Posted on December 28, 2020 at 4:16 PM
Top 10 Malware Attacks In 2020 And Best Prevention Strategies In 2021
Cybercriminals are devising means of launching attacks every day, such as IoT attacks, ransomware attacks, cryptohijacking, as well as phishing attacks.
A recent survey of security breaches this year shows that 81 top firms in the world from 81 different countries have faced data breaches in 2020.
The report further revealed that 80% of firms have witnessed increased cyber-attacks this year, with COVID-19 responsible for a 230% rise in the number of cyberattacks on banks.
Most of these attacks are carried out via system compromise and malware attacks on computer servers and networks.
With lots of malware attacks on computer systems and servers in 2020, people may want to know which ones were the most prevalent. That’s exactly why we are here. We are going to look at the top ten cyber attacks in 2020 and how to protect against them as we enter 2021.
But first, let’s have a quick overview of the meaning of a malware cyberattack.
What is a malware attack?
In the cyberworld, a malware attack is when a person or group installs malicious software on another person’s or organizations’ computer without their knowledge. The idea is to compromise the server and gain access to the victim’s network or system.
The main reason for most malware attacks is for financial gain, and there are different types of malware, including Trojan horses, ransomware, spyware, as well as viruses.
Exploit kits for attacks
Cybercriminals use exploit kits to look for vulnerabilities in software on a target’s mobile device or computer. The exploit kits have prewritten code used for searching the victim’s system.
Once the kits see vulnerability, the attackers can plant malware in the system via the vulnerability. So many hackers use this type of malware, which makes it very important to get regular software updates to prevent giving the hackers the chance to compromise your systems.
Top 10 Malware attacks in 2020
The following are the top ten list of malware attacks that occurred in 2020, which had a massive impact on the affected organization.
Hijack of Telegram
Hackers compromised Telegram’s email data and messenger of some of the top firms in the cryptocurrency industry. According to reports at the time, the hackers made use of Signaling System 7 (SS7), utilized to connect mobile networks across the world.
Cybersecurity experts reported that the hackers were looking for two-factor authentication (2FA) login details from the server.
They hijacked the network’s short message services center (SMSC) to send requests on location updates to over 20 targeted high-profile victims.
The attack was carried out by the attackers to get cryptocurrency. It’s a very common attack in the crypto space, but the victims are still not sure how to protect their systems against such attacks.
But it seems the crypto community has better authentication methods than using call or SMS-based 2FA, with blockchain technology at play.
The cybersecurity experts think protocols such as SS7 should not be utilized by telecom experts as it doesn’t have the right security standard to protect against a sophisticated attack in this modern time.
Software AG Ransomware Attack
Software AG, the seventh-largest software vendor in Europe and second-largest Germany had one of the biggest ransomware attacks in 2020. It occurred only two months ago. ZNET exclusively carried the report that the company was attacked by the Clop ransomware, with a whopping $20 million ransom demand requested by the ransomware gang.
The company also tried to negotiate with the hackers, but it’s not clear whether it succeeded. But at the time, the report revealed AG has still not recovered the stolen. However, services to its customers such as cloud-based services were not affected.
Software AG released a statement regarding the incident, the company is close to restoring its database and system to resume full operation across all section.
Seyfarth Shaw Malware Attack
Seyfarth Shaw LLP, a leading global legal firm based in Chicago, was a victim of an “aggressive malware” attack earlier in October. The law firm later confirmed the attack as a ransomware attack. The aftermath of the cyberattack left the firm’s email system completely offline, according to a statement credited to the victim law firm.
Seyfarth Shaw released another statement, claiming the firm data or client data was not compromised in the attack. But a lot of its systems were encrypted after the firm shut down other systems to prevent any further spread of the attack.
The firm informed law enforcement about the hacking incident, and the FBI started its investigations immediately. In most hacking attacks, details about the type of malware used are usually given to encourage more research about the malware. However, details or information about this malware was not given to the public. So, no one is sure how the attack occurred or what type of ransomware was deployed for the attack.
REvil is one of the renowned ransomware used by groups of hackers to compromise systems and plant malware. It’s an encryption virus that encrypts all files while the hackers demand money from the victims before the files could be decrypted.
For this type of ransomware demand, the cybercriminals demand that the victims pay them through Bitcoin and other cryptocurrencies where their identity will be untraceable.
The type of attack suffered in the Grubman Shire Meiselas law firm is a REvil ransomware attack. The threat actors had access to the firm’s data belonging to famous clients and exposed the details online on the dark web.
Based on the reports at the time, the personal information of top celebrities such as Maria Carey, Elton John, Rod Stewart, Robert De Niro, and drake was exposed during the attack. Additionally, the attackers also obtained screenshots of computer files of other celebrities like Barbara Streisand, Bettle Midler, Bruce Sprinngsteen, and Madonna’s tour contract.
Sopra Steria Attack
On October 20, France-based IT service Sopra Steria was hit by a ransomware attack by a new strain of the Ryuk ransomware, which was not previously known to cybersecurity providers.
After the attack, Sopra Steria said the attack affected part of its IT framework. But there wasn’t any damage or leaked customers’ data because of the data breach, according to the company.
