Ransomware is a clear and present danger to enterprises in 2021, leaving the shadows and taking center stage. While ransomware was once something only targeting governments and rich corporations, now we are all aware of how powerful it can be and how much damage it can cause. 2021 has been a monumental year for big ransomware attacks and very few if any consequences for the attackers. It’s safe to assume that this trend will continue for the time being. Let’s explore a few of the most successful ransomware attacks of 2021.
1. Colonial Pipeline
The DarkSide ransomware attack on Colonial Pipeline shut down fuel delivery for most of the South Eastern USA in May 2021. The victim paid almost $5 million USD ransom in Bitcoin to retrieve almost 100 gigabytes of data. A single compromised virtual private network (VPN) password was all the attackers needed to get access to Colonial Pipeline's network.
2. Brenntag
In May of 2021, Brenntag SE, a German chemical distribution company operating in over 77 countries, was attacked by DarkSide ransomware and was forced to pay$4.4 million in Bitcoin. This came just days after the Colonial Pipeline attack.
3. Acer
In March 2021, computer giant Acer suffered the largest cyber attack in history when hackers used REvil ransomware to cripple the Taiwan-based manufacturer’s network defenses. The cost for Acer to retrieve their data was $50M USD in Monero cryptocurrency.
4. JBS Foods
JBS Foods, one of the world’s largest meat processors suffered a REvil ransomware attack in June 2021. They were forced to shut down operations in the USA and Australia due to the attack but resumed operations quickly. JBS paid $11M in Bitcoin to the attackers.
5. Quanta
In April 2021, Quanta Computer, a major supplier of tech giant Apple’s MacBook, suffered a major REvil ransomware attack and were forced to make a $50M payment to recover their network and stolen data. Understandably, Apple was silent on what was stolen but it was reported to be designs and schematics for valuable Apple products.
6. National Basketball Association (NBA)
In April 2021, the Houston Rockets, one of the US National Basketball Association’s 30 teams, was hit with a ransomware attack but their network security defenses limited the damage from the attackers. The hacking group Babuk claimed to have stolen 500 gigabytes of data which included financial records, non-disclosure agreements (NDA), and player and vendor contracts. No ransom is known to have been paid and no data has been published by the attackers.
7. AXA
Four Asian subsidiaries of the AXA Insurance enterprise were hit first by a ransomware attack and then an extended denial of service attack (DDoS) in May 2021. This after AXA announced their intention to discontinue cyber-attack insurance for companies in France, an area suffering from an overwhelming number of cyber-attacks. Thailand, Malaysia, Hong Kong, and the Philippines were affected in the Avaddon ransomware group attack, with bank account info, claim forms, ID cards and payment records stolen.
Sangfor Technologies
Each one of these companies are well-known and enjoyed an excellent reputation until they made the news in 2021 for the loss of their valuable customer data. Following the attacks, all but one was forced to shut down for a period, suffering huge losses of both profit and reputation.
If these enterprises were unable to protect themselves from ransomware, consider how easy an attack on your own network or business would be. Do you really want the name of your company in headlines for losing customer data and paying a huge ransom in Bitcoin, or for how excellent and successful your business is? The answer is an easy one.
Powerful cyber security capabilities are critical to all businesses, as evident by the number of huge attacks these companies have experienced. Companies like Sangfor Technologies are skilled and experienced at dealing with ransomware issues, using attacks like these to inspire the creation of their anti-ransomware protection solutions like Sangfor Cyber Command.
Sangfor Cyber Command prevents ransomware attack and bitcoin mining operations, by first tracking the malicious files back to their entry point. Continuously monitoring and analysing the network for abnormal traffic patterns and using AI to identify hidden attack patterns automatically stop future attacks. Insider threat and privileged account violations are easily detected and eliminated quickly. Finally, Cyber Command offers continuous threat detection and response through a strong integration of endpoint and network security products, correlation of security logs and alerts, and AI-enabled real-time policy analysis and monitoring.
Sangfor Technologies is an APAC-based, leading global vendor of IT infrastructure and security solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com to learn more about Sangfor’s Security solutions and ransomware protection, and let Sangfor make your IT simpler, more secure and valuable.