Top 13 cybersecurity attacks in the first half of 2021
In recent years, enterprises have experienced a significant number of cyberattacks. The first half of 2021 was no different.
So, it's important to have your finger on the pulse and keep track of what goes on in the cybersecurity space. For example, there are sometimes new lessons to learn and new threats to defend against. In fact, it's the best approach to taking a proactive approach to cybersecurity.
The security events discovered over the first half of the year include all types of organizations. From energy to healthcare to government agencies, just about everyone was a target this year.
Here are the top 13 cybersecurity events in the first half of 2021.
In January, E.On customers were left without gas and electricity following a data breach. This cyber attack affected homes fitted with prepayment meters. As a result, the energy giant was forced to suspend its app to secure its environment.
The company deactivated their app as soon as they saw an active security event, but hackers stole E.On customer login details, and more. In this case, hackers attempted to use data stolen from a third party to initiate the cyberattack.
Lesson learned: encrypt customer data and always vet third-party providers to ensure that they take cybersecurity seriously and follow best practices.
2. The U.S. Courts documents system
Threat actors managed to compromise the U.S. federal courts filing system. This incident potentially exposed an extensive range of highly sensitive competitive and financial information. This includes trade secrets, contracts, production plans, sales figures, and patient health information.
The data breach also exposed everything from pharmaceutical companies' formulations and chemical processes to the algorithms used by ERISA providers. All this insider information could benefit foreign competitors and help them manipulate the securities markets.
Lesson learned: encrypt all sensitive data and use an ethical hacking service (regularly) to fortify your infrastructure.
3. University of Oxford
In February, hackers were able to breach the biochemical systems used by the Oxford University lab. These machines purify and prepare chemical samples, including proteins made for research. Such proteins were also used in the lab's COVID-19 research.
This incident placed research data at risk, and there's a real threat of sabotage. For example, hackers may have tinkered with the flow of liquids or the purification process.
This hack was highly sophisticated and only discovered when bad actors showed off access to several of the lab's systems.
Lesson learned: encrypt data, follow best practices, and hire ethical hackers to pen-test and regularly try and breach your systems.
4. The Florida water system
In February, hackers also broke into the computer system of a water treatment facility near Tampa, Florida. In this security event, threat actors attempted to add a dangerous level of sodium hydroxide to the water supply provided to about 15,000 people.
In this case, hackers managed to gain remote access to a software program called TeamViewer on an employee's computer. According to the software provider's website, TeamViewer was installed on almost 2.5 billion devices worldwide.
While this application enables remote technical support for other applications, it can also be used for nefarious activities when compromised. However, it's still unclear how threat actors broke into TeamViewer to breach the system.
Lesson learned: segregate IT and OT networks and make sure all vendors and third-party providers follow best practices. You should also regularly engage in real-time monitoring, penetration testing, and security training.
5. Microsoft Email
An extensive breach of the Microsoft Exchange Server exploited four significant flaws in the software. These flaws enabled hackers' access to the email of more than 30,000 organizations across the United States.
This security event also compromised the email communications of small businesses and municipalities across the planet. As infected devices were seeded with password-protected tools, hackers got complete remote access to those systems.
Unfortunately, it seems like Microsoft escalated this cyberattack. The company tried to prevent precisely this type of attack by issuing patches to address four known security gaps.
This immediately kicked off a massive wave of activity as cybercriminals scrambled to attack as many still-unprotected systems as possible.
Lesson learned: stay on top of security patches and upgrades to prevent a data breach. This security event reaffirms the fact that the bad guys stay on top of every possible opportunity. So, your security team must do the same and react quickly.
6. The Norwegian parliament
Hackers managed to break into the Norwegian parliament's computer systems. They also managed to extract data just six months after the government made the previous breach public.
This latest attack was far more severe than last year's attack on the parliament. This attack was also linked to a "vulnerability" in Microsoft's Exchange software.
