TOP CYBERSECURITY BREACHES HAPPENED IN 2021
The combination of the sudden outbreak of the coronavirus pandemic and the digital transformation has led to tremendous growth in cyberattacks worldwide. No sector is safe from cybersecurity breaches due to the vast supply of real-time data and potential human errors. The malicious hackers observe the weak links and grasp every opportunity to demand ransomware for confidential data leakages such as credentials, sensitive data, financial records, medical reports and many more. Let’s dig into some top cybersecurity breaches that happened in 2021 to date.
Top Cybersecurity Breaches Happened in 2021
Florida Water System
A cybersecurity breach happened in the Florida water system on February 5, 2021, where a malicious hacker tried to poison the water supply by using a remote access software platform known as Teamviewer. The hacker entered into Oldsmar’s water treatment system twice at 8 am as well as at 1.30 pm. The malicious hacker increased the level of sodium hydroxide and Lye to over 100 times its normal level. Sodium hydroxide is used to control water acidity and remove metals from drinking water whereas Lye poisoning causes vomiting, bleeding, burns and pains. The level got back to the normal range as soon as there was an alert of a cyberattack from an employee to avoid a significant consequence to the Florida citizens. According to the officials, the Florida water system uses a Google Chrome product for remote access in this pandemic while the Oldsmar system uses the Windows 7 operating system.
Microsoft faced one of the cybersecurity breaches from January 3 to March 2, 2021, where the malicious hackers attacked the on-premises versions of the Microsoft Exchange server by exploiting four zero-day vulnerabilities. This popular cyberattack affected nine government agencies as well as more than 60,000 private companies simultaneously. The vulnerabilities are known as CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065. Microsoft Threat Intelligence Centre mentioned that the suspected hackers were an unidentified Chinese hacking group known as Hafnium that is state-sponsored and operating out of China to target multiple industries of the US through VPSs (Virtual Private Servers). This led the CISA to issue Emergency Directive 21-02 for all federal agencies to disconnect from the Microsoft Exchange Server as soon as possible. A few days later Microsoft announced a notice to all its consumers to check whether they are compromised with data leakages or not.
Acer is a popular Taiwanese computer giant that experienced a ransomware attack of US$50 million that set the highest record of ransomware to date around March 21, 2021. The malicious hacker group is known as REvil that gained access to the back-office network of Acer through a Microsoft vulnerability. Acer did not have any knowledge regarding the ransomware attack. The data leakages included financial spreadsheets, bank balances as well as bank communications. REvil and Acer started negotiating with the US$50 million that led to a 20% reduction offer to encourage the company to pay. The delay in payment from Acer would steep the price from US$50 million to US$100 million. The malicious group used stolen corporate data such as customer database with account numbers and credit limits by compromising the company’s network. A post, including an auction list of several Acer data, was uploaded to the REvil’s group’s site.
The US Fuel Pipeline
The US fuel pipeline was also not safe from notorious cyberattacks by a ransomware Russian gang known as DarkSide on May 7, 2021. The malicious hackers had compromised the network of the Colonial Pipeline, locked the real-time data as well as stole around 100GB of raw data to demand a ransom. The Colonial Pipeline put the remaining systems offline for a few days to stop the operational systems as soon as possible. It incurred a huge loss for the US oil and gas pipeline market because the Colonial Pipeline carries around 2.5 million barrels of diesel, petrol and jet fuel each day from the Gulf Coast to the Eastern Seaboard. As soon as the current President, Joe Biden and the rest of the government agencies got involved in this case, DarkSide notified that they did not want to participate in geopolitics and did not need to tie them with a defined government to look for their motives. The CEO of the Colonial Pipeline confirmed that it paid US$4.4 million in cryptocurrency to DarkSide to avoid significant consequences in the future. This cyberattack created history by shutting down the gasoline pipeline system once in its 57-year history.
LinkedIn has become one of the attractive sites for notorious hackers to achieve successful cyberattacks. On April 9, 2021, LinkedIn faced a massive data leakage of around 500 million active users. LinkedIn did not accept the cybersecurity breach but claimed it as data being scraped from the platform. The sensitive data included an email address, phone numbers, name, gender, other social media accounts as well as the whole resume. All these databases of people and companies were posted for auction by the group of hackers on their popular website for a four-figure sum. Several hackers are creating high-level profiles on LinkedIn to connect with other potential victims efficiently.