x

Agile Insider Blog

The Biggest Hacks of 2021

The Biggest Hacks of 2021

Have you ever taken the time to consider what would happen if technological systems – that you rely on daily – were no longer working? Think about everything that would go wrong if you could not reach emergency services, access your bank account, or even get clean drinking water. The consequences could be devastating. Interestingly, hacks are not taken seriously despite their steady rise in the recent past. Let us take a comprehensive look at the biggest hacks of 2021 to prepare you for what may come in 2022. Read on to start safeguarding yourself and your business.

Log4j

All people have been talking about this holiday season is the vulnerability inside a Java-based application known as ‘log4j’. Potential victims are vast since nearly a third of the world’s web servers use java software. According to U.S officials, hundreds of millions receive exposure since industry giants (like Amazon, Twitter, Google, and Microsoft) run the software code.

Professionals recorded a total of 3.7 million hacking attempts with 46% of them conducted by common malicious entities. Therefore, the Log4j vulnerability is certainly turning into a nightmare before Christmas. Companies should install a firewall that features automatic updates to help safeguard their infrastructure at this time. Consumers, on the other hand, need to watch out for updates on their devices.

Kaseya

In July 2021, governments and businesses around the world were scrambling to safeguard themselves from the Kaseya attacks. Hackers had compromised over 1,000 companies by targeting a key software vendor known as Kaseya. The height of the attack was when the group behind the hack requested $70 million in bitcoin. The payment was in exchange for a decryption key that would help affected victims recover from the malicious attack.

Therefore, Kaseya shut down its servers and recommended all its customers to cripple their on-premises VSA servers. They claim no customer had compromised data, they took SaaS server offline as a precaution. The server restoration which came with a patch for on-premise VSA servers happened on July 11th, 2021.

SolarWinds

The hack on SolarWinds was a major event because it triggered a massive supply chain incident that affected numerous organizations, including the U.S government. Being a software company that provides system management tools, the SolarWinds hack left thousands of customers exposed. The data included state, local, and federal agencies that use the Orion network system by SolarWinds.

SolarWinds has asked all its customers to update their current Orion platform. The released patches for potential vulnerabilities will help protect consumer data going forward. Equally, customers unable to update their systems should change passwords for accounts that use those servers.

Hafnium Hacks of 2021

In early January, Microsoft Exchange servers for more than 30,000 U.S companies were hacked. Hundreds of thousands received exposure globally due to the incident. The Microsoft Threat Intelligence Centre (MSTIC) attributed this attack to the China-based group known as HAFNIUM.

On March 2nd 2021, Microsoft released an emergency patch to help remedy the situation. The good news is that only on-premises exchange servers were affected. The FBI led an operation to remove the malicious software from affected servers.

Ivanti Pulse Connect

Multiple vulnerabilities within the Ivanti Pulse Connect are allowing cybercriminals to compromise systems in private and government agencies. By deploying malicious web shells, hackers can gain access to consumer data. Therefore, federal agencies are working round the clock to help address these vulnerabilities.

Attackers are using the flaws to manipulate specific functions such as multi-factor authentication bypass, authentication bypass, and password logging. Ivanti released a patch to help clear these issues and protect their consumer data.

National Basketball Association (NBA)

Ransomware attacks are a subset of cyberattacks that can hit critical infrastructure. One of the biggest of these attacks in the recent past was on National Basketball Association. A hacker group, commonly known as Babuk, claimed to have stolen 500 GB worth of confidential information on the Houston Rockets.

The collected data included financial matters, contracts, and legal documents. Therefore, they were using the information as leverage over this reputable and well-known organization. Babuk’s warning was that all the data would be made public unless their $50 million demand was met.

However, whether their demands were met or not is still not clear. Tracey Hughes, the team’s spokesperson, stated that the Rockets organization detected suspicious activity in their internal network and launched an investigation.

Colonial Pipeline

The cyberattack on the Colonial Pipeline at the end of April was all over the news coverage. It had an extensive impact because the pipeline forms an integral part of the national critical infrastructure system. By going down and disputing gas supplies, it caused panic and havoc across the East Coast of the United States.

Many consumers felt the direct impact of this attack because they rely on gasoline supply. The Darkside gang – the group responsible for the attack – targeted the firm’s internal business network and billing system, thus causing widespread shortages across several states.

Colonial Pipeline quickly gave in to the demands because they needed to avoid further disruption. For starters, consumers were already panicking and ignoring necessary safety precautions. The Darkside gang, therefore, received 4.4 million dollars in bitcoin.

According to the New York Times, the FBI recovered much of the ransom by tracking digital wallet and cryptocurrency movement. However, finding the hackers who committed the crime remains a difficult task.

Twitch Hacks of 2021

Amazon’s live video streaming platform, Twitch, also fell victim to a cyber-attack in 2021. An anonymous hacker claimed to have taken over the platform along with the user payout data and source code. The hacker went further to breach an unreleased game from Amazon’s game studio.

Someone then posted the leak on an online forum, 4chan, as a 125-GB document. It showed how much Amazon has made from Twitch and the active number of users. Although Amazon did not respond to the hack immediately, they issued a statement – days later – confirming the incident.

