UHG
Search
Close this search box.

5 Ransomware Attacks of 2021 That Blew The Internet

In June 2021, SonicWall recorded an all-time high of 78.4 million ransomware attacks across the globally.

Share

ransomware attacks

Ransomware refers to malicious softwares that, when deployed, can prevent one from using their own computer. In order to get back access to the system, one has to pay a sum of money to cyber-criminals or hackers. 

According to Chennai-based Cyber Security Works, Ransomware is increasingly targeting the critical industrial sectors — oil and gas, finance, healthcare, food and beverages, and transportation. Ransom attacks have increased in volume (by 37 per cent) during the ongoing pandemic, and Common Vulnerabilities and Exposure (CVE) saw a jump of over 356 per cent this year compared to 2019. SonicWall recorded an all-time high of 78.4 million ransomware attacks globally in June 2021. 

Airline company Air India, food major Haldiram’s, and Pune’s smart city project Pimpri-Chinchwad Municipal Corporation faced major cyber attacks in India itself.

Today, we take a peek at the biggest ransomware attacks of 2021 so far. To know about last year’s attacks, check here

Colonial Pipeline Company 

American oil pipeline system Colonial Pipeline Company suffered a major ransomware attack in May this year. The cyberattack affected its computerised equipment managing the pipeline originating from Houston, Texas, disrupting the fuel supply to most of the US East Coast for days. 

Despite affecting just its IT systems, Colonial Pipeline Company shut down its entire pipeline operations to prevent further harm. With the FBI’s help, the company paid $4.4 million in bitcoin, as demanded by the hackers. 

According to the FBI, the attack was carried out by DarkSide. A month after payment, the Department of Justice reported that the FBI was able to seize a portion of the payment using a private key. 

Acer 

Taiwanese computer giant Acer was hit by a REvil ransomware attack in March this year. The hackers demanded a whopping $50 million. They shared images of stolen files as proof of breaching Acer’s security and the consequent data leak. These included images of financial spreadsheets, bank communications, and bank balances. 

According to media reports, the group got access to Acer’s network through a Microsoft Exchange vulnerability that had earlier led to the hacking of 30,000 US governmental and commercial organisations’ emails. 

The ransomware gang reportedly made more than $100 million in one year from large business extortions. The same hackers were responsible for the 2020 ransomware attack on Travelex. 

While the computer manufacturer never confirmed if they actually paid the ransom, it said that companies like theirs are constantly under attack and had reported abnormal situations observed to the required law enforcement and data protection authorities. 

CNA Financial 

Chicago-based CNA Financial Corp., one of the largest insurance companies in the USA, had noticed a breach in March this year. The ransomware attack is said to have led to the compromise of data of around 75,000 individuals. This data might have included names, health benefits information, and Social Security numbers of the company’s present and former employees, contract workers, and their dependents. 

According to media reports, later in May, CNA Financial agreed to have paid $40 million to get back access to its network. Reportedly, the hackers used a malware called Phoenic Locker, a variant of Hades which Russian cybercrime syndicate Evil Corp creates. 

Brenntag

Around the same time as the Colonial Pipeline Company cyberattack, hackers group DarkSide targeted Germany-headquartered chemical distribution company Brenntag. DarkSide reportedly demanded $7.5 million, or 133.65 bitcoin, for gaining access to 150 GB worth of data. Additionally, DarkSide shared a data leak page consisting of a description of the data stolen and screenshots of a couple of files to prove its claims. 

The ransom was negotiated, and ultimately, Brenntag ended up paying $4.4 million. 

Kia Motors 

A subsidiary of Hyundai, Kia Motors, suffered ransom in February this year. Attackers DopplePaymer gang reportedly asked for $20 million for a decrypter and not leak the stolen data. As claimed by Kia Motors, the subsequent ‘IT outage’ affected the mobile UVO Link apps, payment systems, owner’s portal, phone services, and internal sites used by Kia Motors America. 

While these were global attacks, India isn’t far from making headlines for cybersecurity breaches, either. If one were to go by media reports, India was most hit by ransomware attacks this year, so far. A report by Check Point research suggests that with ransomware attacks shot up by 102 per cent globally in 2021 from last year, India was the worst hit with 213 weekly ransomware attacks per organisation. Last year, Microsoft appointed a Threat Protection Intelligence Team to deal with the attacks. 

To know all about how the Colonial Pipeline Company ransomware happened and how the FBI was able to plot a crypto ransom recovery, click here

📣 Want to advertise in AIM? Book here

Picture of Debolina Biswas

Debolina Biswas

After diving deep into the Indian startup ecosystem, Debolina is now a Technology Journalist. When not writing, she is found reading or playing with paint brushes and palette knives. She can be reached at debolina.biswas@analyticsindiamag.com
Related Posts
19th - 23rd Aug 2024
Generative AI Crash Course for Non-Techies
Upcoming Large format Conference
Sep 25-27, 2024 | 📍 Bangalore, India
Download the easiest way to
stay informed

Subscribe to The Belamy: Our Weekly Newsletter

Biggest AI stories, delivered to your inbox every week.

Flagship Events

Rising 2024 | DE&I in Tech Summit
April 4 and 5, 2024 | 📍 Hilton Convention Center, Manyata Tech Park, Bangalore
Data Engineering Summit 2024
May 30 and 31, 2024 | 📍 Bangalore, India
MachineCon USA 2024
26 July 2024 | 583 Park Avenue, New York
MachineCon GCC Summit 2024
June 28 2024 | 📍Bangalore, India
Cypher USA 2024
Nov 21-22 2024 | 📍Santa Clara Convention Center, California, USA
Cypher India 2024
September 25-27, 2024 | 📍Bangalore, India
discord-icon
AI Forum for India
Our Discord Community for AI Ecosystem, In collaboration with NVIDIA.