Page 40 - Cyber Defense eMagazine April 2021 Edition
P. 40
2020 was the year that COVID-19 brought a major
cyber-pandemic to the world. An assessment by INTERPOL
revealed that organizations and businesses rapidly deploying
remote systems and networks to support staff working from home were
being taken advantage of by cybercriminals. The report
noted that in a four-month period, “some 907,000 spam
messages, 737 incidents related to malware and 48,000
malicious URLs – all related to COVID-19 – were detected by INTER-
POL and its private sector partners.” Many of these never made the
headlines, but six major attacks did – ranked below by their overall im-
pact.
Today, we turn back the pages of 2020 to review the most
noteworthy cyberattacks making up the cyber-pandemic, which came
with COVID-19 and the flight of employees to remote work environ-
ments. These cyber events were part of an ongoing series of attacks,
keeping IT security professionals on high alert.
1. The SolarWinds Attack - This attack involved hackers com-
promising the infrastructure of SolarWinds, a company that produces
a network and application monitoring platform called Orion, and then
using that access to produce and distribute
trojanized updates to the software’s users.
2. FireEye: The Stolen Red Team Tools - On August 12, 2020
FireEye announced that a sophisticated group of hackers, likely
state-sponsored, broke into its network and stole tools that the compa-
ny’s experts developed to simulate real attackers and test the security
of its customers. The attack was later found to be tied to SUNBURST
malware which was also responsible for the SolarWinds attack.
3. Software AG: Clop Ransomware Attack - The
second-largest software vendor in Germany was reportedly hit by a ran-
somware attack in October 2020. News outlets reported that the Ger-
man tech firm had been attacked by the Clop ransomware and that the
cyber-criminal gang had demanded a $23 million
ransom.
4. Sopra Steria: Ryuk Ransomware Attack – The 46,000 em-
ployee European information technology firm announced on October
21, 2020 that it had detected a cyber attack the previous evening. The
virus was identified as a new version of the Ryuk ransomware, previous-
ly unknown to antivirus software providers and security agencies. The
attack followed a previous infection with either TrickBot or BazarLoader.
INTERPOL, INTERPOL report shows alarming rate of cyber-attacks during COVID-19, August, 2020
1
40 Cyber Defense eMagazine – April 2021 Edition
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.