প্রকাশ: 07/12/2021
Cyberattacks grabbed headlines throughout 2021 as massive
disruptions affected government agencies, major companies and even supply
chains for essential goods like gasoline and meat.
The year started off on a sour security note. In January,
the FBI, the National Security Agency and the Cybersecurity and Infrastructure
Security Agency jointly suggested that Russia was responsible for an attack
against SolarWinds, a Texas-based company whose software was used by everyone
from the federal government to railroads, hospitals and major tech companies.
The attackers inserted malicious software into an update of
SolarWinds' popular Orion IT software products that companies incorporate into
their own systems. Thousands of customers installed the tainted update, and
cybercriminals were then able to access their systems. The Russian government
has denied involvement in the attack.
Ransomware attacks in May hit both Colonial Pipeline, a
major pipeline operator, and JBS USA Holdings, a big meat processor. The
companies coughed up millions in payments and shut down their operations long
enough to drive up the prices of gasoline and meat. Again, Russia was blamed
for the attack.
Tech companies weren't immune either. Apple and Facebook had
to deal with cyberthreats that endangered the security and privacy of their
users. Meanwhile, the same companies wrestled with knotty questions about how
much user data, which could be vulnerable in a cyberattack, should be
collected.
Here's a quick look at the most important cybersecurity news
of 2021:
Ransomware: When the
big guys go down, it affects everyone
The year made it painfully obvious that the days of garbage
ransomware used by script kiddies are long gone.
Ransomware, which encrypts a computer until victims pay for
tools to unlock their data, is big business. Cybercriminals have set their
sights on major businesses that will pay big bucks to avoid being shut down.
That's what happened in the headline-grabbing cases of
Colonial Pipeline and JBS USA. Both companies forked over millions of dollars
in ransom payments via bitcoin, a favorite cryptocurrency, after they found
their systems locked up.
The two high-profile attacks were far from the only
ransomware cases of 2021.
Suspected ransomware payments reported by banks and other
financial institutions totaled $590 million for the first six months of this
year, according to an October report by the Department of the Treasury. The
figure easily surpassed the $416 million in suspicious payments reported for
all of 2020.
The US government has pledged to step up its approach to
fighting computer crimes. In October, the White House convened an international
counter-ransomware event that included representatives from more than 30
countries. Group members pledged to share information and work together to
track down and prosecute the cybercriminals behind ransomware attacks.
Notably absent: Russia, which the US and other countries
blame for harboring and possibly encouraging the groups behind the attacks.
A month earlier, in an effort to make it at least a little
bit harder to ransom US companies, the Treasury Department said it will
sanction cryptocurrency exchanges, insurance companies and financial
institutions that facilitate ransomware payments.
Data privacy battles
Apple also found itself at a privacy crossroads in 2021. The
iPhone maker was forced to fend off an outside hacking threat that endangered
the security and privacy of its users, some of them very high profile, while
attempting to find a balance in its own data privacy practices.
In September, Apple issued an emergency patch for the
operating systems powering its iPhones, iPads and Apple Watches to close holes
that made the devices vulnerable to the Pegasus spyware developed by Israel's
NSO Group.
Though the spyware was largely a threat only to high-profile
users who could be targeted by nation-state hackers, the vulnerability was a black
mark for Apple, which had, for the most part, enjoyed a reputation for being
relatively safe from viruses and online attackers.
Apple also provoked controversy with a proposed feature that
would scan its devices for images of child exploitation. Privacy and security
experts, as well as other critics, charged that the approach to combating the
illicit material was tantamount to creating a back door that could be exploited
by governments intent on curbing free expression. Apple, which had previously
won plaudits for refusing to crack a terrorist's iPhone, delayed rolling out
the feature.
Data breaches keep
coming
Data breaches publicly reported in the first nine months of
2021 exceeded the total for all of 2020, according to the Identity Theft
Resource Center.
Department store chain Neiman Marcus, stock trading platform
Robinhood, web host GoDaddy and wireless carrier T-Mobile were among the
companies to report data breaches that resulted in customer information being
stolen. California Pizza Kitchen and McDonald's both reported breaches that
compromised data related to their operations and employees. Cybercriminals
stole data from video game company Electronic Arts that included the source
code for the soccer game FIFA 21.
Most recently, Planned Parenthood Los Angeles confirmed that
an October data breach exposed patient records, including names, dates of
birth, addresses, insurance identification numbers and clinical data like
diagnosis, treatment and prescription information.
প্রধান সম্পাদকঃ সৈয়দ বোরহান কবীর
ক্রিয়েটিভ মিডিয়া লিমিটেডের অঙ্গ প্রতিষ্ঠান
বার্তা এবং বাণিজ্যিক কার্যালয়ঃ ২/৩ , ব্লক - ডি , লালমাটিয়া , ঢাকা -১২০৭
নিবন্ধিত ঠিকানাঃ বাড়ি# ৪৩ (লেভেল-৫) , রোড#১৬ নতুন (পুরাতন ২৭) , ধানমন্ডি , ঢাকা- ১২০৯
ফোনঃ +৮৮-০২৯১২৩৬৭৭