Top Cyber Security Breaches 2021

Cyber Security

Top security attacks of 2021

On January hackers struck the Microsoft exchange server operating all over the world
Infiltrated the email servers - which contained tonnes of confidential data.
The data mostly came from giant companies and governments storing crucial information of their customers and citizens such as email addresses, passwords, etc.
Over 250,000 servers have fallen victim to the data breach as of 9th March.

USA’s largest cyber insurance provider fell prey to a skilfully crafted ransomware attack forcing millions to go out of business.
The hackers who were behind the attack used a malware named Phoenix CryptoLocker to encrypt the database of the insurance firm
CNA had to pay up a whopping $40 million

Hackers attacked Colonial Pipeline.
The ransomware attack took place between 6th -12th May this impacted the computerised equipment managing the pipeline.
Unfortunately, this led to a heavy data breach and halting of all activities for Colonial Pipeline, which mainly functions in the South-eastern parts of the United States.
The attack was so severe and alarming that President Biden, as well as the Governor of Georgia, had to declare a state of emergency.
Even though matters are in control now, the oil giant reportedly had to pay a ginormous $5 million to gain back access to its systems.

Accenture has confirmed that it was hit by a ransomware attack, with a hacker group using the LockBit ransomware reportedly threatening to release the company’s data and sell insider information.
LockBit, is a strain of ransomware that prevents users from accessing infected systems until a ransom payment is made.

Red Piranha

Security risk : Top attacker country was the US with 12365 unique attacker (45.33%)

The top trojan server detected was Lu0bot with 26 instances
The top phishing campaign detected was against Facebook with 44 instances detected.

Approach to minimise security risk

Red Piranha security risk assessment & audit services offer a comprehensive, business-driven approach to evaluating your cybersecurity maturity level based on your business operations and risk profile. The maturity model provides you with a simple, pragmatic approach to evaluate your current security maturity and identify targeted areas for improvement.
Our team of in-house certified assessors and auditors combine control requirements from well-known frameworks to create a consolidated model which addresses the most critical security domains and capabilities, so you can meet today’s risk-focused demands.

Cisco

Reduces cyber attacks by controlling access and preventing unauthorised lateral movement on the network
Cisco ISE profiles endpoints and identifies users. Based on contextual data collected ISE created role based access control (RBAC)policy
Cisco ISE uses Cisco TrustSec technology embedded in Cisco routers and switching, to enforce policy throughout the network
If an endpoint is compromised, ISE can be notified and change the access policy to contain or quarantine the threat.

Kaspersky

Security Vulnerabilities - Potential target to a ransomware attack

The device used is no longer state-of-the-art
The device has outdated software
Browsers and/or operating systems are no longer patched
No proper backup plan exists
Insufficient attention has been paid to cybersecurity, and a concrete plan is not in place

Anti - Ransomware software protection :

Kaspersky Internet security -
- The software is able to block infected files when you download or stream something, thus providing real-time protection.
- This prevents ransomware from infecting your computer and keeps cybercriminals at bay
Anti -ransomware tool -
- The tool helps detect and block ransomware by performing scans and protects your data both from local and remote-access ransomware attacks.

Video links :