Cyberattacks in 2021 Are at Record Levels
While cyberattacks are always a concern to monitor, it’s important to note that various types of attacks are at record levels in 2021, leading to data loss and leaks around the world. Why is that the case? Keep reading to learn more about cyberattacks — particularly ransomware — and how such security incidents are affecting individuals, businesses, and the cybersecurity industry as a whole.
What Is Ransomware?
This is a type of malware that uses encryption technology to get a victim’s data and hold it for ransom, hence the name. Either individual hackers or hacking groups employ encryption on a user or business’s data so that they can no longer access their information, data, files, or applications. For the user to regain access, the attacker demands a ransom — usually monetary — in exchange for a decryption key, which is the only way to decrypt the malware.
There are many different forms of ransomware, but most commonly, malware is shared through email spam, which is why businesses are largely at risk. Often, cybercriminals employ ransomware that targets multiple databases and services, so it can spread through an entire network, creating a security incident that can completely halt operations. This type of cyberattack has become increasingly more common and threatening as technology continues to grow and cybercriminals become more clever.
The biggest concern in relation to malware is the dramatic uptick in the number of cyberattacks occurring. According to several reports, the frequency of cyberattacks in 2021 has increased 93 percent as compared with the year before. Globally, cybersecurity attacks of organizations and businesses have increased 29 percent, and in the Americas alone, cyberattacks have increased 24 percent year-over-year.
During the first half of 2021, cybercriminals worked hard to shift their operations as more businesses transitioned to hybrid working, specifically targeting businesses’ supply chains and networks to greatly disrupt organization function. In the first six months of 2021 alone, there were a recorded 304.7 million ransomware attempts — not including any other types of cybercrime.
It’s easy to see why 2021 is already statistically the worst year in history for cybercrime.
Why is 2021 the year that hacking groups and bad actors are making their moves? There are likely several possible reasons. Overall, it’s important to acknowledge that as the years go on, technology keeps improving. It’s easier than ever for nearly anyone to become a malware attacker — regardless of technological knowledge. In addition, the trend of ransomware-as-a-service, or RAAS, has been a contributing factor to the uptick in attacks.
Now, ransomware is created by cybercriminals, sold freely on the internet in not-so-hidden black markets. The buyers can then easily implement it, without even being very technologically advanced. Along the same lines, blueprints to create malware can also be found easily on the internet for those seeking them. These attackers can create their own new form of ransomware.
Furthermore, hacking techniques are also being developed at a fast pace. While cybercriminals would previously encrypt specific, limited files, ransomware can now encrypt a network or computer’s entire disk in order to completely disable entire systems. Overall, a ransomware group or gang doesn’t have to work very hard to sell or install ransomware, no matter their level of skill or intentions. The group Ragnar Locker is a notable example of a ransomware gang that has emerged in 2021.
Common Ransomware Variants
There are different types of ransomware, called variants or strains, that have emerged over the past few years. In 2021, the most common ransomware variant was Ryuk, which was behind more than 90 million ransomware attempts in the first six months of 2021. Cerber, another ransomware strain, attempted 52.5 million malware attacks from January to June 2021. Most cybersecurity industry experts are keeping a watchful eye on Cerber, anticipating that its attacks and influence are on the rise.
Another ransomware strain, called SamSam, attempted nearly 50 million cyberattacks in six months, attempting 15.7 million attacks in June 2021 alone. The Phoenix cryptolocker is another notable ransomware tool that was used this year. There are also many other malware and ransomware variants threatening businesses and individuals.
Who’s Being Affected?
Many industries — ranging from health care providers to law firms — are being targeted specifically by ransomware attacks. Unsurprisingly, the most targeted industry is government. On average in 2021, cybercrime attempts have been 10 times as prevalent in the government sector than in any other industry.
However, in three months of 2021, the education sector experienced even more malware attempts than the government. Judson Independent School District in San Antonio, Texas, reportedly paid more than $500,000 to its ransomware threat actors after being targeted.
