If 2020 was year of plague lockdown cracking, 2021 was an open season for invaders around the world. Ransomware gangs were extremely violent, direct hospitals, schools, and construction requirements at an alarming rate. And hackers continued to launch supply chain attack it is a great disappointment. I am plague still in the past, system administrators, incident responders, police around the world, and international security forces have worked to resolve the problem. And governments insisted on taking action against online threats.
However, in the meantime, the seemingly endless game of cats and mice continues. As John Scott-Railton, senior researcher at the University of Toronto’s Citizen Lab, put it, “2021 is a year in which we realize that the problems we chose not to solve years or years ago will come to haunt us. ”
Here are some of WIRED’s views on the worst of the year, leaks, data leaks, ransomware attacks, government-sponsored fraud, and digital fraud. With no sign of recovery in 2022, look back and be safe outside.
In early May, the rescue hit the Colonial Pipeline, which uses a 5,500-mile pipeline that carries about half of East Coast’s oil – oil, diesel, and natural gas – from Texas to New Jersey. As a result of the conspiracy, the company shut down other parts of the pipeline to make it a malware and because the threat disrupted payment systems without the internet. Monga lines grew in oil depots via the southeastern US, the Department of Transportation released emergency system allowing the spread of oil spills on cars. The FBI also mentioned a well-known name linked to Russia ransomware terrorist group DarkSide as the instigator of the conspiracy.
Colonial pipes paid 75 bitcoin ransom-more than $ 4 million at the time – in an attempt to solve the problem. Law enforcers are gone refund some money, and DarkSide went underground to avoid being searched. In November, State Department announced $ 10 million in funding to learn more about team leaders. The uprising was one of the biggest disruptions to the U.S. and the robbers, and it was part of a series of catastrophic events in 2021 that seemed to have become like yesterday’s to the US government and allies in need of adequate coverage. address and ban ransomware attacks.
The SolarWinds hacking spree was unforgettable for software developers 2020 and 2021, but Kaseya’s IT management software program was another well-known addition to this year’s show. In early July, terrorists affiliated with the Russian-based terrorist group REvil exploited Kaseya’s Virtual System Administrator tool. VSA is well-known among service providers, companies that run IT infrastructure for organizations that do not want to do it themselves. Because of this environmental dependence, the attackers managed to exploit the VSA virus to destroy 1,500 organizations worldwide with ransomware. REvil provided a ransom of approximately $ 45,000 to the general population affected by the river and up to $ 5 million to service providers. The terrorists also offered to release a global weapon of mass destruction of about $ 70 million. But then the ransomware terrorist group disappeared, leaving everyone in the dark. Late July, Kaseya found universal decryptor and start distributing to those who want. In early November, the United States Department of Justice announced that it had arrested one of the suspects about the plot of Kaseya, a Ukrainian national arrested in October and is now awaiting repatriation from Poland.
The Twitter-based advertising campaign, owned by Amazon, confirmed it was hacked in October after an anonymous agency released 128 GB of data stolen from the company. This violation includes the full number of Twitch. The company he said at a time when the incident was due to a “server configuration change that allowed inappropriate access by another unauthorized person.” Twitch denied that the password was disclosed during the breach, but acknowledged that much of the player’s money had been stolen. In addition to the exclusive source and paid subscriptions from 2019, the store also had a lot of Twitch Amazon Web Services and its SDK servers.
Prior to SolarWinds Russian digital spy software, a Chinese anti-government group known as Hafnium shed tears. By using the risk group in Microsoft’s Exchange Server software, they have disrupted the inboxes sent by their organizations to a greater extent. The strike affected thousands of organizations in the United States since January and has intensified in early March. The hacks have hit many people, including small businesses and local governments. And the campaign also affected many organizations outside the US, such as the Norwegian Parliament and the European Banking Authority. Microsoft was released emergency patches on March 2 to deal with the threats, but the riots had already begun and many organizations took over. days or weeks to establish a correction, if they did it at all.
The Israeli spy software developer NSO Group is becoming the face of management companies, as its destructive weapons are used by more and more customers around the world. WhatsApp communication platform launched NSO in 2019 by Apple he followed the same this year in November, after several revelations that the NSO made weapons transmit iOS targets and flagship Pegasus spy software using errors in Apple iMessage communication platform. In July, an international team of researchers and journalists from Amnesty International, Forbidden Stories, and more than a dozen other organizations published. legal proof that several governments around the world — including Hungary, India, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates — could become NSO customers. The researchers investigated a published list of 50,000 telephone numbers related to freedom fighters, journalists, administrators, and politicians who were all able to see them. The NSO has denied the allegations. In December, Google researchers confirmed this The complexity of the NSO criminal program was similar to that of high-profile criminals.
JBS SA, the world’s largest meat processing company, faced a major threat at the end of May. Its JBS USA agent said in a statement in early June that it was “a target of cybersecurity attacks, affecting servers that support its IT systems in North America and Australia.” JBS is located in Brazil and has about a quarter of a million employees worldwide. While its backup plans were stable, JBS USA was forced to adopt systems that were affected by the internet and worked hard with law enforcement and the company accounting for what happened outside to control the ship. JBS offices in Australia, the US, and Canada faced a series of disruptions, and the invasion caused a great deal of problems for the animal industry that led to the loss of crops, workers sent home, and livestock that had to be returned to farmers. This came just weeks after the invasion of the Colonial Pipeline, confirming the weakness of essential infrastructure and the necessary global chains.
The Firewall Accident seller released a patch at the end of December, and then some extras in January, dealing with a risk group in one of its online offerings. The units have not been developed or fully developed in most organizations around the world. Many were broken by the data and faced attempts to steal due to those weaknesses. The perpetrators behind the riot seemed to have it connection to the financial case FIN11 and the Clop redemption group. Victims of the Reserve Bank of New Zealand, Washington state, Australian Securities and Investments Commission, cybersecurity Qualys, Singaporean telecom Singtel, well-known law firm Jones Day, retailer Kroger, and the University of Colorado. .
Everything that was old was new in 2021, as a number of companies already known for data breach had previously met with new ones this year. The T-Mobile wireless carrier admitted in August that Information from more than 48 million people was compromised by breaking that month. Of those, more than 40 million victims were not T-Mobile subscribers, but former or prospective customers who applied for a loan from the company. The others were paid “postpaid” clients who were paid at the end of each round rather than the start. Victims were robbed of their names, birthdays, social security numbers, and driving licenses. In addition, 850,000 customers with paid plans had their names, phone numbers, and PINs confiscated. This was absurd, because T-Mobile had it two violations in 2020, one of 2019, and another in 2018.
Another culprit was the Neiman Marcus store, which contained information from about 4.6 million customers who were abducted during the May 2020 crash. security questions / answers from the Neiman Marcus online account, credit card numbers and expiration dates, and gift card numbers. Neiman Marcus faced data breach in 2014 while the attackers stole 1.1 million customer data in three months.
Some of the Best WIRED Stories