Recent Ransomware Attacks in 2021 and What to Expect in 2022

Recent ransomware attacks 2021 were directed at different high-profile companies and
organizations. These attacks made headlines in 2021, and there are no signs that the attackers are
slowing down. More companies will likely be attacked this year.

What Is Ransomware?

Ransomware is malware used by hackers to encrypt files on any device and render the files that
depend on them useless. Hackers around the globe use ransomware to steal data that belong to
companies, healthcare organizations, or even governments, using the data to demand ransom and
getting millions of dollars in return.

*Why Is Ransomware Successful?
*
Ransomware is very successful because theyre able to leverage the weak spots of security in
these companies and have access to sensitive data or files that are locked. Knowing the
implications, many companies end up paying the huge amounts of money demanded, and thats
only when they can get back their files and access them.

Before the popularity of cyber attack today, ransomware network attacks and exploitation have
been in existence for a few years. Its gaining popularity by the day, and more high-profile
companies are being targeted, with more attacks taking place.

Recent Ransomware Attacks 2021

Some notable ransomware attacks in 2021 include attacks against the Washington DC
Metropolitan Police Department, the worlds largest meatpacker JBS, Acer, Colonial Pipeline,
and a host of others.

These attacks were so severe that they led to the shutdown of vital infrastructure, leading to the
high cost of goods and services, shortages, financial loss, and worse!

One of the contributing factors to ransomware was the COVID pandemic. Companies paid more
than 300% in ransom. Many firms around the world felt the effect of these hackers, which are
only six groups of malicious actors. They breached the cybersecurity defenses of 292
organizations and theyve taken over $45 million in ransom from their victims.

The biggest ransomware attacks of 2021 that made headlines include the following:

*Colonial Pipeline
*
Colonial Pipeline was attacked in April 2021, and many news outlets reported it. It affected
Americans directly because it led to gasoline shortages. The DarkSide gang was responsible for
the attack. They targeted the companys internal business network and billing system, which led
to nationwide shortages.

To prevent further attacks, the company paid the hackers $4.4 million dollars worth of bitcoin as
ransom. The company had to give in and pay the ransom because consumers started engaging in
panic buying without considering the danger. Some people were also hoarding gasoline in
flammable bins and bags and a car even got burnt in the process.

As soon as the ransom was paid, the government admitted that the cybersecurity of Colonial
Pipeline was porous. So, such a breach could have been prevented if stronger protective
measures were in place.

However, the US federal law enforcement helped to trace most of the ransom paid by
investigating the movement of the $4.4 million worth of bitcoin across digital wallets. But then,
the identity of the actual hackers remains unknown.

*Kaseya
*
The Kaseya attack was also one of the biggest ransomware attacks of 2021. They were attacked
by REvil, a well-known hacker group that also attacked JBS foods, Acer, and Quanta. The attack
made headlines in July 2021.

Kaseya is a brand that helps in the management of IT infrastructure for notable companies
around the world. So, the hack could affect significant areas of the economy massively. REvil
carried out the attack on this company by using Kaseyas Virtual System Administrator to
encrypt one million systems. This affected both Kaseyas direct clients and customers with over
1,000 businesses and 50 clients impacted.

After the hack, the group demanded $70 million worth of bitcoin but the FBI was able to gain
access to REvils servers and get the encryption key. As a result, no ransom was paid, and
Kaseya was able to retrieve their client's IT infrastructure.

*JBS Foods
*
In May, JBS Foods was attacked and the REvil gang was suspected to be responsible. They are
the same hackers that attacked Kaseya. As one of the largest meat processing companies in the
world, its no surprise that the hackers demanded a total of $11 million in Bitcoin.

After the attack, consumers thought that it would lead to food shortages but the situation was
saved on time. After discussing with cybersecurity experts, JBS decided to pay the ransom in
early June, making it one of the largest amounts of ransom paid in 2021.

*Acer *

Also in May, Acer was attacked by the REvil hacker group and they demanded $50 million in
ransom, the largest ransom known to date. REvil hackers took advantage of a Microsoft
Exchange server's vulnerability to access Acers files and share images of sensitive documents.

*SolarWinds *

SolarWinds is a software company that helps with network and infrastructure monitoring by
providing system management tools. It also provides other forms of technical services to
thousands of organizations around the world.

The SolarWinds attack was a major event that affected many organizations, including the US
government. The attack was suspected to be carried out by a Russian group, and the hackers
attacked with a whole bag of new tricks.

*Quanta Computer
*
In April, REvil also attacked Quanta computer, a supplier of Apple products. They leaked the
schematics showing the design of the 16-inch and 14-inch MacBook Pro models before their
launch. They threatened to leak other documents if Apple failed to pay a ransom of $50 million.
However, all the leaked documents disappeared days later and all threats were removed by
REvil.

Apple users were scared after the attack, and if the threat was successful, many users would stop
using their app, and Apple risks losing billions of dollars annually.

**

Progress in the Fight Against Cyber Shutdown

**
Despite the number of attacks that led to a cyber shutdown in 2021, some measures have been
taken to address it. So far, there have been positive developments. For instance, the collaboration
between different countries led to the arrest of five suspected members of the REvil group by a
European law enforcement agency. Even though the group still exists, authorities are working on
stopping their operations and those of other hackers.

**Ransomware Predictions in 2022

**
Ransomware attacks remain a major cyber threat to different companies of all sizes, and their
methods keep changing. Their ransom also keeps growing. But knowing that they aren't the only
threat to cybersecurity, knowing what is coming and how best to prepare your organization for it
is highly essential. Your email security may also be at risk.

One of the biggest risks involved in using email is not having the right email protection. Modern
email usage should include the use of machine learning and AI to detect hard-to-spot or
sophisticated phishing attacks.

Effective ransomware protection should include:

Email protection
API security
Advanced bot detection
Cloud Application Protection
Secure Access Service Edge
Advanced, cloud-based data protection
Cloud to cloud backup and lots more.

Ransomware protection can provide all these and more to keep your companys cybersecurity as
safe as possible.