Top Ten Cyberattacks of 2020-2021

TOP TEN CYBERATTACKS OF 2020-2021

Post Covid-19 pandemic, the professional and personal lives of people have seen unprecedented changes and an acute dependency on the Internet. Corporates have resorted to the work-from-home model; retail businesses have resorted to the online business model, as have many industries in brick and mortar models. Resultantly, there has been an all-time high in the ratio of people using the Internet as a means to conduct the simplest of their day-to-day tasks.

One ramification of this shift is the skyrocketing of cyberattacks. Cybercriminals have taken this opportunity to up the ante in terms of the scope and frequency of such attacks. Worryingly, such criminals do not discriminate among individuals, governments, and organizations as potential targets. According to prnewswire.com, the FBI recently reported that the number of complaints about cyberattacks to their Cyber Division is up to as many as 4,000 a day. In this article, we have listed the top 10 cyberattacks of 2020-21 that caused immense havoc and financial losses.

1. Marriott International

The popular hotel chain suffered a data breach in 2020. Marriott issued a statement on March 31, 2020. According to that statement, the information of 5.2 million guests was accessed using the login credentials of two employees who worked at a franchise property.

The statement further added that an application used by Marriott to help provide guest services was also affected. Upon discovering, Marriott immediately disabled the login credentials, implemented heightened monitoring, informed guests, and began an investigation.

The company believes that this activity started in mid-January 2020. Information compromised may have involved contact details and information related to customer loyalty accounts.

2. Twitter

Twitter, one of the most popular social media platforms, was hacked in July 2020. Attackers used social engineering, confirmed by Twitter as phone phishing, to hijack many high-profile Twitter accounts. These accounts included that of Tesla CEO, Elon Musk, Amazon CEO, Jeff Bezos, and former president of the United States of America, Barak Obama.

The New York State Department of Financial Services stated, “In monetary value, the Hackers stole over $118,000 worth of bitcoin. But more significantly, this incident exposed the vulnerability of a global social media platform with over 330 million total monthly active users and over 186 million daily active users, including over 36 million (20%) in the United States.”

The attackers had stolen employee credentials and gained access to Twitter’s internal management system.

The three attackers behind the Twitter hack were nabbed, and the mastermind of the attack, 17-year old Graham Ivan Clark, was sentenced to 3 years in prison.

3. Sina Weibo

China has officially blocked Facebook and Twitter. Instead, they have Weibo, a microblogging site, one of the most popular social media platforms. It is like a combination of Facebook and Twitter.

In March 2020, news broke out that the personal details of over 538 million Weibo users were available online for sale. A hacker claimed to have breached Weibo and sold the data for $250 on the dark web. But since the data did not contain banking passwords, it probably did not lure the hackers much. However, the data contained personally identifiable information (PII) such as real names, usernames, gender, location, and phone numbers of 172 million users. Nonetheless, leakage of this information could have easily led to different scams, fraud, etc.

4. Solar Winds

The Solar Winds hack was perhaps one of the most damaging cyberattacks of 2020. It was a masterfully conducted supply chain hack that compromised multiple governments and private company systems all across the globe.

In December 2020, the attack was first discovered by a Cyber Security firm called Fire Eye. Analysts at Fire Eye found that unusual data was being sent to a server of an unknown origin. Fire Eye concluded from its investigation that the systems may have been infected as far back as early 2020.

Further investigation revealed that one of the servers was compromised that provided access to updates and patches to Solar Winds Orion tools. It allowed attackers to inject code into the software updates and infect the data of multiple clients at once. This code allowed data modification and exfiltration. It also allowed remote access to devices that had malicious software installed. The attack has been attributed to an Advanced Persistent Threat (APT) actor and the Malware has been dubbed “SUNBURST.”

5. Florida Water System

On February 5, 2021, a Cyber Security breach occurred in the Florida Water System when a malicious hacker tried to poison the water supply by using a remote access software platform known as Team Viewer, which was shared by plant workers.

The hacker is said to have entered Oldsmar’s water treatment system and tampered with the levels of Sodium Hydroxide and Lye by increasing those to 100 times their normal levels. Sodium Hydroxide is generally used to remove metal from drinking water and to control water acidity. Manipulating the level could have led to poisoning and other serious health hazards.

Thankfully, an employee sensed the cyberattack and alerted the concerned employees who got the level back to a safe range. Thus, averting what could have been a frightful nightmare for Florida citizens.

6. Microsoft Exchange

Microsoft faced a very serious Cyber Security breach from January 2021 to March 2021. Hackers attacked the on-premises Microsoft Exchange Servers by exploiting zero-day vulnerabilities (computer software security flaws). The malware attack affected nine government agencies and over 60,000 private companies worldwide.

Microsoft pinned the attack on a Chinese state-sponsored hacker group called “Hafnium.” The USA and UK, along with their allies, also attributed the attack to hackers affiliated with the Chinese government. The Chinese government rejected all claims.

Soon, Microsoft sent a notice to all its consumers to check whether they have suffered data leakages. This hacking attack highlighted how Microsoft’s on-premise email servers provided the key to hackers to unlock sensitive data from governments and private companies.

7. Acer

Taiwanese computer manufacturer Acer became the latest target of the Revil ransomware group in March 2021. A $50 million ransom was demanded. It was also said that if the ransom was not paid within the stipulated time, the hackers would double up the ransom amount to $100 million. Acer had initially agreed to pay $10 million. However, it was not reported whether Acer ultimately paid the ransom to the Revil group or not.

The REvil group had gained access to the back-office network of Acer through a Microsoft vulnerability. The data leakage included financial spreadsheets, bank balances, communication with the bank, etc.