JBS Foods

One of the world’s largest meat suppliers, JBS Foods, fell victim to a ransomware attack in May 2021. According to CNN, a Russian-based hacking group known as REvil is believed to have been behind this malicious attack. Consumers started to panic in the aftermath of the attack, which exposed the vulnerabilities in the meat market.

Although no considerable food shortages were reported, the government encouraged consumers to stay calm. Doing this was to ensure there was no panic meat buying that would further escalate the situation. However, JBS Foods only admitted to the attack on June 9th despite having been acknowledged by the White House on June 1st.

JBS foods paid a total of $11 million as ransom demand in Bitcoin. This occurred after consultations with cybersecurity experts. It is one of the largest Ransomware payments recorded in history, according to CBS News.

Accellion Breach

Accellion, a world-class company specializing in secure file-sharing and collaboration, fell victim to a zero-day attack that targeted its unique File Transfer Application software. Hackers utilized the vulnerabilities within the software to gain Accellion-user data. Thus, they launched an all-out attack on Accellion partners and customers.

On 28th January 2021, Accellion released a security patch to help remedy the situation. However, there were long-lasting impacts of the breach on the affected individuals and organizations. Therefore, everyone needs to take the necessary precautions to ensure they don’t fall victim to hacks.

Scripps Health

San Diego-based health system, Scripps Health, was forced to take network portions offline for several weeks due to a Ransomware attack on May 1, 2021. Doing this had a massive impact that cost close to $112.7 million in lost revenue as part of the hacks of 2021.

Apart from disrupting patient care, medical providers had no choice but to use paper records. Data stolen included addresses, social security numbers, dates of birth, patient account numbers, and health insurance information of over 150,000 patients.

Currently, Scripps Health is battling a class-action lawsuit. The patients blame the system leaders for failure to adequately protect the data. Patients are, therefore, subject to potential consequences – including medical fraud and identity theft.

Epik Hosting Hacks of 2021

Domain Host, Epik, also fell victim to a cyberattack in 2021. The hackers behind the attack published the company’s data online. Security analysts and researchers combed through the data to identify what sensitive information leaked.

Professionals encouraged Epik Hosting customers to change their passwords and avoid re-using similar passwords at other sites. Domain owners should also integrate a system that helps them track any domain changes. Doing this ensures no registrar transfer initiates without their knowledge.

The Molson Coors Beverage Company

Known for its iconic beers, Molson Coors, suffered a cyberattack in 2021. The hack occurred on March 11th, causing severe disruptions in their daily operations – including beer shipment and production. The company had to take its system offline to help prevent the further spread of malware.

The company also hired legal counsel and forensic information technology experts to help investigate the hacking. Although the company did not release information on the attack, they managed to get its operations running smoothly. Also, the company didn’t state the number of facilities that were impacted by the hack.

NSO Group’s Pegasus Software

one of the biggest hacks of 2021 in progress

The NSO Groups software, Pegasus, made headlines in 2021 for being used by different entities – including governments – to spy on activists, journalists, government officials, and academicians. It worms itself into your phone and turns it into a surveillance device that spies on victims 24/7.

Pegasus can do several things to your device, making it quite dangerous. These include copying and sending messages, recording calls, and harvesting photos. Equally, it can pinpoint your exact location and where you have been.

TMobile Data Breach Hacks of 2021

On August 17, 2021, users of T-Mobile – the third-largest mobile service provider in the U.S – suffered a data breach. It exposed the information of close to 47 million former, current, and prospective consumers. Most of the data contained social security numbers, first and last legal names, driver’s licenses, and so much more.

Currently, T-Mobile is fighting a class-action lawsuit due to this data breach. According to the filers, T-Mobile knew the potential risk of the data breach and yet maintained private information recklessly.

CD Projekt Red

Polish game developers behind games like Cyberpunk 2077, CD Projekt Red, also fell victim to a ransomware attack as part of the hacks of 2021. According to a message on their official social media accounts, hackers gained access to their corporate network. Luckily, the company announced that their backups remain intact.

The game maker also went on to publish a copy of the ransom note left by the attackers. The hackers claimed to have copies of the source code for popular games – including the Witcher 3, Gwent, and Cyberpunk 2077. However, CD Projekt Red made it clear that they would not negotiate with the hackers behind the vicious attack.

U.SCellular

The fourth-largest network carrier in the U.S – U.S. Cellular – fell victim to a data breach on January 6, 2021. The attack was targeting organization employees with access to customer relationship management software.

Although the breach notification didn’t have a lot of detail on the attack, only target employees fell for the scam. Unauthorized individuals, therefore, gained access to consumer wireless phone numbers and account details.

According to Forbes, this hackers contact employees posing as IT support staff in such incidents. Therefore, they gain remote access once they convince the victims to follow their instructions.

Leave a comment

Learn More Today

Have questions or want to learn more about the services and solutions Agile IT has to offer?

Schedule a call with us today!

Schedule a Call
or

Request a Quote