The previous 12 months have seen no scarcity of cyber crime incidents as ransomware gangs ran amok, with safety groups seemingly powerless to do rather more than watch on in shock.
A few of the larger cyber assaults of the 12 months even had damaging real-world implications, which served to carry cyber crime mainstream consideration, and to the highest of nationwide safety agendas, significantly within the US and UK.
In the meantime, the influence of the Covid-19 pandemic continued to loom massive, with cyber criminals exhibiting no disgrace as they tried to disrupt organisations within the healthcare sector.
Listed here are Laptop Weekly’s high 10 cyber crime tales of 2021:
1. Colonial Pipeline ransomware assault has grave penalties
Although it didn’t hassle the gasoline provide at petrol stations within the UK, the DarkSide ransomware assault in opposition to Colonial Pipeline – the operator of the most important gasoline pipeline within the US – in Might 2021 was one of the crucial impactful cyber incidents of current years. Certainly, it might have prompted concerted motion in opposition to ransomware gangs in the end – time will inform.
As we reported within the speedy aftermath of the assault, the US authorities was pressured to declare an emergency and the Division of Transportation quickly relaxed laws throughout many of the Mid-Atlantic and southern US, and Texas, that ruled how lengthy truckers had been permitted to stay behind the wheel, to enhance flexibility within the gasoline provide chain.
2. REvil crew needs $70m in Kaseya ransomware heist
It was a 4 July summer time blockbuster as the REvil ransomware crew demanded a cumulative $70m ransom fee from over 1,000 companies whose IT techniques had been locked after the gang compromised companies supplier Kaseya in a traditional instance of a provide chain hack. Such was the dimensions of the incident that the REvil group was pressured to enter hiding for a time, subsequently rising solely to seek out that their infrastructure had been hacked again by regulation enforcement. One gang member is now dealing with extradition to the US to reply for his crimes; others are on the run.
3. BlackMatter gang ramps up assaults on a number of victims
Ransomware gangs come and go for a lot of causes, however one factor is definite, whether or not a rebrand of an present group or a brand new participant within the recreation, there’ll at all times be another person able to take their place. One in every of 2021’s extra impactful emergent ransom crews is named BlackMatter, and in September, we reported on a spate of assaults in opposition to a number of targets that prompted warnings from across the safety neighborhood.
4. Irish well being service hit by main ransomware assault
On the morning of 14 Might, the Conti ransomware gang hit the headlines after they encrypted the techniques of the Irish Well being Service Govt in a callous and really heartless cyber assault. The incident triggered vital disruption to affected person companies throughout Eire and prompted a large-scale response that even noticed the military drafted in. Mercifully, there have been no recorded fatalities as a direct results of the incident, however over six months on, the service has not absolutely recovered.
5. Stolen Pfizer/BioNTech Covid-19 vaccine knowledge leaked
Cyber criminals additionally tried their greatest to disrupt the roll-out of the Covid-19 vaccine programme in Europe, when knowledge referring to the Pfizer/BioNTech Covid-19 vaccine, which was stolen in December 2020 following a cyber assault in opposition to the European Medicines Company, was leaked on the web in January 2021. The information dump included screenshots of emails, peer evaluation data, and different paperwork together with PDFs and PowerPoint displays.
6. Police raids round world after investigators crack An0m cryptophone app in main hacking operation
In June, police in 16 nations launched a number of raids after intercepting the communications of organised felony teams. The gangs had been sending messages on an encrypted communications community, unaware that it was being run by the FBI. This was solely one among a number of comparable raids in 2021, which, whereas profitable at disrupting organised and cyber crime, have on the similar time surfaced official issues over the power of regulation enforcement to conduct surveillance, and the admissibility of the proof they collected.
7. Retailer FatFace pays $2m ransom to Conti cyber criminals
In March, Laptop Weekly broke the information that vogue retailer FatFace had paid a $2m ransom to the Conti ransomware gang following a profitable cyber assault on its techniques that occurred in January. The ransomware operators had initially demanded a ransom of $8m, roughly 213 bitcoin on the prevailing charge, however had been efficiently talked down throughout a protracted negotiation course of.
8. Scammers by chance reveal faux Amazon evaluation knowledge
Through the years, Laptop Weekly has typically lined knowledge loss incidents at organisations that didn’t safe their databases appropriately, so it was gratifying in Might to seek out that cyber criminals and fraudsters are unhealthy at operational safety too. This unlucky scammer by chance uncovered greater than 13 million information in an open ElasticSearch database and in doing so blew the lid on a large faux evaluation rip-off implicating a whole lot of third-party Amazon sellers in unethical and unlawful behaviour.
9. $50m ransomware demand on Acer is highest ever
Roy Fortress and Cheryl Baker taught a technology of British schoolchildren that information are made to be damaged, so maybe members of the REvil ransomware gang additionally watched BBC1 after college after they had been youthful. Both means, the $50m ransom demand made in opposition to PC firm Acer was – for a time – the very best ever made. Particulars of the record-breaking double-extortion assault emerged in March when the gang revealed Acer’s knowledge to its leak web site, however investigations by Laptop Weekly’s sister titles LeMagIT and SearchSecurity had been instrumental in uncovering and highlighting the ransomware demand.
10. Ransomware gangs search individuals abilities for negotiations.
Lastly, in July 2021, we reported on how the growing sophistication of the cyber felony underground was being mirrored in how ransomware operations put collectively their operations, looking for out specialist expertise and skillsets. Certainly, researchers from Kela discovered that some gangs are coming to resemble firms, with diversified roles and even outsourced negotiations with victims. Naturally, individuals abilities are in excessive demand as gangs attempt to sweet-talk their victims into coughing up.