Wow. T-Mobile just gave up 47 Million customer user records including names, addresses and even social security numbers. The fallout from this most recent hack is just starting to be seen across the globe as the information surfaces on the Dark Web. A ransom for this data is sure to follow.
Exactly what is ransomware?
Ransomware is an ever-changing and evolving form of malware created to encrypt files on any device, rendering all of the files and systems they rely on unusable. Cyber attackers and criminals demand a ransom payment to allow these organizations access to their own systems. These cyber criminals then threaten to sell or leak this private information if the ransom is not paid.
This year (2021) has seen an unprecedented increase in the frequency of cyber-attacks and high ransom payouts. In 2020, the money organizations payout to cyber hackers increased over 300%, and that number seems to be increasing in 2021 as well.
Why the increase in attacks?
This increase in the frequency of cyber-attacks has been attributed to an increase in remote work and lax security protections at home and within businesses, giving hackers easier access to an organization's data.
A false sense of security for smaller companies
As news outlets report on the large cyber attacks happening to the world's largest companies, small to medium-sized organizations (SMBs) mistakenly believe that they are not a target because they are too small. According to the U.S. Governments Cybersecurity and Infrastructure Assurance Agency (CIST), this is a huge problem.
CIST explained that smaller companies are targeted and used to infiltrate large global companies. So SMBs need to be as diligent as global companies regarding cybersecurity.
The Top 10 Ransomware Attacks in 2021
- Colonial Pipeline ($4.4 million)
Taking this system down disrupted gas supplies along the entire East Coast of the United States, causing panic and gasoline shortages. A group called the DarkSide gang was behind the attack, and the firms billing and the internal business network was targeted.
To avoid further disruption, Colonial Pipeline paid the group 4.4 million dollars in bitcoin. Government officials said that Colonials cybersecurity measures were not up to par, and if they were, it could have prevented the attack
- Brenntag ($4.4 million)
In May of this year, the same group (The DarkSide group) hit Brenntag, a chemical company. They stole 150 GB of data and demanded $7.5 million in bitcoin, and Brenntag eventually gave in and paid $4.4 million
- JBS Foods ($11 million)
A very high-profile attack happened in May to JBS Foods, one of the biggest meat processing companies in the world. A Russian-based hacking group named REvil is suspected to be behind the attack. This $11 million bitcoin payout was the largest ransomware paid of all time.
- ACER ($50 million)
In May of this year, Acer, a computer manufacturer, was attacked by REvil, the same Russian hacker group that hit JBS foods. The $50 million payment is the largest payment to date. The hackers found a vulnerability in their Microsoft Exchange server to access all of their files and sensitive financial documents and spreadsheets.
- Quanta ($50 million)
The same REvil hacker group from Russia has demanded $50 million from Quanta, a big supplier to Apple. Once hacked, they leaked Apple blueprints they stole from Quanta and threatened to release more sensitive info. At this time, the payment has not been made, and Apple has not mentioned the attack.
Two critical issues that need to be addressed
- Organizations need to take their cybersecurity more seriously
- There need to be more experienced cybersecurity experts to address and fight these cyber attackers.
The Face of the cybercriminal has changed
Cybercriminals are organized, intelligent, and well-funded! The world of cybersecurity has changed. No longer is the threat a clever teenager wearing a hoodie and hiding in his basement. Today's cybercriminals are organized and the cybercriminal organizations around the world are now working together for one main reason, to get your money!
If you would like to learn more about cybersecurity and who cybercriminals are, and why they do what they do … check out this link: Understanding cybersecurity