• 8 hours Ireland Balks At Biden’s Global Tax Plan
  • 3 days Robinhood To Trade On Nasdaq Targeting $32B Valuation
  • 7 days Facial Recognition Is Watching You
  • 8 days Biden’s $3.5T ‘Human Infrastructure’ Workaround
  • 8 days The Fed’s $3 Trillion Headache
  • 11 days Why Bitcoin Could Struggle To Recover After Epic Crash
  • 11 days Wells Fargo Back In The Spotlight Over Personal Loan Cancellations
  • 12 days Delta Variant Real Threat To Economic Recovery
  • 15 days JEDI Drama Continues With Microsoft Contract Cut
  • 17 days DiDi Shares Take a Beating From Chinese Regulators
  • 18 days Thousands Of Companies Hit In Latest Ransomware Attack
  • 18 days Jobs Report Has Big Numbers, But Still Big Problems
  • 19 days Robinhood’s ‘Mission’ Questioned in $70M Fine
  • 22 days Didi Just Went Public, And Uber Is Loving It
  • 23 days Islamic Finance On Track To Hit $3.7 Trillion
  • 24 days The Lumber Bubble Is Bursting
  • 28 days A New Entry In The Two Trillion Dollar Club
  • 28 days 3 Upcoming IPOs To Watch As IPO Market Rebounds
  • 30 days Welcome To The Used Car Bonanza
  • 31 days The Year Of The Retail Investor Keeps Getting Bigger
  1. Home
  2. Tech
  3. Tech News

Ransomware Netted Criminals $350M In 2020 Alone

Ransomware Netted Criminals $350M In 2020 Alone

Early last year, many cybercriminals pledged not to attack essential businesses during the coronavirus outbreak out of the criminal goodness of their hearts, but a slate of recent ransomware attacks indicate that the underworld benevolence is over, apparently has economies reopen and sympathy is no longer at an all-time high

Two weeks ago, the Colonial Pipeline, the largest pipeline system for refined oil products in the U.S,  paid ransom to the tune of almost $5 million.

Then, last week, it was reported that in March one of the largest insurance companies in the United States, CNA, had quietly paid $40 million to regain control of its network after a ransomware attack. 

According to a Bloomberg report citing people with knowledge of the attack, the hackers were paid two weeks after company officials were locked out of their network and had valuable data stolen. 

CNA has never shared any details about the attack; nor, will it comment on the ransom, saying only that it “followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter”.

Just like with terrorists, the FBI discourages organizations from paying ransom for the obvious reason that it encourages more attacks.

 Although the ransomware attacks and payments are rarely disclosed to the authorities and public, the $40-million payment is bigger than any previously disclosed.

While the FBI pinned the Colonial Pipeline cyber-attack on DarkSide, an Eastern Europe-based cybercriminal hacking group, CNA said its investigation concluded that the attackers used a new variant called Phoenix CryptoLocker, malware developed by Russian Evil Corp cyber group. 

Following the Colonial Pipeline attack, President Joe Biden signed an Executive Order to improve the nation's cybersecurity and protect federal government networks.

The order lays out a series of new requirements for companies that do business with the federal government, requiring companies to report certain information about cyber breaches. It also establishes a Cybersecurity Safety Review Board to analyze incidents. 

Still, even last year many failed “honor amongst thieves” code even though health-care and other essential institutions were spared to some extent.

Yet, global ransomware attacks soared in 2020, when we saw a 62% increase in ransomware globally and 158% spike in North America over the previous year. The total amount paid, at least what was reported, was $350 million, a 311% increase over 2019.

2021 wasn’t peaceful, either.  

Among several, computer maker Acer has been hit by a ransomware attack in March, with the attackers demanding the largest known ransom to date--$50 million. There is no confirmation that it was paid.

In February, a water treatment plant in Florida came under cyberattack via a remote access system with the authorities claiming that the attackers wanted to poison the water supply. 

Tens of thousands of organizations around the world had their email servers compromised in attacks targeting Microsoft Exchange Server. More than 30,000 organizations have been impacted since the attack began in early January until Microsoft released security updates. The company said that the attack was probably sponsored by the Chinese government.

The former U.S. administration called out the Chinese and Iranian governments over alleged attempts to hack and steal information for developing a coronavirus vaccine.  

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) also said that state-sponsored Chinese hackers were targeting US researchers, both state-run and private, in cyberattacks seeking information on vaccines for COVID-19. 

Even though both ransomware attacks, Colonial Pipeline and CNA, originated from the same region, there is not any evidence or rumors yet that they might have been state-sponsored. 

By Michael Kern for Safehaven.com 

Back to homepage

Leave a comment

Leave a comment