Top 10 Ransomware Attacks
What is Ransomware?
Ransomware is malware that encrypts a user’s or organization’s critical data, making it impossible for them to access files, databases, or applications. For access to be granted, a ransom must be paid.
An entire organization can be crippled by ransomware because it spreads across a network and targets database and file servers.
Businesses and governmental organizations suffer significant damage and expenses as a result of this growing threat. Cybercriminals generate billions of dollars in payments each year through this type of activity.
Here we are with Top 10 Ransomware Attacks:
1-CNA Financial
In March 2021, CNA Financial, one of the nation’s largest insurers, suffered a major cyberattack. Employees at CNA were blocked from logging into the network as a result of the attack, which involved the theft of large amounts of company data and customer information.
In order to launch the attack, hackers accessed company computers and stole sensitive data. An extensive ransom was demanded for the ransomware. To regain access to its systems, CNA paid the hackers $40m around two weeks after the attack.
2- JBS
Food processing giant JBS operates around the world. On May 30 2021, US, Canadian, and Australian operations were affected by a significant ransomware attack. The attack is reported to have cost the jobs of up to 7,000 Australians.
There have been reports that Russian group REvil was responsible for the attack, but this has never been confirmed. A ransom of $11m was demanded, and it was promptly paid in bitcoin.
3- Garmin
Garmin, a global technology and communications giant, was attacked with ransomware in early 2020. It was using WastedLocker ransomware to encrypt company data, and the decryption key was demanded for $10m.
In this case, US sanctions against Evil Corp, a Russian-based group, made it difficult for Garmin to pay the ransom legally. As a result, Garmin used a third-party digital security firm to handle the payment.
4- Colonial Pipeline
It was the year of the ransomware attack in 2021, with another major incident occurring in early May. Colonial Pipeline’s oil pipeline was completely shut down for five days by a cyberattack that crippled its computers.
A ransom of $4.4m was demanded, and it was paid within hours under the supervision of the FBI.
5- Travelex
On New Year’s Eve 2019, Travelex, a London-based foreign currency exchange, was targeted by a major cyberattack. This crippled its network, causing business disruptions for several months.
The initial ransom demand was $6 million, but after several weeks of negotiations, it was reduced to $2.3 million. The Sodinokibi gang is suspected of carrying out the attack.
6- Costa Rican government
Conti, based in Russia, launched an attack on the Costa Rican government in April 2022. It stole hundreds of gigabytes of sensitive data from the Ministry of Finance, including financial information.
The country has suffered greatly as a result of its refusal to pay the $10 million ransom.
On May 8, 2022, a state of national emergency was declared, demonstrating the severity of the attack.
7- RobbinHood
RobbinHood is a type of modern ransomware that targets high-value targets and typically demands three to thirteen bitcoins as a ransom. To gain access to company and organization networks, it typically employs brute force attacks or trojans.
After gaining access, important files and data are encrypted, and ransom demands are left on the affected device. Companies are typically given four days to pay the ransom in full, with a $10,000 penalty added for each day the payment is late.
8- Accenture
According to Bleeping Computer, the IT consulting firm discovered irregular activity involving one of its environments in the fourth quarter of fiscal 2021. A third-party entity exfiltrated and then published proprietary information as part of this activity.
According to the computer self-help website, the LockBit ransomware gang eventually claimed responsibility for the attack and claimed to have stolen six terabytes of data from Accenture’s network. According to the news report, the group also allegedly demanded a $50 million ransom.
9- Acer
The REvil/Sodinokibi ransomware gang announced on their data leaks website in March 2021 that they had breached the Taiwanese multinational electronics corporation Acer.
Those responsible for the attack claimed responsibility for the attack by publishing images of financial statements and other documents allegedly stolen from the company. They also demanded $50 million from Acer, the largest ransom demand made by any victim at the time.
10- Apple
A month after the Acer attack, a user going by the handle “Unknown” posted on the digital crime forum XSS that the REvil/Sodinokibi gang was about to reveal their “largest attack ever.” Two days later, the ransomware group revealed that they had targeted an Apple business partner.
The attackers tried to intimidate the company into paying a ransom. When that failed, they turned to Apple, publicly releasing proprietary blueprints for new Apple devices stolen from the tech giant’s business partner. They threatened to continue publishing files stolen from Apple unless the company agreed to a $50 million ransom demand by May 1st.
Thanks for reading!
Check us our product 👉 https://threat.zone/
Follow us at Twitter and Linkedin 👇
https://twitter.com/threat_zone
https://www.linkedin.com/company/threatzone/
References: