a-Service (RaaS) gangs, such as Onyx, Mindware, and Black Basta. We have also witnessed the return of one of the world’s most dangerous ransomware operations, REvil.
But before we look deeper into the major ransomware attacks that made the headlines from 2021 to 2022, let us understand a few basic things first.
What is a Ransomware Attack?
Ransomware is malware that uses encryption to retain a victim’s information. An organization’s vital data is encrypted so external attackers cannot access its databases, files, or applications.
Ransomware is created to extend across a network, target database, and file servers and can thus quickly paralyze an entire organization or network. These attacks can target corporations, government departments, and even entire countries.
Tracing the Top Ransomware Attacks 2021-2022: 5 Major Attacks Of 2021
Let’s look at the 5 major ransomware attacks of 2021 and how they were carried out.
This global IT consultancy firm identified irregular activity in August 2021. The company reported Bleeping Computer, which contained a third-party entity’s exfiltration and publication of proprietary data.
The computer self-help website conveyed that the LockBit ransomware gang eventually claimed responsibility for the attack. The team confirmed that it had stolen six terabytes of data from Accenture’s network. According to the news reports, the LockBit group also demanded a $50 million ransom from Accenture.
The REvil/Sodinokibi ransomware gang announced in March 2021 that they broke through the data network of the Taiwanese multinational electronics corporation Acer.
The group claimed responsibility for the attack and posted images of financial statements and other documents allegedly stolen from the company. They also demanded $50 million from Acer, a vast amount to ask of any corporation.
3. Apple Inc.
A month after the Acer attack, someone reported in a digital crime forum that the REvil/Sodinokibi gang was about to unveil their “largest attack ever.” Two days later, the major ransomware attack group announced their raid on Apple’s business partner.
The attackers tried to pressure the company into paying a ransom but later diverted their attention to Apple. They publicly released blueprints for new Apple devices they had stolen from their business partner. They continued publishing files stolen from Apple unless the company agreed to their demand of $50 million by 1st May.
According to NBC News, ransomware gangs struck the U.S. workforce management company Kronos in December 2021. The company said that its programs that depend on cloud services would be unavailable for assistance for several weeks. A representative for the company refused to provide details that showed that a ransomware group was responsible for the attack.
On 24th December, Shutterfly suffered a major ransomware attack by the Conti ransomware gang. The ransomware group formed a private data leak page containing data stolen from the company. The attackers threatened to make the page public if Shutterfly didn’t pay the ransom.
These attacks just send a shiver down your spine, don’t they? It’s scary to see how the leading technology companies worldwide can be held hostage by a group of anonymous attackers that strike hard and fast.
We’ll next explore the 5 major ransomware attacks in 2022.
Tracking Ransomware Attacks 2021-2022: 5 Major Ransomware Attacks Of 2022
Even though 2022 has not yet ended, we’ve already had major ransomware attacks worldwide.
1. Nvidia Major Ransomware Attacks
A ransomware attack compromised the world’s largest semiconductor chip company in February 2022. The company confirmed that the attacker had started leaking proprietary information and employee credentials online.
Lapsus$, the ransomware group, took responsibility for the attack and claimed they had the key to 1TB of hacked company data. They further announced to leak the information online. It demanded a percentage of an anonymous fee and $1 million from Nvidia.
2. Costa Rica Government
The Costa Rica ransomware attack in 2022 was the talk of the town. It’s the first time a country announced a national emergency in response to a cyber-attack. It affected the government services and brought the Ministry of Finance to its knees.
On 31st May, another attack plunged the country’s healthcare system into a mess. This attack even affected the Costa Rican social security fund.
Ransomware group Conti took accountability for the first attack, asking the government to pay $10 million and increasing it to $20 million later.
3. Bernalillo County
On 5th January, New Mexico uncovered a major ransomware attack that caught the entire county’s attention. There was no disclosure of ransom demands, but the county labeled it a ransomware issue.
The ultimate result included:
- Blocking a jail’s camera feeds.
- Closing government buildings.
In response, the county made some public services unavailable and turned many of its systems offline. Only safety services, such as fire and rescue operations, continued to run.
Three Toyota suppliers were hacked between February and March 2022. The incident which shook the business world shows that no matter how safe and secure your organization may be, an attacker can find a way to break in.
Kojima Industries, one of the Toyota suppliers, even had to stop its operations in 14 Japanese plants after getting hit by a cyber-attack.
However, the worse was yet to come. Two other Toyota suppliers, Denso and Bridgestone, got targeted by ransomware attack group Pandora within 11 days.
Indian airline SpiceJet faced a ransomware attack earlier this year, leaving hundreds of passengers stranded in several countries.
Later the airline claimed that it was only an “attempt” and that their IT team handled the situation well.
According to news reports, SpiceJet passengers waited for details on their flight departures for over 6 hours. This highly impacted the airline’s reputation and led to customer skepticism.
Major Ransomware Attack Trends in 2021 and 2022
A few ransomware trends appeared throughout 2021 and will probably continue into 2022. Attackers discovered that specific techniques generated better results and focused on those procedures.
Here are some of the primary trends for ransomware in 2021:
Supply chain attacks:
A supply chain attack extends to a larger radius than attacking a single victim.
A ransomware attack was about extracting information found on a system and then demanding a ransom in exchange for a decryption key. With double extortion, attackers break down the data to a separate location. The purpose is to leak the information to a public website if the amount is not received.
Ransomware as a service (RaaS)-
Earlier hackers had to compose ransomware code and run a distinctive set of activities. RaaS is a pay-for-use malware. It allows attackers to use a medium that provides the required ransomware code and operational infrastructure. Therefore, it helps to launch and maintain a ransomware campaign.
Major ransomware attacks can contaminate organizations in different ways. In 2021, people noticed various forms of phishing emails more often.
What Precaution Should You Take To Avoid Major Ransomware Attacks?
- Back up your data regularly- Use multiple storage systems to minimize data loss and avoid being held hostage by ransomware attacks.
- Keep your software updated- Install and update your security software regularly to prevent hackers from discovering and finding any weaknesses in your network security system.
- Provide awareness training for your employees – Staff often receive phishing emails, so they must be trained on how to deal with these email attacks and how they should avoid clicking on any suspicious links. This is your first line of defense against cyberattacks.
- Employ multiple security systems- Install Firewalls, anti-virus software, and spam filters that will help you to detect and react to intrusions faster.
- Use multi-factor authentication. Even if hackers get your employee credentials, gaining access to your system without additional authenticating factors is impossible if you use a multi-factor authentication system.
How to Protect Your Organization from Major Ransomware Attacks?
The above-mentioned major ransomware attacks have underlined the significance of cyber security for businesses of every scale and size.
The thought of mapping these major attacks is to take a more intimate look at the cyber-criminals techniques and intentions. Doing so can help us be more aware and better prepared against such attacks.
Ransomware attacks are not going anywhere, and you or your business could be the next target. Cyber Security is the need of the hour, no matter your location and the nature of your business.
Nobody is secure. The following phishing email could look authentic to an employee of your organization and be the beginning of something some sinister.