- May 16, 2022
- Tech
- Data
- Cloud
- Luxembourg
- Security
- Startup
- Development
- Digital
The last three cyberattacks that stunned the world
With the digitalisation of society as a whole, we are
witnessing an increase of cyberattacks. Cyber threats are constantly evolving,
they affect an ever-increasing number of sectors and interests, both economic
and strategic. The three examples of attacks mentioned in this article are an
illustration of this trend.
The need for proper cybersecurity is so high that by the end
of 2021, $6 trillion will be spent globally on cybersecurity (International
Institute of Business Analysis). According to the Cisco Annual Cybersecurity
Report, attackers can launch campaigns without human intervention with the
advent of network-based ransomware worms. The number of security events increased
in number and in complexity. Among all and numerous cyberattacks of all kinds
(malware, phishing, Man-in-the-Middle (MitM) attack, Denial-of-Service (DOS)
attack, SQL Injections, Password attack, etc.), three have received particular
attention in 2021 because of the nature of their targets.
Colonial Pipeline ransomware attack, the largest
cyberattack on an oil infrastructure target in the history of the United States
On May 7, 2021, Colonial Pipeline, an American oil pipeline
system that originates in Houston, Texas, and carries gasoline and jet fuel
mainly to the Southeastern United States, suffered a ransomware cyberattack
that impacted computerized equipment managing the pipeline. The attack on the
largest fuel pipeline in the US disrupted fuel deliveries in twelve states for
several days. The pipeline closure caused chaos as millions queued for fuel and
the US Environmental Protection Agency were forced to initiate an emergency
fuel waiver allowing states to see ‘off-spec’ gasoline to alleviate shortages.
In response, Colonial Pipeline Company halted all of the
pipeline's operations to contain the attack. With the assistance of the FBI,
Colonial Pipeline paid the requested ransom (75 bitcoin or $4.4 million) within
several hours after the attack. The hackers then sent Colonial Pipeline a
software application to restore their network, but it operated very slowly.
The FBI and various media sources identified the criminal
hacking group DarkSide as the responsible party. The same group is believed to
have stolen 100 gigabytes of data from company servers the day before the
malware attack.
On June 7, the Department of Justice announced that it had
recovered 63.7 of the bitcoins (approximately $2.3 million) from the ransom
payment.
JBS pays $11m USD Cybercrime ransom in the largest attack
to impact a company focused on food production
On May 30, the Brazilian JBS S.A., the world’s
biggest meat processor, suffered a cyberattack, disabling its beef and pork
slaughterhouses. The attack impacted facilities in the United States, Canada,
and Australia. The attack threatened supply chains and caused further food
price inflation in the US.
To prevent further disruptions, JBS paid the $11m USD
ransom. The criminal group responsible were described by the FBI as one of the most
specialised and sophisticated in the world. The attack was compared to the
Colonial Pipeline cyberattack.
The attack is the largest to date to impact a company
focused on food production. Some forty additional attacks on food producers
occurred in the twelve months preceding the JBS attack (chicagotribune.com).
Florida’s Water Supply
On February 5th, a cybercriminal managed to infiltrate the
city of Oldsmar’s (Tampa area, Florida) computer system and, for a short time,
increased the sodium hydroxide level in the water supply to dangerous levels.
An unknown hacker or group of hackers was able to gain access to the operations
technology (OT) system of a water treatment plant. The attempt was thwarted by
an operator who was able to reverse the change to the settings, before the
toxic levels of the chemical reached the water.
In June, NBC News reported that last January a hacker
attempted to poison a water treatment plant that served parts of the San
Francisco Bay Area. “The hacker had the username and password for a former
employee's TeamViewer account, a popular program that lets users remotely
control their computers,” according to the report. After logging in, the hacker
reportedly deleted programs that the water plant used to treat drinking water.
As these three cases show, cyberattacks are not only a
technical or an economic issue, an intellectual property issue or an extortion
issue, it also concerns strategic infrastructures and vital economic sectors.
As a consequence, cybersecurity is geopolitical and political as well.
Cybersecurity
is therefore a central issue for all companies and governments. The latest
trends in the sector will be discussed at the coming Cybersecurity Week Luxembourg (Oct
18-28), the moment and place in the year to promote Luxembourg’s cyber
expertise and share knowledge and best practice. To echo this enriching week,
an interactive report, “Cybersecurity Insights”, will be distributed digitally to more than 10,000 contacts from
the IT, Cybersecurity sectors. “Cybersecurity Insights” will be published at
the beginning of November. It will showcase business cases, the main highlights
of the week as well as targeted content made of videos, podcasts, interviews
and articles. All Cybersecurity Week partners are encouraged to echo their
participation by thinking of targeted content to contribute to the “Cybersecurity
Insights” report.