Major Ransomware Attacks

With each passing year, the ransomware landscape is complex and more complicated. 2022 is no exception. We close the first half-year with a brief look at five major ransomware attacks that have already affected businesses and government agencies worldwide.

This is a map of major cyber-criminals attacks. It’s meant to look more closely at their strategies and intentions. We can all be more aware and prepared for the threat of ransomware.

Ransomware strains are much like the COVID-19 virus. They don’t stop evolving and can often grow more dangerous over time. Further, this year has already seen the emergence of many new Ransomware-as-a-Service (RaaS) gangs, such as Mindware, Onyx and Black Basta, and the return of one of the world’s most dangerous ransomware operations, Ravil.

This points to one thing: Ransomware attacks have stopped going anywhere, and your business could become the next victim. Ransomware Protection is essential, regardless of where you live or your business’s nature.

No one is secure. A phishing email might appear authentic to an employee in your company. This could lead to chaos and compromise of sensitive data and encrypted files.

Nvidia: In February 2022, the ransomware attack on the world’s largest semiconductor chip manufacturer was successful. According to the company, the threat actor started leaking proprietary information online and had begun to leak employee credentials.

Lapsus$ ransomware claimed responsibility for the attack, claiming that they had 1TB of exfiltrated company data they could leak online. It demanded $1 million and a portion of an unspecified Nvidia fee.

Costa Rica’s Government: This attack was most talked about in 2022 because it was the first time a country declared a national emergency to respond to a cyber-attack. The nation’s first ransomware attack was in April. It brought down the ministry of Finance.

The ransomware group Conti claimed responsibility for the initial attack. They asked the government to pay $10 million and then increased it to $20 million.

Another attack wreaked havoc on the country’s healthcare system, putting it in disarray as of May 31. The Costa Rican social insurance fund was affected by this attack linked to HIVE. The attack directly affected common Costa Ricans as it shut down the country’s healthcare system.

Bernalillo County in New Mexico: This attack was the first major in 2022. The largest county in New Mexico was struck by a ransomware attack that paralyzed several of its departments. However, county officials said they did not pay ransom to hackers.

This ransomware attack caused severe citizen distress when any government department went offline and brought attention to the county as it took a jail offline.

Inmates were forced to remain in their cells after the ransomware attack took out the security cameras and automated doors at the Metropolitan Detention Center. The electronic locking system on the cells failed, and the Center had to restrict inmates’ movement, possibly violating a 25-year-old settlement agreement regarding conditions of confinement.

Toyota: Three Toyota suppliers were hacked between February 2022 and March 2022. This shows that even though your organization may be secure, a determined threat actor will still find a way in.

The cyber-attack on Toyota’s supplier Kojima Industries (not necessarily ransomware), forced the company to stop operations at 14 of its Japanese plants. According to reports, the hack caused a 5% drop in monthly production capacity.

Worse, two other Toyota suppliers, Denso and Bridgestone, were also hit by ransomware within 11 days. Bridgestone’s subsidiary was the victim of a ransomware attack that caused production facilities and computer networks in North America and Middle America to be shut down. Lock bit was responsible for the attack.

SpiceJet – An attempted ransomware attack on the Indian airline SpiceJet left hundreds of passengers stranded at various locations across India earlier in the year.

Although the airline stressed that the ransomware attack was not attempted and that the IT team managed to control the situation, serious cybersecurity issues were exposed in one of the largest aviation markets.

It was clear that both Indian and international airlines must assess their ransomware readiness and increase their preparedness to deal with such attacks efficiently and effectively.

According to news reports, SpiceJet’s reputation was damaged because passengers waited for information about their flights for more than 6 hours. It highlighted the importance of timely communication and emergency response in an aviation industry, where good Incident Management Planning can play a significant role.

Leave a Reply

Your email address will not be published. Required fields are marked *