Cyberattacks have skyrocketed for years now and this trend is not slowing down so far. To rub salt into the wound, the COVID-19 pandemic in 2020 just kicked the issue off. Those who were expecting relief from the increasing threats of cybercrimes in 2021 are to be frustrated as the number of attacks is on increase day after day.
We have just stepped over the first quarter of 2021 and already several huge cyberattacks have topped the global media. Here is the top 10 major cyberattacks that took place in Q1 2021:
#1 Channel Nine
A cyber-attack has disrupted live broadcasts on Australia’s Channel Nine TV network, prompting concerns about the country’s vulnerability to hackers. The broadcaster said it was unable to air several shows on Sunday, including Weekend Today.
Nine said it was investigating whether the hack was «criminal sabotage or the work of a foreign nation».
The technology that brings you 9 News every night is under attack by hackers.
Whether it’s criminal sabotage or the work of a foreign nation is still being investigated, but this attack could reveal a nationwide vulnerability. @MarkWBurrows #9News pic.twitter.com/YL8l1DLNVV
— 9News Australia (@9NewsAUS) March 28, 2021
#2 Harris Federation
The Harris Federation, which runs 50 primary and secondary academies in and around London, said it had temporarily disabled email while it deals with the cyber-attack.
Data on the systems has been encrypted and hidden by the attackers. A ransomware attack has left 37,000 pupils unable to access their email.
Last week @NCSC issued an alert about a spike in ransomware attacks on schools. We have suffered an attack since then. Although measures were in place to protect our systems, our servers have been impacted.
See https://t.co/0JeUHHfRDp for further info and a statement below. pic.twitter.com/4U02Y6zmbG
— Harris Federation (@HarrisFed) March 29, 2021
#3 CNA Financial
One of the largest insurance firms in the U.S. CNA Financial was hit by a “sophisticated cybersecurity attack” on March 21, 2021. The cyberattack disrupted the company’s employee and customer services for three days as the company shut down “out of an abundance of caution” to prevent further compromise.
#4 Florida Water System
A hacker gained unauthorized entry to the system controlling the water treatment plant of a Florida city of 15,000 and tried to taint the water supply with a caustic chemical, exposing a danger cybersecurity experts say has grown as systems become both more computerized and accessible via the internet.
The hacker who breached the system at the city of Oldsmar’s water treatment plant using a remote access program shared by plant workers briefly increased the amount of sodium hydroxide by a factor of one hundred (from 100 parts per million to 11,100 parts per million.)
I will be asking the @FBI to provide all assistance necessary in investigating an attempt to poison the water supply of a #Florida city.
This should be treated as a matter of national security.
https://t.co/XhGNLplNpr via @vice
— Marco Rubio (@marcorubio) February 8, 2021
#5 Microsoft Exchange Mass Cyber Attack
Several zero-day vulnerabilities were detected in Microsoft’s popular Exchange mail server service for enterprises. After gaining knowledge on vulnerabilities, highly-skilled bad actors understood be China-based Hafnium group actively exploited four zero-day vulnerabilities in Exchange Server affecting millions of Microsoft clients around the world.
Using security loopholes, cybercriminals created a backdoor entry to Microsoft’s corporate clients’ network to inject malware, ransomware, steal patented technical documents, trade secrets, and other sensitive information.
Most of the victims are small and mid-size corporate companies around the world. It is believed that more than 60,000 private companies and nine government agencies in the US alone fell victim to the attack, though the Redmond-based company attributes this to another SolarWinds Corp-related cyberattack episode carried by a Russian group a few months ago.
CISA is aware of widespread domestic and international exploitation of Microsoft Exchange Server vulnerabilities and urges scanning Exchange Server logs with Microsoft’s IOC detection tool to help determine compromise. https://t.co/khgCR2LAs0. #Cyber #Cybersecurity #InfoSec
— US-CERT (@USCERT_gov) March 6, 2021
#6 Airplane Manufacturer Bombardier
A popular Canadian plane manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of the confidential data of suppliers, customers, and around 130 employees located in Costa Rica. The investigation revealed that an unauthorized party had gained access to the data by exploiting a vulnerability in a third-party file-transfer application. Also, the stolen data was leaked on the site operated by the Clop ransomware gang.
#7 Computer Maker Acer
Computer giant Acer was hit by a REvil ransomware attack where the threat actors were demanding the largest known ransom to date, $50,000,000. The ransomware gang announced on their data leak site that they had breached Acer and shared some images of allegedly stolen files as proof. These leaked images are for documents that include financial spreadsheets, bank balances, and bank communications.
#8 University of the Highlands and Islands
A cyber attack disrupted the University of the Highlands and Islands (UHI.) As a result, the university closed all its 13 colleges and research institutions to students for a day. Security experts noted that the attackers used Cobalt Strike, a penetration testing toolkit commonly used by security researchers for legitimate purposes. This incident is just another case in a series of cyber attacks targeting the education sector.
1/4 CYBER INCIDENT | We are dealing with an ongoing cyber security incident which has affected our key systems and services at all #ThinkUHI campuses. https://t.co/AueI9GtiGS pic.twitter.com/28tvkm8YmN
— University of the Highlands and Islands (@ThinkUHI) March 7, 2021
#9 Sierra Wireless
Ransomware attack impacted the IoT giant Sierra Wireless, namely the manufacturer’s production lines across multiple sites, and other internal operations.
Due to the disruptions caused by the cyberattack, the company is also withdrawing its first-quarter 2021 guidance, which had been provided on Feb. 23 — highlighting the potential financial damages that the attack may have on the company.
However, the company said, at this time it does not believe its customer-facing products and services have been impacted by the attack. It’s not clear whether customer data has been affected.
At this time, Sierra Wireless did not specify how the cyber attack initially occurred, what type of ransom was demanded, and whether it was considering paying. It’s also not clear how many production centers have been impacted by the cyberattack. Sierra Wireless operates a global network operation center (NOC), and research-and-development centers in Asia, Europe and North America.
Sierra Wireless today announced that it was the subject of a ransomware attack on its internal IT systems, which we are currently working to bring back online. Read the full press release for more info: https://t.co/gDTo3hwUbM
— Sierra Wireless (@SierraWireless) March 23, 2021
#10 Accellion Supply Chain Attack
Acellion patched multiple vulnerabilities between December 2020 and January 2021. Security software provider Accellion suffered a breach in their FTA tool which caused many of their clients to have their data exposed to hackers. A number of high-profile customers were affected such as the Jones Day law firm, Kroger stores, and Shell Oil company along with other government and educational institutions. Given the software’s use for storing sensitive data for clients, these breaches are sure to cause lots of pain for the victim companies, with more victims likely to emerge as the investigation continues.