2020 was no exceptional year, filled with uncertainties. We saw a global pandemic COVID19 wreaking havoc on earth. We witnessed the biggest surge in cybersecurity attacks ever seen. We also noticed a record amount of employees change their routines by turning their homes into offices.
And if that wasn’t it, there was also a huge spike reported in companies going remote, thereby leading to a rise in remote jobs. We saw freelance marketplaces like Fiverr, Upwork and Guru disrupting the work as we know it.
We saw Bitcoin getting mainstream popularity and acceptance by the biggest financial institutions in the world
We heard tragic stories of deaths, but also of hope. And here we are wrapping up 2020!
While it is important not to let go of hope, we aren’t really optimistic about cybersecurity in 2021, given the global cybersecurity situation.
While breaches and data thefts are still being calculated for 2020, there were 966 US government agencies, educational institutes and healthcare service providers that suffered a $7.5 billion loss just in 2019!
2020 saw some of the biggest and wildest, ransomware attacks, data thefts and breaches that shook the core of the internet!
Let’s discuss the top 10 cybersecurity attacks and ransomware attacks of 2020:
Solarwinds Data Theft (December 2020)
Where should we start, and where should we end. How about if we say one cyberattack on just ONE organization, led to a domino effect crippling infrastructure of all connected firms and vendors? That’s exactly what happened in December 2020!
On 13th December 2020, Solarwinds data infrastructure got severely compromised where a DLL file was injected with a not-so-typical malware, which gave backdoor access to hackers of the proprietary Orion software that the company develops.
Solarwinds develops software for almost all Fortune 500 companies and US Federal agencies. As such when the attack took place, it also took down with it the infrastructure of US federal agencies. Since most of the US departments are its customer, it should come as no surprise that Solarwinds was the target of one of the biggest attacks in modern times.
18,000 out of 33,000 customers using the Orion software between March 2020 and June 2020 were affected by the data breach. Let that data sink in.
It has been over 2 weeks and cybersecurity experts are still trying to figure out the extent of damage!
Moreover, this attack could reshape the cybersecurity landscape as we know!
The attackers? US Government and the company jointly released a press statement blaming the notorious Russian Cozy Bear responsible behind the attack. Russia has outright denied these allegations.
Habana Labs Data Breach (December 2020)
Habana Labs, the AI-powered processor manufacturing firm that Intel acquired in 2016, suffered a massive cyberattack involving the Pay2Key ransomware. But hackers didn’t stop there. They went on to leak highly sensitive documents and codes into the wild online.
A pattern can be observed here when in 2020, a number of Israeli firms were attacked. It crippled the infrastructure which took nearly 2 weeks of efforts to get back online.
Foxconn cyberattack (November 2020)
Foxconn, a global electronics giant licensed to assemble iPhone, iPad and other Apple products was hit with a cyberattack by the DopplePaymer Ransomware attack.
The demand? Payment of nearly 1804 Bitcoins, roughly the equivalent of $35 Million to receive decryption key.
The effect? Encryption of 1,200 servers, 100 GB data stolen, removal of 30 TB in backup data.
The most shocking isn’t even the bitcoin payment. It’s the backup data worth nearly 30,000 GB that was deleted by the threat actors. We call it a situation where the victim is locked up and completely at the mercy of the hackers.
United Health Services Ransomware Attack (September 2020)
Imagine doctors rushing a patient to the ventilator only to notice it not getting online because the entire network is compromised of a ransomware attack. Just when healthcare services were required the most in the catastrophic event of a global pandemic COVID19, the entire network of nearly 400 hospitals went down.
Critical services were down and ambulances had to be rerouted to other nearby hospitals.
The attack lasted for nearly 10 days during which the IT team did all that they could to bring back the network online. On the 15th day, UHS stated that all 400 US hospitals are now back online.
The City of Lafayette, Colorado Ransomware Attack (July 2020)
On 27th July 2020, the City of Lafayette announced that they had no option but to pay $45,000 to hackers following a ransomware attack to get back up online as soon as possible. After failing to restore from their backups and avoiding costly lengthy outages, the city thought that succumbing to hackers was the most economical option.
University of Utah Data Theft (July 2020)
Who thought universities could become targets of a ransomware attack? Turns out that the data of thousands of student sis highly lucrative for hackers! And that’s when on 29th July 2020, the University of Utah was hit with a ransomware attack.
It was off course a data breach incident that affected “0.02% of the data on servers.” Yet, the management decided to pay nearly $457,000 to hackers as a promise of not to release the data in wild.
Columbia College Chicago Ransomware Attack (June 2020)
Just when you thought one university was enough, we go back one month to see Columbia College of Chicago getting hit with a massive data breach and cyberattack.
Behold! The most notorious NetWalker gang behind the ransomware attack threatened the university to release all data on the dark web if no ransom payment was made within 6 days of breach.
It is unclear whether the College chose to pay the ransom or not.
Here’s a screenshot of the email that was sent from Columbia College Chicago’s management to the affected members:
Image courtesy of The SSL Store
Blackbaud Data Breach (June 2020)
What’s really horrifying about a ransomware attack or a data breach is not just the implications or extent of damage to the affected organization, but also the ones connected with it. The primary reason of attacking a cloud computing provider like Blackbaud or any other service provider is the ability to breach and take down associated companies with it. When Blackbaud suffered a major ransomware attack in June 2020, clients like University of California, San Francisco and Michigan State University were also affected.
The University of California in fact opted to pay a ransom amount of $1.4 million after negotiations with the hackers.
The notorious NetWalker gang managed to get hold of the university’s school of medicine which was making a pivotal role in COVID19 vaccination development at that time. The University had to resort to paying the ransom or else critical data related to COVID19 amounting to months of research would have been wiped off.
Cognizant Ransomware Attack (April 2020)
IT Services giant Cognizant, suffered with a ransomware attack in April 2020. While the attack affected their internal systems, it was enough to cause major disruption in services to its clients, most of which are Fortune 500 companies.
Screenshot of Cognizant’s update on the Maze Ransomware Attack
All of these 9 cyberattacks happened in 2020, and if those weren’t enough here’s how 2020 got started:
Travelex Ransomware Attack on New Year 2019 Eve
The Start of 2020 came off with a bang! Travelex, a UK-based currency exchange company suffered with a massive data breach that forced it to shut down operations across the globe.
The company was forced to hand over $2.3 million in ransom payments.
The attack was also the prime reason why the company was also forced to cu t over 1,300 jobs across the world.
Final Thoughts on the List of 10 Biggest Ransomware Attacks in 2020
We’ve just concluded our list of the 10 biggest ransomware attacks and data breaches. But this is what we believe is a list of the biggest attacks. There are many more incidents that we could have added but the blog post would never finish.
If there is one thing we learned in 2020 it’s that no company big or small can remain safe from a ransomware attack. Well, what’s really left when companies like leading educational institutes and corporations aren’t safe? And that brings us to the MOST BURNING question:
Is an average internet user safe?
What’s really shocking is that even some of the leading IT companies have failed to prevent ransomware attacks just because their antivirus subscription had expired or they didn’t make updates to their operating systems.
Stay Safe. 2021 is already here. Let’s hope for the best!
