2021: The Year of Ransomware Attacks
Reports of Ransomware attacks are happening more and more frequently. Ransomeware has become one of the most prevalent attack methods for criminals, from state-sponsored attacks to home-grown cybercriminals. So what has caused this glut in attacks, and what exactly is Ransomware? This article will guide you through everything you need to know about one of the internet’s biggest threats.
What Is Ransomware
Ransomware is a type of virus software often used by cybercriminals. Many criminals use Ransomware to extort money from their victims, either by locking up their computer or threatening to release personal data.
Hackers typically install Ransomware by disguising it as a legitimate download. A victim will download the file and install it on their computer, thinking it is a normal piece of software. Once installed, the software locks up the computer and sends a ransom demand to the victim, usually requesting hard-to-trace cryptocurrencies.
Examples of Ransomware Attacks
Since 2018 Ransomeware attacks have grown exponentially, growing over 300% in that year alone. Below are some examples of the Ransomware attacks that have plagued the world in recent years, as well as the damage they caused.
The Colonial Pipeline Attack
On May 7, 2021, a group called DarkSide hacked into the computer system behind Colonial Pipeline, the largest pipeline system for gasoline in the US. The hackers then installed Ransomware onto the system, preventing the system from operating properly, and demanded over $4 million in ransom. The pipeline paid the ransom with assistance from the US Government, but their system continued to run slowly despite this.
The FBI eventually managed to recover some of the ransom money, which has been paid in Bitcoin. However, this ransomware attack had devastating consequences on American society for weeks after it happened. Nationwide, gasoline shortages were widespread, causing panic buying. The president of the United States, Joe Biden, also declared a state of emergency response to the attack. In certain areas, up to 71% of all gas stations completely ran out of fuel. Even airports had to delay certain flights or extend flight time to refuel.
The scariest part of the attack turned out to be its cause. Security researchers discovered an employee password in a data breach that was up for sale on the dark web. Hackers used this password to access the system through a VPN service that didn’t use 2-factor authentication. Despite being an essential part of a major countries infrastructure, the colonial pipeline was missing basic cybersecurity features.
Although DarkSide claims to have shut down due to pressure from the US, the hackers are still out there. In many cases, hackers will disband a group to reform under a different name and continue their activities.
The Brenntag Attack
At the same time as the Colonial Pipeline Attack, DarkSide also targeted another company known as Brenntag. Brenntag is a chemical distribution company based out of Germany.
DarkSide attacked Brenntag by once again purchasing credentials from the dark web. The hackers then encrypted important files, stealing 150GB of data, and sent a ransom request worth more than $6 million to the company. Brenntag eventually managed to negotiate the ransom fee down to $4.4 million, none of which has been recovered to date.
The financial damage of this ransomware attack is one of the largest amounts of money lost to such an attack in history. Once again, a total lack of 2FA on Brenntag’s system was part of the cause behind this attack.
The Washington D.C. Police Department Attack
In April, hacker group Bubak targeted the police department of US capitol Washington D.C. The hackers stole 250GB of sensitive data, including information on police informants and data surrounding gang activity in the city.
The group then posted a screenshot of the stolen information to a dark web leak site, attaching an ominous message to the post. Not only did Bubak claim the department had only 3 days to pay the ransom, but they threatened “larger attacks await you soon…”
In May of 2021, Bubak returned, claiming that the police department had offered only $100,000 of the demanded $4 million ransom. In response, Bubak began to release information on informants, police personal, and a huge gang database.
While there has been no financial damage in this attack due to the department not paying the ransom, the societal damage caused could be enormous. Police informants are now at risk, thanks to their information being posted online. Even police personnel could become victims, thanks to leaking their personal data, including social security numbers.
The Important Lesson of Ransomware Attacks
Hackers have used ransomware to do a lot of damage to both companies and countries over the past year. It’s only June, but already over 120 ransomware attacks have taken place in this year alone. If the trend continues, there will have been nearly 300 ransomware attacks. With the average cost of such attacks hitting nearly $2 million this year, that would mean a cost of over $600 million.
One of the biggest reasons for many of these attacks is a lack of fundamental security features. The simplest way to protect yourself and your information is to understand cybersecurity and follow good cybersecurity practices. We have a guide that will teach you how to avoid becoming a target for hackers.
We offer monthly protection plans that’ll help you to stay safe online. These protection plans include free live recovery sessions whenever you need them.
Featured image by Foxeel from Shutterstock.com