Colonial Pipeline’s Ransomware Attack To Pfizer’s Leaked Covid Vaccine Data – Top 10 Cybercrime Stories Of 2021

Some of the year’s most significant cyber attacks had compelling real-world consequences, propelling cybercrime into the mainstream and to the top of national security agendas, particularly in the United States and the United Kingdom.

Meanwhile, the impact of the Covid-19 pandemic loomed large, with cyber criminals showing no remorse as they attempted to disrupt healthcare organisations.

Here are the top ten cybercrime stories of 2021:

1. The ransomware attack on the Colonial Pipeline has serious consequences

Though it did not disrupt fuel supply at UK petrol stations, the DarkSide ransomware attack in May 2021 against Colonial Pipeline – the operator of the largest fuel pipeline in the US – was one of the most significant cyber incidents in recent years. Indeed, it is possible that it has finally prompted coordinated action against ransomware gangs – only time will tell.

As it was reported in the immediate aftermath of the attack, the US government was forced to declare an emergency, and the Department of Transportation temporarily relaxed regulations governing how long truckers could remain behind the wheel across most of the Mid-Atlantic and southern US, as well as Texas, to improve fuel supply chain flexibility.

2. The REvil crew wants $70 million in the Kaseya ransomware heist

The REvil ransomware crew demanded a total $70 million ransom payment from over 1,000 businesses whose IT systems were locked after the gang compromised services provider Kaseya in a classic example of a supply chain hack on July 4th. Because of the magnitude of the incident, the REvil group was forced to go into hiding for a time, only to return to find that their infrastructure had been hacked back by law enforcement. One gang member is currently facing extradition to the United States to answer for his crimes, while others are on the run.

3. The BlackMatter gang intensifies its attacks on multiple victims

Ransomware gangs come and go for a variety of reasons, but one thing is certain: whether it’s a rebranding of an existing group or a new player in the game, someone else is always ready to take their place. BlackMatter is one of 2021’s more impactful emergent ransom crews, and in September, we reported on a spate of attacks against multiple targets that prompted warnings from across the security community.

4. A major ransomware attack has hit the Irish health service

The Conti ransomware gang made headlines on May 14 after encrypting the systems of the Irish Health Service Executive in a callous and truly heartless cyber attack. The incident caused significant disruption to patient services throughout Ireland, prompting a large-scale response that included the deployment of the army. Fortunately, no fatalities were reported as a direct result of the incident, but the service has still not fully recovered six months later.

5. Leaked Pfizer/BioNTech Covid-19 vaccine data

When data relating to the Pfizer/BioNTech Covid-19 vaccine, which was stolen in December 2020 following a cyber attack against the European Medicines Agency, was leaked on the internet in January 2021, cyber criminals attempted to disrupt the roll-out of the Covid-19 vaccine programme in Europe. The data dump contained email screenshots, peer review information, and other documents such as PDFs and PowerPoint presentations.

6. Global police raids after investigators crack the An0m crypto phone app in a major hacking operation

After intercepting the communications of organised criminal groups, police in 16 countries launched multiple raids in June. The gangs had been sending messages on an encrypted communications network without realising it was run by the FBI. This was only one of several similar raids in 2021 that, while successful in disrupting organised and cyber crime, raised legitimate concerns about law enforcement’s ability to conduct surveillance and the admissibility of the evidence gathered.

7. FatFace, a retailer, pays a $2 million ransom to Conti cybercriminals

Following a successful cyber attack on its systems in January, fashion retailer FatFace paid a $2 million ransom to the Conti ransomware gang in March, according to Computer Weekly. The ransomware operators had initially demanded a ransom of $8 million, or about 213 bitcoin at the time, but were successfully talked down during a lengthy negotiation process.

8. Scammers inadvertently expose fake Amazon review data

It was encouraging to learn in May that cyber criminals and fraudsters are also bad at operational security. This unfortunate scammer inadvertently exposed more than 13 million records in an open ElasticSearch database, exposing a massive fake review scam that implicated hundreds of third-party Amazon sellers in unethical and illegal behaviour.

9. $50 million ransomware demand on Acer – highest ever

Because Roy Castle and Cheryl Baker taught a generation of British schoolchildren that records are made to be broken, it’s possible that members of the REvil ransomware gang grew up watching BBC1 after school. In any case, the $50 million ransom demand made against PC manufacturer Acer was, for a time, the highest ever made. Details of the unprecedented double-extortion attack were revealed in March when the gang published Acer’s data to its leak site, but investigations by LeMagIT and SearchSecurity were critical in uncovering and highlighting the ransomware demand.

10. Ransomware gangs looking for people with negotiation skills

Finally, in July 2021, it was reported how the growing sophistication of the cybercriminal underground was reflected in how ransomware operations assembled their operations, seeking out specialist talent and skillsets. Indeed, Kela researchers discovered that some gangs are beginning to resemble corporations, with diversified roles and even outsourced victim negotiations. Naturally, people skills are in high demand as gangs try to persuade their victims to cough up their money.