The number of these targeted ransomware attacks rose from around 80 in January 2020 to more than 200 in September 2021. Figure 1. Number of targeted ransomware attacks January 2020 to September 2021
Software supply chain attacks, due to their potential to disrupt large sections of society and business, remain a concern for governments and businesses around the world. Two significant supply chain attacks in the headlines from last year included the SolarWinds hack and the Kaseya attack.
This was highlighted in May 2021, when the Colonial Pipeline, the largest petroleum pipeline in the U.S., suffered a ransomware attack that impacted equipment managing the pipeline. The attack was carried out by the Russia-based DarkSide ransomware gang.
Ransomware was arguably the most significant threat facing organizations in 2021, with some ransomware operators departing the scene, new ones entering the fold, and business models and tactics being refined to make targeted ransomware more lucrative than ever.
Botnets spearhead for-profit hacker activities. The latest data from Symantec confirms that the web is now an integral tool for criminals looking to make money (not merely mischief). Malware-infected systems are used as network of bots for a wide variety of inappropriate activities.
While early hackers wanted to make a big splash by attacking as many computers as possible in a show of genius and savvy for taking down network, now criminals don't want to be detect ed. Takeovers are done in a slow, methodical fashion.
From the evolving ransomware ecosystem to attacks against critical infrastructure, Symantec looks back over the cyber-security trends that shaped 2021.
Ransomware, or more precisely, targeted ransomware, was the most dominant threat making headlines throughout 2021. Ransomware gangs moved towards targeting entities with a broad network of downstream users.
Software supply chain attacks, due to their potential to disrupt large sections of society and business, remain a concern for governments and businesses around the world. Two significant supply chain attacks in the headlines from last year included the SolarWinds hack and the Kaseya attack.
Last year saw an increase in attackers exploiting vulnerabilities in public-facing applications in order to gain access to organizations’ networks. While in some cases attackers are focusing on zero-day bugs, more frequently they are looking towards recently patched vulnerabilities and the hunt for unpatched systems.
Cyber-attacks against critical national infrastructure (CNI) can be some of the most impactful as they can potentially affect everyone in society. This was highlighted in May 2021, when the Colonial Pipeline, the largest petroleum pipeline in the U.S., suffered a ransomware attack that impacted equipment managing the pipeline.