August 6, 2021
The 7 Biggest Ransomware Attacks of 2021 (so far!)
Ransomware is a clear and present danger to enterprises in 2021, as cybercriminals leave the shadows and take center stage. While ransomware was once something only targeting governments and rich corporations, now we are all aware of how powerful it can be and how much damage it can cause. 2021, so far, has been a monumental year for big ransomware attacks and there have been very few if any, consequences for the attackers. It’s safe to assume that this trend will continue for the time being.
Let’s explore a few of the most successful ransomware attacks of 2021.
1. Colonial Pipeline
The DarkSide ransomware attack on Colonial Pipeline shut down fuel delivery for most of the South Eastern USA in May 2021. The victim paid an almost $5 million USD ransom in Bitcoin to retrieve close to 100 gigabytes of data. A single compromised virtual private network (VPN) password was all the attackers needed to get access to Colonial Pipeline's network.
In May of 2021, Brenntag SE, a German chemical distribution company, operating in 77 countries, was attacked by DarkSide ransomware and was forced to pay $4.4 million in Bitcoin. This came just days after the Colonial Pipeline attack.
In March 2021, computer giant Acer suffered the largest cyber-attack in history when hackers used REvil ransomware to cripple the Taiwan-based manufacturer’s network defenses. The cost for Acer to retrieve their data was $50 million XMR-USD (Monero cryptocurrency).
4. JBS Foods
JBS Foods, one of the world’s largest meat processors, suffered a REvil ransomware attack in June 2021. They were forced to shut down operations in the USA and Australia due to the attack but resumed operations quickly. JBS paid $11M in Bitcoin to the attackers.
In April 2021, Quanta Computer, a major supplier of tech giant Apple’s MacBook, suffered a major REvil ransomware attack and was forced to make a $50 million USD payment to recover their network and stolen data. Understandably, Apple was silent on what was stolen but it was reported to be designs and schematics for valuable Apple products.
6. National Basketball Association (NBA)
In April 2021, the Houston Rockets, one of the US National Basketball Association's 30 teams, was hit with a ransomware attack—but their network security defenses limited damage from the attackers. The hacking group Babuk claimed to have stolen 500 gigabytes of data which included financial records, non-disclosure agreements (NDA), and player and vendor contracts. No ransom is known to have been paid and no data has been published by the attackers.
Four Asian subsidiaries of the AXA Insurance enterprise were hit first by a ransomware attack and then an extended denial of service attack (DDoS) in May 2021. This is after AXA announced its intention to discontinue cyber-attack insurance for companies in France, an area suffering from an overwhelming number of cyber-attacks. Thailand, Malaysia, Hong Kong, and the Philippines were affected in the Avaddon ransomware group attack, with bank account info, claim forms, ID cards, and payment records stolen.
Each one of these companies is well-known and enjoyed an excellent reputation until they made the news in 2021 for the loss of their valuable customer data. Following the attacks, all but one was forced to shut down for a period, suffering huge losses of both profit and reputation.
If these enterprises were unable to protect themselves from ransomware, consider how easy an attack on your network or business would be. Do you want the name of your company in headlines for losing customer data and paying a huge ransom in Bitcoin? Or for how excellent and successful your business is? The answer is an easy one.
Powerful cybersecurity capabilities are critical to all businesses, as evident by the number of huge attacks these companies have experienced. Companies like ForeNova are skilled and experienced at dealing with ransomware issues, using attacks like these to inspire the creation of their anti-ransomware protection solutions like ForeNova’s NovaCommand.
NovaCommand prevents ransomware attacks and bitcoin mining operations, by first tracking the malicious files back to their entry point. Continuously monitoring and analyzing the network for abnormal traffic patterns and using AI to identify hidden attack patterns automatically stop future attacks. Insider threats and privileged account violations are easily detected and eliminated quickly. Finally, NovaCommand offers continuous threat detection and response through a strong integration of endpoint and network security products, correlation of security logs and alerts, and AI-enabled real-time policy analysis and monitoring.