REvil hacked the database of Acer and got access to customer details, including customer account numbers and posted it as an auction list on their site.

8. Airplane Manufacturer Bombardier

Canadian airplane manufacturer Bombardier confirmed in February 2021 that it had suffered a data breach. The breach compromised the confidential data of suppliers, customers, and around 130 employees in Costa Rica.

An initial investigation by the company revealed that an unauthorized party had accessed and extracted data by exploiting a vulnerability, affecting a third-party file transfer application.

Since then, Bombardier has been proactively contacting their customers and other stakeholders whose data was hacked. Incidentally, this data was leaked on a site operated by the Clop ransomware gang.

9. The US Fuel Pipeline

In May 2021, a Russian group known as Dark Side compromised the network of the Colonial Pipeline. They had locked real-time data and also stolen around 100GB of raw data to demand ransom. The Colonial Pipeline incurred a huge loss as it had to put the remaining systems offline for a few days. The Colonial Pipeline carries around 2.5 million barrels of petrol, diesel, and jet fuel every day from the Gulf Coast to the Eastern Seaboard.

The cyberattack created history, for, in almost 60 years of the company’s existence, this was the first time that their gasoline pipeline was inoperable.

The Colonial Pipeline confirmed that it paid $4.4 million in cryptocurrency to Dark Side to avoid any consequences in the future.

10. Channel Nine

In March 2021, the Australian broadcaster Channel Nine suffered the largest cyberattack ever on a Media company in the country’s history that exposed a nationwide vulnerability. Channel Nine described the attack as sophisticated and calculated. The cyberattack resulted in television and digital systems being offline for more than 24 hours.

The attack is believed to have impaired the broadcaster’s telecast from its Sydney studio and forced the media company to shift its operations to the Melbourne studio. It was reported that the cyberattack was a variant of ransomware.

However, it is yet to be validated if Channel Nine ultimately received any ransom demand.

Summing-up

The cyberattacks mentioned in this article speak aloud about the audacity and desperation of cybercriminals. Quite evidently, cybercriminals seem to be capable of out-maneuvering even the most elite of organizations. Sometimes cyberattacks are state-sponsored, while at other times, these are carried out by individuals or groups. But one thing is for certain, the world needs an army of trained Cyber Security professionals to outpace this unlawful yet suave brigade of cyber criminals.

Well, if the cause thrills and motivates you, enroll in an Online Cyber Security Degrees at EC-Council University (ECCU). Develop the knowledge and skills required to mitigate cyberattacks, and access affordable learning to be future-ready.

The Cyber Security industry is looking for skilled Cyber Security professionals. But the demand for skilled Cyber Security professionals exceeds the supply. The Cyber Security talent crunch will create 3.5 million unfilled jobs by the end of 2021 (Source: Cyber Security Ventures). Let a reputed institution like ECCU help you fill this void. Cash in on this opportunity. The world is waiting for you.

Found this article interesting? Follow EC-Council University on Facebook, Twitter, Instagram and LinkedIn to read more exclusive content.

FAQs:

Q. What was the biggest cyber-attack in 2020?

Ans. There were several notable cyber-attacks in 2020, but one of the biggest was the SolarWinds supply chain attack. The attack, which was discovered in December 2020, involved a sophisticated hacking group compromising SolarWinds’ Orion IT management software, which is used by many organizations and government agencies worldwide. The attackers then used the software to distribute backdoor malware to SolarWinds’ customers, giving them access to sensitive data and systems. The attack was considered significant due to the scale and scope of the impact, with many high-profile organizations and government agencies affected, including the US Treasury and Commerce Departments, the Department of Homeland Security, and Microsoft. It is estimated that the attack could have compromised thousands of organizations worldwide.

Q. What are the top 5 cyber security threats in 2020?

Ans. The top 5 cyber security threats in 2020, based on various reports and analyses, were:

  • 1.Phishing attacks: Phishing attacks continue to be a top threat in 2020, with cybercriminals using social engineering techniques to trick users into providing sensitive information or downloading malware.
  • 2.Ransomware attacks: Ransomware attacks increased in frequency and severity in 2020, with cybercriminals using sophisticated techniques to encrypt and lock users’ data and demanding ransom payments in exchange for the decryption keys.
  • 3.Cloud-based attacks: With the increasing use of cloud-based services and platforms, cybercriminals have shifted their focus to attacking cloud infrastructure and data stored in the cloud.
  • 4.Supply chain attacks: Supply chain attacks, such as the SolarWinds attack, involve targeting third-party vendors and suppliers to gain access to sensitive data and systems.
  • 5.Insider threats: Insider threats, whether intentional or unintentional, continue to be a significant risk to organizations, with employees and contractors having access to sensitive data and systems.
Q. What are the top 4 cyber-attacks?

Ans. Some of the most significant cyber-attacks in recent years include:

  • 1.NotPetya A ransomware attack that began in 2017 and targeted Ukrainian businesses and government agencies but quickly spread to other countries, causing billions of dollars in damages.
  • 2.WannaCry” A ransomware attack that occurred in 2017 and impacted hundreds of thousands of computers worldwide, particularly those running outdated versions of Microsoft Windows.
  • 3.Equifax: A data breach that occurred in 2017 and exposed sensitive personal information, including social security numbers and credit card details, of 143 million individuals.
  • 4.SolarWinds:: A supply chain attack that was discovered in 2020 and targeted the software company SolarWinds, which is used by many organizations and government agencies worldwide and could have compromised thousands of organizations.

Share this post

Recent Posts

INQUIRE NOW

Related Posts

Are you looking to pursue a career in cybersecurity?

Unlock Your Cyber Security Potential at EC-Council University