As the pandemic kept people connected to their devices for yet another year, cyberattacks and data breaches raged on.
According to a report by consulting firm Accenture, there was a 31% jump in the average number of attacks per company since 2020. Besides, successful breaches to the organisations through the supply chain rose from 44% to 61%.
India alone witnessed over six lakh cyber security incidents in the first six months of 2021, as per the Indian Computer Emergency Response Team (CERT-In).
Ransomware attacks
Hackers increasingly targeted critical infrastructure systems this year. They attacked U.S. fuel pipeline operator Colonial Pipeline with a ransomware that forced it to shut down, causing fuel shortages and a state of emergency in four States. The company’s operations were back to normal after they paid $5 million in ransom, a part of which was later recovered. Cybercriminal group Darkside took responsibility for the ransomware attack. The Colonial Pipeline debacle followed the attack on a water treatment plant in Florida and on SolarWinds IT company. The Ransomware gangs did not stop here.
Kaseya, a software company that provides services to over 40,000 organisations, suffered a cyberattack over the American Independence Day weekend. The organisation which has its U.S. headquarters in Miami urged its customers to immediately shut down their servers to avoid the possibility of being compromised by attackers. Initially, it was estimated that 800 to 1,500 small to medium-sized companies may have experienced a ransomware compromise. The attack was attributed to REvil ransomware group which offered a decryption key to unlock all encrypted systems. The group demanded $70 million in bitcoin. The attack that kept cybersecurity experts busy for days was termed as one of the farthest-reaching criminal ransomware attacks.
Social media and industry agnostic attacks
Social media platforms have become a breeding ground for cybercriminals to steal data. Facebook suffered a massive data breach as private information of 533 million users was leaked online. It was reported that information related to the CEO Mark Zuckerberg was also part of the leaked database from 2019. The data was accessed by exploiting a vulnerability in the platform’s contact importer feature. Facebook also noted that the data was not stolen by hacking.
It might seem like cybersecurity incidents happen only in a particular industry, but hackers aim to exploit every business to achieve their motive. The attack on an Indian Airline proves the point.
Air India reported a cybersecurity incident that affected data of over 4.5 million of its customers. The breach was reported to the company in February, and involved personal data including name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data but no passwords data or credit cards data were affected.
Hackers also targeted vaccination portal Cowin app to steal personal data. They developed fake apps, masquerading as Cowin app, the official platform for booking COVID-19 vaccination slots or registering for the vaccine, and circulated these apps through viral messages. “The SMS carries a link that installs the malicious app on Android-based devices, which essentially spreads itself via SMS to victims’ contacts. The app also gains unnecessary permissions that attackers could leverage to acquire user data such as contact list,” CERT-in said in its advisory.
State-sponsored attacks
This year also witnessed some major state-sponsored attack. Chinese State-sponsored actors attacked India’s power sector as border tensions between the two nations escalated in May last year, according to U.S. cybersecurity firm Recorded Future.
As per the report, 10 distinct Indian power sector organisations were targeted in a concerted campaign against India’s critical infrastructure with malware known as ShadowPad that can hand attackers full control of the systems. However, the power ministry said no data breach or data loss was detected due to the incident.
As the year draws to a close, a new vulnerability, known as Log4Shell, has worried several organisations. The biggest cybersecurity flaw in the open-source logging library affects applications used by most firms and even Government agencies. The easy to execute vulnerability can give hackers access to an application, allowing them to install and run malicious software and take control of the system. Tech firms such as Microsoft, Google and Cisco have said they are currently assessing the situation and will continue to update their systems and send patches for various vulnerability.