Lesson learned: immediately patch and update software as soon as it's available. It’s also critical to learn from previous attacks and update your security posture.
7. Channel Nine TV
Hackers disrupted a live broadcast on Australia's Channel Nine TV network. This resulted in the channel being unable to broadcast several shows because of resulting technical issues.
The company's national newspapers and radio divisions were largely unaffected. However, email and editing systems went down with the attack.
This follows the same pattern of cyberattacks that have plagued the Australian government and institutions in recent years. For the most part, Australia blames state actors for these attacks.
Lesson learned: always engage in real-time monitoring, penetration testing and have a robust response plan in place.
Italian pharmaceutical firm Zambon suffered a cyberattack that was immediately isolated from its information systems (once identified). As a precautionary measure, Zambon suspended all activities at the Vicenza plant that employs 217 people. The production also stopped for five days while they investigated the attack.
The hackers behind the attack claimed to exfiltrate about 10 GB of data and have publicly dumped some of it. They also left the following message:
"Hello, we have been inside your network for about 7 months and have made complete replicas of your servers. We strongly recommend that you contact us. otherwise, this data will go to the public."
Lesson learned: encrypt all data and regularly engage ethical hackers to try and breach the system. Deploy robust monitoring tools to identify any suspicious behavior or unauthorized access to the network.
Swiss-owned German supermarket chain Tegut was targeted in a cyberattack last April. Once discovered, the company immediately activated established emergency procedures, shut down their entire IT network, and disconnected from the internet.
While these actions helped limit exposure to sensitive data, they created gaps in the supply chain for weeks after the incident. Hackers have started publishing the stolen information on the dark web to pressure the company into paying a ransom. However, Tegut refused to negotiate or pay the cybercriminals.
Lesson learned: always take a data-centric approach to security and encrypt sensitive data. It'll also help to enforce security best practices across the company and supply chain.
10. Belgium's parliament and universities
Approximately 200 Belgian organizations experienced severe disruptions brought on by a highly coordinated DDoS attack. This included the country's parliament, universities, and scientific institutions. Hackers launched the attack by targeting the nation's internet service provider, Belnet, in early May.
Unlike most cyberattacks today, this event was intended to frustrate the victim. They didn't steal any data and didn't hold anyone to ransom. This suggests that the attack was politically motivated or launched to distract victims while another attack took place concurrently.
Lesson learned: have a robust response plan in place and continuously vet all partners and third-party vendors to ensure that they also follow best practices.
Spanish startup Glovo lost two million records of customers, employees, and drivers. However, hackers couldn’t compromise credit card details in this attack.
The company was alerted when the hackers passed on videos and screenshots that demonstrated their ability to hack into and manage Glovo accounts. In this scenario, threat actors were able to gain access through an old administration panel interface.
Lesson learned: encrypt all data and never leave old systems up and running after you have updated your infrastructure. It’s also important to regularly engage in security audits to identify potential vulnerabilities.
12. Volkswagen and Audi
Volkswagen and Audi fell victim to a data breach that exposed the contact details of over three million customers and shoppers. This also included sensitive information like drivers' license numbers (in some cases). However, bad actors managed to steal this data from an external partner who works closely with the automobile manufacturer.
Lesson learned: if you give your partners within the supply chain access to your sensitive data, you must ensure that they leverage encryption and robust security protocols.
McDonald's experienced a data breach that exposed customers' and employees' private data in South Korea and Taiwan. Although hackers stole personal data like addresses, phone numbers, and emails, they couldn't access payment information.
Lesson learned: regularly perform security audits and penetration tests to fortify your infrastructure. It also helps to encrypt all sensitive data.
As you can see from the above, there's a virtual world war going on, and we're all potential targets. To stay out of the headlines, follow best practices, encrypt data, and regularly engage ethical hacking services.
To learn more about how you can protect your sensitive digital assets, schedule a commitment-free consultation.