explained | What occupied cybersecurity in 2021?
A pandemic was not enough reason for hackers to refrain from launching cyber attacks
While the pandemic kept people connected to their devices for another year, cyberattacks and data breaches raged.
According to a report by consulting firm Accenture, the average number of attacks per company has increased by 31% since 2020. In addition, successful breaches of organizations through the supply chain have increased from 44% to 61%.
India alone has witnessed more than six lakh of cybersecurity incidents in the first six months of 2021, according to the Indian Computer Emergency Response Team (CERT-In).
This year, hackers have increasingly targeted critical infrastructure systems. They attacked the U.S. fuel pipeline operator Colonial Pipeline with ransomware that forced it to shut down, causing fuel shortages and a state of emergency in four states. The company’s operations returned to normal after paying $ 5 million in ransom, part of which was later recovered. The Darkside cybercriminal group took responsibility for the ransomware attack. The Colonial Pipeline debacle followed attacks on a Florida water treatment plant and computer company SolarWinds. The Ransomware gangs did not stop there.
Kaseya, a software company that provides services to more than 40,000 organizations, suffered a cyberattack during US Independence Weekend. The organization, which is headquartered in Miami, has urged its customers to immediately shut down their servers to avoid the possibility of being compromised by attackers. Initially, it was estimated that 800 to 1,500 small and medium-sized businesses could have been the victims of a ransomware compromise. The attack was attributed to the ransomware group REvil who came up with a decryption key to unlock all encrypted systems. The group demanded $ 70 million in bitcoin. The attack that occupied cybersecurity experts for days has been called one of the most widespread criminal ransomware attacks.
Social media and industry agnostic attacks
Social media platforms have become fertile ground for cybercriminals who steal data. Facebook has suffered a massive data breach as the private information of 533 million users was disclosed online. It was reported that information relating to CEO Mark Zuckerberg was also part of the leaked database from 2019. The data was accessed by exploiting a vulnerability in the contact importer feature of the platform. Facebook also noted that the data was not stolen by hackers.
It may seem like cybersecurity incidents only happen in a particular industry, but hackers aim to exploit every business to achieve their goal. The attack on an Indian airline proves it.
Air India has reported a cybersecurity incident that affected the data of more than 4.5 million of its customers. The breach was reported to the company in February and involved personal data, including name, date of birth, contact details, passport information, ticket information, frequent flyer data from Star Alliance and ‘Air India, but no password or credit card data was affected.
Hackers also targeted the Cowin Vaccine Portal app to steal personal data. They developed bogus apps, masquerading as the Cowin app, the official platform for booking COVID-19 vaccination slots or registering for the vaccine, and circulated those apps via viral messages. “The SMS contains a link that installs the malicious application on Android devices, which is mainly spread by SMS to the contacts of the victims. The application also obtains unnecessary permissions that attackers could exploit to acquire user data such as the contact list, ”CERT-in said in its notice.
State sponsored attacks
This year has also been the scene of major state-sponsored attacks. Chinese state-sponsored actors have attacked India’s energy sector as border tensions between the two countries escalated in May last year, according to U.S. cybersecurity firm Recorded Future.
According to the report, 10 separate Indian power sector organizations have been targeted in a concerted campaign against India’s critical infrastructure with malware known as ShadowPad that can give attackers full control of systems. . However, the Energy Department said no data breach or data loss was detected due to the incident.
As the year draws to a close, a new vulnerability known as Log4Shell is worrying several organizations. The biggest cybersecurity flaw in the open source logging library affects applications used by most businesses and even government agencies. The easy-to-execute vulnerability can give hackers access to an application, allowing them to install and run malware and take control of the system. Tech companies such as Microsoft, Google and Cisco said they are currently assessing the situation and will continue to update their systems and send out patches for various vulnerabilities.