Biggest Ransomware Attacks in 2021 at Present
The total number of ransomware attacks and attempts in 2021 has already reached a record high, but some businesses were hit harder than others. When organizations aren’t prepared — and sometimes, even when they are — for cyberattacks, the result can be devastating, leading to supply chain attacks, personal information leaks and more. Here are some of the worst cyber malware attacks so far in 2021:
The car manufacturer, commonly referred to as Kia, was attacked with ransomware, presumably DoppelPaymer, in February 2021. The attack affected internal systems, as well as customers, and breached data from mobile apps, payments, phone services, and dealership technologies, including IT systems. Although the company denies the attack altogether, the ransomware group claims to have attacked both them and their parent company, Hyundai Motors.
CD Projekt Red
Most video game enthusiasts are likely aware of the attack that greatly affected this Poland-based company in February 2021. The business, which has developed such popular games as “The Witcher” series and “Gwent,” was in the process of developing its highly anticipated “Cyberpunk 2077.” The attackers caused severe disruptions within the game, stole source code from several other company games, and circulated private information online.
The Taiwanese computer company was targeted in March 2021 by REvil. The ransomware gang was able to gain access through a Microsoft Exchange server and demanded a ransom payment of $50 million — the highest ransom note and demand in history. As of early October 2021, the Hong Kong firm Fimmick has become the latest business to be hit by ransomware attempts from REvil.
Washington, D.C., Police Department
in April 2021, the Metropolitan Police Department of Washington, D.C., was attacked by a Russian ransomware group known as Babuk — which also targeted the Houston Rockets around the same time. The hacking group demanded $4 million to prevent the release of sensitive criminal data, which the police department refused. As a result, a massive data leak ensued, publishing confidential disciplinary and intelligence reports.
Other businesses, such as JBS USA, a meat supplier that completed its ransom payment in bitcoin, have been targeted, as well. Even pipelines can be targeted by ransomware — in May 2021, Colonial Pipeline, which is a pipeline that supplies Texas and other southern states with gasoline, was targeted by ransomware actors DarkSide. A few hospitals in Waikato, New Zealand, were also taken offline by a ransomware attack this year. The same happened in San Diego, Calif., at Scripps Health.
These are just a few examples of the ways threat actors can impact businesses throughout various sectors.
What’s Being Done About It?
What’s being done to stop the threat of ransomware and cybercrime? Although crime rates are up, defenses against it are also increasing. Both government and law enforcement agencies, including the Biden administration, have paid closer attention to malware attacks in 2021 and are beginning preventative efforts. In addition, said agencies are encouraging the use of technologies that aid in early detection and prediction. Specifically, states like North Carolina are working to ban ransomware as a whole.
Current Trends in Ransomware
What are the current trends to watch regarding ransomware? It’s important to note that threat actors can now use various means to enact ransomware attacks. As technology continues to evolve, information systems and computer networks are vulnerable to various types of malware attacks. Two significant trends are triple extortion and mobile devices.
One of the new trends in ransomware attacks is what’s known as the ‘”triple extortion” technique. In this type of malware attack, ransomware gangs target a business’s data, as well as its customers’ and business partners’ data. The ransomware group steals the organization’s data and threatens to release it publicly if the ransom demand isn’t fulfilled.
It’s no secret mobile smartphone usage has become increasingly common, and unfortunately, cybercriminals have adapted their methods to affect these devices, as well. Through features such as emergency alerts and relaxed security and permissions, ransomware actors have been able to spread malware on phones. These ransomware variants are more advanced, and some are even able to spread the malware to every app and browser window, displaying the ransom note and making the device completely unusable.
Contact Consolidated Technologies, Inc.
The growing cybercrime rate is alarming. Does your business have early detection and prevention technologies in place? If not, you and your employees’ sensitive information is at risk. To learn more about what we can do to protect your business from ransomware, malware, and other cybercrime, contact Consolidated Technologies, Inc. and get protected today!