Preparing for a secure 2022
We walk down memory lane today to inspect the most noteworthy cyber incidents of the year gone by. The cyber incident highlights of 2021, for us, server the purpose of preparing us for the coming year, where we have to brace ourselves against cloud infiltration attacks and more Covid-19 exploitation.
January 2021 – SolarWinds and Accellion
January 2021 saw the breakout of one of the most widespread cyber-attack of this year. At the very beginning of 2021, the world was shaken by the SolarWinds attack, which impacted 18,000 organizations and their data. In fact, organizations are still reeling from the aftermath of this deathly cyber-attack.
In the same month, New Zealand also faced a data breach at a NZ Central Bank data centre. Accellion, a file transfer application, was compromised, allowing hackers access to all the files and information stored and transferred via the FTA. New Zealand, however, did not divulge any specifics to the case, partly to contain the data breach.
February 2021 – Amsterdam servers
Moving into the next month, it was Amsterdam’s turn to face to heat of a server breach. In February 2021, a group of Iranian hackers managed to breach Amsterdam servers. Upon gaining illegal entry, the hackers used the Amsterdam servers as a command-and-control centre for further attacks launched at political opponents in the Netherlands, Germany, Sweden, and India.
March 2021 – Indian exporters and Microsoft Exchange attacks
March 2021 was bad for India not just because we went into another lockdown. It was the month Indian transportation business faced a sudden surge of cyber-attacks. 8 major transportation organizations were impacted, and it later became evident that the hackers were trying to use this particular attack as a foundation for further attacks.
Microsoft also went through the trials and tribulations of a persistent onslaught of cyber-attacks. It began with a flaw in the MS Exchange servers which affected over 30,000 companies. But the rampage continued to target UK firms.
April 2021 – MobiKwik and Chase Bank
The data of about 10 crore users became vulnerable as MobiKwik, popular mobile wallet and payments app, got hacked. The threat actors put up the entire stolen data for sale on the dark web. This data (8.2TB in size) contained sensitive information like KYC documents, Aadhar cards, credit card details, phone numbers etc.
In April, the renowned JP Morgan and Chase bank also fell prey to a cyber threat. Interestingly, the bank was compromised for 2 months, and the data breach was only discovered because the hacker made a mistake. As for the root of this attack, from past experience, Chase believes it was an insider misgiving, either intentional or due to some employee being careless with privileged information.
May 2021 – Horizon Bank, US Colonial Gas Pipeline, and LinkedIn
May was a busy year for both hackers launching their attacks and cybersecurity companies firing from the other side. First, Horizon bank (another bank!) lost 1 million dollars to a cyber fraud.
Then the US Colonial Gas Pipeline became the victim of ransomware, and ended up losing 4.4 million USD.
In the same month, LinkedIn was antagonized by hackers who stole the data of 500 million users.
June 2021 – Air India
It was now Air India’s turn to combat cyber threats. In a data breach, data of 4.5 million customers was compromised. Along with facing the data breach, Air India also had to face litigation as a lady sued the airlines for 30 lakh INR.
July 2021 – Kaseya, Pegasus, and Saudi Arabian Oil Company
July was the month of exotic sounding cyber security incidents of 2021. Starting with the Kaseya ransomware attack which impacted roughly 1500 businesses. The FBI had to get involved and noted that the Kaseya security incident was a supply chain ransomware attack, leveraging a lurking vulnerability in Kaseya’s VSA software (Virtual System Administrator).
July 2021 also saw the Pegasus expose, a spyware that snooped on as many as 300 high-profile individuals. Pegasus, an Israeli spyware, targets mobile phones as means of spying on individuals.
If that wasn’t enough, Saudi Arabia too became a cyber victim, when Chinese threat actors attacked a Saudi Oil company.
August 2021 – Indian Telecom Network
This month’s security incident tells us that no industry is safe from cyber threats. August 2021 was the month a group of Chinese threat actors conducted full-fledged cyber espionage on an Indian telecom network.
It was also the month PineLabs, an ePayment enabling merchant, suffered through a data breach which put a whopping 5,00,000 data records at risk.
September 2021 – Voicenter
In this security incident, Israeli-based cloud focused Voice Computing company, suffered a data breach which damaged 8,000 organizations and made 15TB worth of data vulnerable.
October 2021 – Tamil Nadu Public Department
A government authority soon made it to this list of security incidents in 2021, when the Tamil Nadu Public Department was victimized by a ransomware attack. Several government files were encrypted, locked by a 16-digit code.
November 2021 – The FBI itself
The protectors now become the victims. In November 2021, the US Federal Bureau of Investigation fell prey to a targeted cyber threat. FBI’s email servers were breached, and then misused to send countless fake emails to victims of further cyber attacks.
December 2021 – Log4J
This one makes our blood curdle . The infamous Log4J vulnerability came to light in December 2021, and wreaked total havoc on industries and businesses across the world. With an alarming CVSS score of 10 (the highest), the vulnerability in Apache’s Log4J is so deep it is estimated that cleaning it up would take years.
Looking forward to a secure 2022
These noteworthy cyber incident highlights of 2021 are in various stages of resolution and caused varying levels of damage, some repairable, some unfortunately not. To start off the new year right, we should all look to these past incidents as learning ground, so we’re better prepared for the coming times.
More IT and security resources and updates.