The biggest business hacks of 2021
Businesses are a prime target for cybercriminals, regardless of size, industry or location.
In this chart sponsored by Global X ETFs, we visualized the biggest corporate hacks of 2021, measured by ransom size. The full list is also tabulated below.
|Victim||Country||Industry||Amount paid or requested (USD million)|
|Kia engines||South Korea||Automotive||$20M*|
|CNA Financial||WE||Financial services||$40 million|
*Requested but not paid in full. Source: Microsoft (2021), CRN (2021)
Keep reading below for more details on some of these amazing hacks.
Energy: Colonial Pipeline Co.
The Colonial Pipeline ransomware attack was the largest cyberattack ever against a US oil infrastructure target.
On May 7, hackers took down the company’s billing system and threatened to release the stolen data if a ransom was not paid. During negotiations, the company shut down its pipelines, leading to gas shortages in the southeastern United States.
It was reported that Colonial Pipeline promptly paid a ransom of $4.4 million in bitcoin (based on prices at the time). The FBI managed to recover some of these bitcoins, but their exact method has not been revealed.
Accenture, one of the largest IT consultants in the world, fell victim to a ransomware attack in August 2021. While this may sound ironic, it further proves that any business, regardless of industry, may be vulnerable to hackers.
“There was no impact to Accenture’s operations or our clients’ systems. As soon as we detected the presence of this threat, we isolated the affected servers.
– Accenture Spokesperson
The hack has been traced to LockBit, which claims to have stolen several terabytes of data from Accenture’s servers. A $50 million a ransom was demanded, although it is unclear whether the company actually made any payments.
Automotive: Kia Motors
Kia’s US business was the victim of a ransomware attack in February by a group called DoppelPaymer. The hackers threatened to release the stolen data within 2-3 weeks if a ransom of $20 million (in bitcoin) has not been paid.
This hack affected various systems, including the Kia Owner Portal, Kia Connect (a mobile app for Kia owners), and internal programs used by dealerships. It also prevented buyers from picking up their new cars.
Kia denied being hacked, but the timing of the ransom demand and Kia’s service interruptions were suspicious. According to the FBI, DoppelPaymer has been responsible for numerous attacks since 2020. Victims include US police departments, community colleges and even a hospital in Germany.
JBS, one of the world’s largest meat processors, experienced disruptions at its North American facilities in May. Shortly after, the company confirmed that it had paid the hackers a ransom of $11 million in bitcoin.
“It was a very difficult decision for our company and for me personally.”
– Andre Nogueira, CEO, JBS USA
This attack, along with the Colonial Pipeline hack, represents an alarming trend of targeted critical industries. For context, JBS claims to have an annual IT budget of over $200 million and employs over 850 IT professionals globally. The group responsible for this attack is known as the REvila now-defunct hacker group based in Russia.
Increased menu spending
The increasing frequency and sophistication of corporate hacks pose a major threat to the world. In fact, a recent study by PricewaterhouseCoopers found that 69% of companies expect future spending on cybersecurity to increase.
The Global X Cybersecurity ETF is a passively managed solution that can be used to gain exposure to the growing adoption of cybersecurity technologies. Click on the link to find out more.
#biggest #business #hacks