Top 6 ransomware attacks of 2020
Last year, ransomware attacks were one of the most common cyberattacks among businesses. However, ransomware attacks are not just a concern for organizations like government, companies, or healthcare providers; they also affect employees and customers, as their data is often the collateral damage of suck attacks!
Ransomware attacks basically use malware to encrypt the data and files of the organization. They vary from extortion campaigns, which use DDoS (Distributed Denial of Service), to overwhelming their victims with traffic with the promise of stopping the attack in exchange for a ransom payment.
In this case, some organizations choose to pay ransom demands; however, it is generally not recommended as there is no guarantee that hackers will restore access to the infected system. In addition, by paying the ransom, you motivate the attackers to continue with these cybercrimes. Studies have shown that approximately 58% of ransomware victims paid in 2020, compared to 39% in 2017.
What are some of the biggest ransomware attacks in 2020?
1. Travelex ransomware attack
Threat actors started the year 2020 with an attack on a foreign exchange company called Travelex. The attackers forced the company to turn off all computer systems and rely on pen and paper. Therefore, the company had to take down its websites in 30 countries as a result.
Behind the attack was the notorious hackers’ group known as REvil, demanding $6 million from Travelex. The gang claimed to have accessed the company’s computer network six months previously, enabling it to download 5GB of sensitive customer information (such as dates of birth and credit card numbers). The group announced that if the ransom is paid, they will delete the data, but if not, the ransom would double every two days. After 1 week, REvil gang said they would sell the data to other cybercriminals.
2. Grubman Shire Meiselas & Sacks
In May, Grubman Shire Meiselas & Sacks, a law firm based in New York, with a host of celebrities including Madonna, Robert DeNiro, Elton John, was also a victim of REvil ransomware.
The attackers claimed to have used the REvil ransomware to steal personal information, including:
- client contracts
- email addresses
- telephone numbers
- personal correspondence
- non-disclosure agreements
As a typical double extortion attack, the ransomware operators stole all the data they considered valuable before encrypting them. With a total size of 756GB, the compromised data included sensitive private information of Lady Gaga, Madonna, Elton John, Bruce Springsteen, Mariah Carey, Barbara Streisand, and more. In addition, the attackers also claimed to have obtained sensitive data relating to Donald Trump, though he was never a client of the law firm.
Cybercriminals threatened to release the data in nine staggered releases if the company did not pay the ransom totaling $21 million. They also published 2.4GB of data relating to Lady Gaga online to show they are serious. Given that the law firm refused to pay, attackers doubled up the demand to $42 million. The group then used a new approach; therefore, the stolen data were put up for auction, with Madonna’s information sold at a base price of $1 million. The attack caused significant damage to the reputation of the company.
Read the rest on our website for free.
