Breaches and Incidents: Top 5 Cyber-attacks in Quarter 1 – 2021

The second wave of the pandemic has hit India hard from a cybersecurity perspective. There has been a rise in recent cyber-attacks in India in 2021, with cybercriminals taking advantage of the situation and finding new ways to breach data. If we analyze the news of cyber-attacks in 2021, we will observe increased COVID-19 cyber threats and supply chain attacks. Here is a roundup of five cyber-attacks that had the most severe consequences:

1. SolarWinds Attack

The SolarWinds attack is considered to be among the worst cyber-espionage incidents ever suffered by the United States. Some of the biggest and most important organizations globally, including the North Atlantic Treaty Organization (NATO), the Government of the United Kingdom, the European Parliament, and Microsoft, were reportedly affected. According to intelligence, the hacking group Cozy Bear, allegedly backed by Russia, was part of this classic supply-chain attack which involved more than 200 organizations worldwide.

The key takeaway from the SolarWinds attack is enterprises must integrate their cybersecurity silos into a single-point holistic security posture to ensure better monitoring. Seqrite HawkkEye offers enterprises a single-pane-of-truth for the age of the digital everything with an intuitive cloud-based platform to help manage all individual point products from a single dashboard.

2. Attacks on India’s CoWIN app

As India aims to find its way out of the pandemic by accelerating the vaccination process, cybercriminals jump on the opportunity by misguiding and tricking users into downloading fake apps. In January, we reported incidences of fake Aarogya Setu apps created by malware authors to plant malware into the end user’s phone. Now with vaccination being made eligible for the 18-44 population, there have been instances of fake CoWIN apps being used to lure users into downloading the app in the hope of getting vaccinated.   

These attacks clearly demonstrate the importance of keeping your mobile phone safe from such threats. Quick Heal Mobile Security offers free protection for your Android phone against virus attacks, unwanted calls, and theft.

3. The Black Kingdom ransomware targets Microsoft Exchange servers

According to reports, the dangerous Black Kingdom ransomware attacked close to 1,500 Microsoft Exchange servers. Thought to be the handiwork of Hafnium, a Chinese state-sponsored group, this ransomware targeted a flaw in Microsoft Exchange servers that had not been updated with a patch. Files would be encrypted on compromised servers, and the attackers would demand a ransom of USD 10,000 in bitcoin.

In our detailed analysis of the Black Kingdom ransomware, we took a deeper look into its functioning and the steps that enterprises need to take to secure themselves. This attack has yet again illustrated why regular and timely patching of systems is so important.

4. LinkedIn Phishing Scam

LinkedIn is one of the world’s most popular social networks, with 756 million members in more than 200 countries worldwide. This popularity has brought it in the crosshairs of attackers with the recent news of a massive data breach in the company with reports that scraped data of 500 million LinkedIn users were being sold online. Attackers were gaining access to this data by spear-phishing users by emailing them with fraudulent job offers and making them click on malicious links. These links would lead to malicious software or backdoors being downloaded into the victim’s systems.

For a more detailed analysis of the LinkedIn phishing scam, do read our article which explains how unsuspecting victims are tricked into clicking on fake phishing links through messages which promise a job opportunity. It also underlines the importance of staying aware of phishing attempts on all social media networks, including LinkedIn.

5. Cyber-attack on Air India

The data of millions of India’s flagship airline customers, Air India, was compromised in one of the biggest cyber-attacks in 2021. Between August 2011 and February 2021, confidential information such as passport details, ticket information, and credit card data of more than 4.5 million customers was compromised. While the airline tried to reassure its customers by stating that credit card details had not been leaked, it urged its users to change their passwords.

These attacks make it clear that threat actors are moving quickly to take advantage of the chaos caused by the COVID-19 pandemic. Cyber-attacks will continue to evolve with malware authors honing their attack strategies. For more information on these attacks and cyber-attacks statistics, download Quick Heal Threat Report for Q1-2021. The report contains all the latest data, trends, and statistics of recent cyber-attacks on Windows and Android. Click here now to read the threat report and stay updated about the latest trends in cybersecurity.

How to protect your organization from complex cyber threats?

Witnessing the extent of damage cyber-attacks can cause, addressing these threats requires a multipronged security approach right away. Being proactive will be one of the important actions businesses can take in 202. Organizations who come to terms with the fact that security is no longer an optional investment will more successfully withstand the cybersecurity challenges they now face.

Here are some steps you can take to reinforce your organization’s cybersecurity framework and keep it shielded from cyber-attacks.

• Prioritize generating cybersecurity awareness in your workforce –

Unaware employees can prove to be an organization’s most significant weakness when it comes to cybersecurity. Organizations must prioritize generating awareness amongst their workforce about the prevalent and emerging cyber threats to secure the fast-expanding digital world they face today.

• Invest in robust security tool –

Equip your organization and workforce with the proper means of dealing with cyber threats. With the amount of data multiplying every day, hyper-automation—the process in which businesses automate as many IT processes as possible—is more imperative than ever. According to the Quick Heal threat report, there is a significant rise in malware, ransomware, phishing scams, and more. As a result, organizations need powerful, fast, and secure Quick Heal solutions for PCs, mobile, and other devices for employees working from home. Also, Seqrite provides advanced automated solutions for organizations to help them prevent tomorrow’s threat today!

• Keep the systems updated on a regular basis –

Keep all your hardware and software up-to-date with the latest security updates and patches. Failing to do so can create weaknesses in your security infrastructure and lead to cyber-attacks.

So, don’t wait for your company’s name to be on the list of cyber-attack victims and take the necessary precautions immediately.

Quickheal