In just 10 cyber incidents last year, over $600 million in cash was stolen or taken as ransom, tens of millions of citizen records stolen, 40,000 businesses’ IT operations put at risk, one billion airline passenger details compromised and at least one bank was effectively shut down for over a week, according to Tokio Marine HCC International’s (TMHCCI) second annual Cyber Incidents Report.
The vast majority of the incidents listed in this year’s top 10 involved large institutions where cyber security plays an integral role in operations, but this did not prevent their sophisticated defense systems from coming under attack, confirmed the report, titled
Indeed, some of the most damaging attacks were experienced by the likes of Microsoft, Kaseya and SITA, organizations whose products and services feed directly into the systems of third parties.
“We are noticing a drastic increase in both likelihood and severity of all types of cyber attack. We have seen a marked increase in ransomware attacks, their complexity and in the appetite to target smaller organizations,” said Isaac Guasch, cyber security specialist at TMHCCI and author of the report.
“But whether you are a small independent business or a large, international organization, the increasingly interconnected nature of the businesses that form our economies, is a key threat,” he added.
“Even if you are confident that your cyber security measures are up to date, those of your partners may not be, so you may need to constantly redefine your perimeter.”
Ranking the top 10 global cyber incidents by impact shows that targets of attacks operate in a range of business sectors including IT, airport security, banking, energy, software component providers and government databases, said TMHCCI in its analysis of the data.
“It’s clear that organizations of all shapes and sizes need to understand that wherever they are and whatever they are engaged in, their business is at risk” said Xavier Marguinaud, head of Cyber at TMHCCI.
“But by gathering, analyzing and understanding the nature of these incidents, TMHCCI is able to better understand threat trends, attacker motivation and modus operandi. This insight allows us to provide effective insurance solutions that include tailored pre- and post-incident services to ensure your organization is best prepared for any cyber threats,” Marguinaud continued.
The report named the top 10 cyber incidents in 2021 as:
- Kaseya. Kaseya is a managed service provider (MSP) that provides IT solutions to more than 40,000 companies worldwide. In July 2021, Kaseya’s incident response team reported a potential security incident involving software that would potentially affect both on-premises and SaaS clients.
- Microsoft Exchange. On March 3, 2021, cybersecurity and infrastructure security (CISA) partners observed active exploitation of vulnerabilities in Microsoft Exchange Server products.
- SITA. On March 4, 2021, data stored on the SITA Passenger Service System (US) Inc. servers affected multiple airlines, including Star Alliance members (formed by Air Canada, SWISS, Lufthansa, Turkish Airlines, Singapore Airlines, among others), KrisFlyer and hundreds of thousands of passengers.
- Colonial Pipeline. On May 7, 2021, America’s largest refined products pipeline went offline after a hacking group called Darkside infiltrated it with ransomware, which led to fuel shortages across the East Coast.
- Banco Pichincha. In early October 2021, Ecuador’s largest private bank, Banco Pichincha, confirmed it had suffered a cyber attack, which disrupted operations and took its ATM and online banking portal offline.
- Belarusian. On Nov. 8, 2021, in light of the international tension against Belarus’ authoritarian regime, the hacking group Belarusian Cyber-Partisans claimed to access the full database of those crossing the country’s borders, including alleged movements of KGB officers and President Alexander Lukashenko himself.
- Poly Network. Poly Network facilitates exchange between several blockchains as users trade one cryptocurrency for another, such as trading Bitcoin for Ether. On Aug. 10, 2021, Poly Network suffered an anonymous attack in which over $610 million in cryptocurrencies was stolen.
- RENAPER. Records of potentially 45 million Argentinian citizens were stolen in this Oct. 9, 2021 hack of RENAPER, Argentina’s National Registry of Persons, which issued national ID cards. Personal data is now being sold in private circles.
- Apache Log4j. On Dec. 9, 2021, a Log4j software component vulnerability was released, which has had an incalculable systemic risk due to the widespread use of Log4j library in millions of products or app components.
- Volkswagen USA. A data breach affecting more than over 3.3 million customers from United States and Canada included information gathered for sales and marketing purposes from 2014 to 2019. On March 10, 2021, Audi and Volkswagen were alerted to the fact that an unauthorized third party may have obtained certain customer information.