When it comes to ransomware attacks, Ryuk has been one of the most potent ransomware in this present age. The ransomware has been deployed in top organizations such as Prosegur, a Spanish logistics company, and EWA, a US defense contractor.
Carnival Corporation Data Breach
August was an unforgettable month for Carnival Corporation, as the firm suffered a massive data breach due to a ransomware attack.
According to the report, the world’s biggest cruise line operator said hackers stole confidential information of employees, crews, and customers during the attack.
Carnival Corporation said it detected the malware incident which compromised and encrypted one of the company’s IT infrastructure. The firm informed law enforcement agencies immediately after the attack for investigation. The firm also hired cybersecurity experts and legal counsel to help with the investigation.
Also, the public has been kept in the loop when it comes to how the attack happened and the type of attack on the company’s network. Carnival Corporation said there was no recorded case of misuse of exposed personal data.
Cognizant data breach
On April 18, New Jersey-based firm Cognizant announced that its database was breached and some sensitive files were encrypted. The company said its network was infected with the Maze ransomware, which encrypted the company’s servers and reduced the work from home capabilities of the firm.
The initial report revealed that the ransomware caused some of the firm’s employees to lose access to emails, which forced them to use other means to communicate with customers and coworkers.
But in May, Cognizant revealed that it has completely recovered from the ransomware infection and most services have been restored. The company said the malware incident did not affect the customer system but only Cognizant’s internal network.
The impact of the attack was heavy, as the company lost between $50 million and $70 million. The company also said there could be additional consulting and legal cost linked to the investigation for remediation of attack and the restoration of service.
The revenue and corresponding margin impact of the ransomware attack is expected to be in the range of $50 million to $70 million in the second quarter of 2020, Cognizant said May 7. The company said it expects to incur additional legal and consulting costs tied to the investigation, service restoration, and remediation of the ransomware attack.
ISS World attack
Denmark-based facilities management firm ISS World was the victim of a ransomware attack in February this year. The attack left hundreds of thousands of workers without access to their email or systems.
A few days later, the ISS World released a statement, claiming the cause of the attack had been identified and was aligning with external experts to gradually restore its IT systems.
In March, the company stated that it was systematically relaunching its business-critical systems after regaining control of almost all its infrastructure.
The cost of the attack was estimated to be between $45 million and $75 million. The firm said it needs to put in workarounds to ensure continuous service delivery and improve system performance. It also rebuilt some sections of its IT infrastructure that have been damaged as a result of the attack.
Magellan Health Ransomware Attack
Earlier in April this year, a Fortune 500 company Magellan Health announced that its servers have been hit by a ransomware attack and its database has been compromised. Based on sources about the incident, the attackers got into the company’s server by impersonating a client at Magellan Health.
As a result, hackers were able to access the servers of the company. The report revealed that the hackers compromised about 1.7 million data, including the personal information of both the employees and the customers.
Tillamook County attack
This was another hacking incident that resulted in a massive loss of funds, as the Recovery and Mitigation cost was around $1 million.
The attack occurred on January 22 when a ransomware attack took down the servers of Tillamook County, including its email networks, phone systems, website, and internal computer systems.
This forced the county to disable its connection to reduce the spread of the malware. The hackers were from the famous hacking group known as the REvil or the Sodin hacking group, who have led several attacks on companies all over the world.
Protecting against malware attacks in 2021
As we are about to enter 2021, the majority of these hackers will still use similar malware and hacking tools that have given them results in 2020. Security experts are always quick to offer advice on the right ways of protecting systems against attacks.
Keeping your software updated
One of the best ways of protecting your systems from any hacking attempt is to keep your system regularly updated. Most attacks occur because hackers find a security hole or vulnerability they can exploit. But with regular updates, those vulnerabilities would be non-existent. As soon as software updates are available for your system, it’s wise to run them immediately.
Scanning executable files for malware
Most malware files are usually executable. Choose an antivirus program that doesn’t scan automatically, but does that manually in real-time. Such antivirus software will help you discover any malware-infested file before they become a problem for your computer.
Using multi-factor authentication
Any hacker would have to bypass security protocols before gaining access to your network or system. To make it very difficult for them, it’s necessary to maintain a multi-factor authentication protocol.
Backing up files always
If your files or data is compromised and stolen, a prior backup of those files will help to completely restore them. It’s important to copy your data and store them in reputable cloud storage or keep them in an external hard drive. So, when there is a loss of file due to a hacking incident or system corruption, you can copy those files back.
The above are some of the most effective ways of protecting your system against malware infection or attack.
As 2020 is about coming to an end, those in the cyberworld have had a lot of experiences, especially in the area of cyberattacks. It’s also the year where organizations saw unprecedented cyber-attacks due to the impact of the COVID-19 pandemic. As several workers were forced to work from home, cybercriminals took advantage to infiltrate victim’s devices to get access to the company’s data.
And the security gap between the office and home has played a big role to encourage more data breaches in 2020. As a result, there has been an increased theft of sensitive information, leading to heavy financial and reputational losses for organizations.
But as we are approaching 2021, it’s important to use the stronger network and system security features to protect against such attacks.
You must be logged in to post a comment.