{"id":90067,"date":"2021-06-17T20:09:07","date_gmt":"2021-06-17T14:39:07","guid":{"rendered":"https:\/\/blogs.quickheal.com\/?p=90067"},"modified":"2023-08-08T17:55:51","modified_gmt":"2023-08-08T12:25:51","slug":"breaches-and-incidents-top-5-cyber-attacks-in-quarter-1-2021","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/breaches-and-incidents-top-5-cyber-attacks-in-quarter-1-2021\/","title":{"rendered":"Breaches and Incidents: Top 5 Cyber-attacks in Quarter 1 – 2021"},"content":{"rendered":"

The second wave of the pandemic has hit India hard from a cybersecurity perspective. There has been a rise in recent cyber-attacks in India in 2021, with cybercriminals taking advantage of the situation and finding new ways to breach data. If we analyze the news of cyber-attacks in 2021, we will observe increased COVID-19<\/a> cyber threats and supply chain attacks. Here is a roundup of five cyber-attacks that had the most severe consequences:<\/p>\n

1. SolarWinds Attack<\/strong><\/h2>\n

The\u00a0SolarWinds attack<\/a> is considered to be among the worst cyber-espionage incidents ever suffered by the United States. Some of the biggest and most important organizations globally, including the North Atlantic Treaty Organization (NATO), the Government of the United Kingdom, the European Parliament, and Microsoft, were\u00a0reportedly<\/a>\u00a0affected. According to intelligence, the hacking group Cozy Bear, allegedly backed by Russia, was part of this classic supply-chain attack which\u00a0involved<\/a>\u00a0more than 200 organizations worldwide.<\/p>\n

The key takeaway from the SolarWinds attack is enterprises must integrate their cybersecurity silos into a single-point holistic security posture to ensure better monitoring. Seqrite HawkkEye<\/a> offers enterprises a single-pane-of-truth for the age of the digital everything with an intuitive cloud-based platform to help manage all individual point products from a single dashboard.<\/p>\n

2. Attacks on India\u2019s CoWIN app<\/strong><\/h2>\n

As India aims to find its way out of the pandemic by accelerating the vaccination process, cybercriminals jump on the opportunity by misguiding and tricking users into downloading fake apps. In January, we\u00a0reported<\/a>\u00a0incidences of fake Aarogya Setu apps created by malware authors to plant malware into the end user\u2019s phone. Now with vaccination being made eligible for the 18-44 population, there have been instances of\u00a0fake CoWIN apps<\/a>\u00a0being used to lure users into downloading the app in the hope of getting vaccinated.\u00a0 \u00a0<\/strong><\/p>\n

These attacks clearly demonstrate the importance of keeping your mobile phone safe from such threats. Quick Heal Mobile Security<\/a> offers free protection for your Android phone against virus attacks, unwanted calls, and theft.<\/p>\n

3. The Black Kingdom ransomware targets Microsoft Exchange servers<\/strong><\/h2>\n

According to reports, the dangerous\u00a0Black Kingdom ransomware<\/a>\u00a0attacked<\/a>\u00a0close to 1,500 Microsoft Exchange servers. Thought to be the handiwork of Hafnium, a Chinese state-sponsored group, this ransomware targeted a flaw in Microsoft Exchange servers that had not been updated with a patch. Files would be encrypted on compromised servers, and the attackers would demand a ransom of USD 10,000 in bitcoin.<\/p>\n

In our detailed analysis<\/a> of the Black Kingdom ransomware, we took a deeper look into its functioning and the steps that enterprises need to take to secure themselves. This attack has yet again illustrated why regular and timely patching of systems is so important.<\/p>\n

4. LinkedIn Phishing Scam<\/strong><\/h2>\n

LinkedIn is one of the world\u2019s most popular social networks, with\u00a0756 million members<\/a>\u00a0in more than 200 countries worldwide. This popularity has brought it in the crosshairs of attackers with the recent news of a\u00a0massive data breach<\/a>\u00a0in the company with reports that scraped data of 500 million LinkedIn users were\u00a0being sold online<\/a>. Attackers were gaining access to this data by spear-phishing users by emailing them with fraudulent job offers and making them click on malicious links. These links would lead to malicious software or backdoors being downloaded into the victim\u2019s systems.<\/p>\n

For a more detailed analysis of the LinkedIn phishing scam<\/a>, do read our article which explains how unsuspecting victims are tricked into clicking on fake phishing links through messages which promise a job opportunity. It also underlines the importance of staying aware of phishing attempts on all social media networks, including LinkedIn.<\/p>\n

5. Cyber-attack on Air India<\/strong><\/h2>\n

The data of millions of India\u2019s flagship airline customers, Air India, was compromised in one of the biggest cyber-attacks in 2021. Between August 2011 and February 2021, confidential information such as passport details, ticket information, and credit card data of more than\u00a04.5 million customers<\/a>\u00a0was compromised. While the airline tried to reassure its customers by stating that credit card details had not been leaked, it urged its users to change their passwords.<\/p>\n

These attacks make it clear that threat actors are moving quickly to take advantage of the chaos caused by the COVID-19 pandemic. Cyber-attacks will continue to evolve with malware authors honing their attack strategies. For more information on these attacks and cyber-attacks statistics, download Quick Heal Threat Report for Q1-2021<\/a>. The report contains all the latest data, trends, and statistics of recent cyber-attacks on Windows and Android. Click here now to read the threat report and stay updated about the latest trends in cybersecurity.<\/p>\n

 <\/p>\n

How to protect your organization from complex cyber threats? <\/strong><\/h2>\n

Witnessing the extent of damage cyber-attacks can cause, addressing these threats requires a multipronged security approach right away. Being proactive will be one of the important actions businesses can take in 202. Organizations who come to terms with the fact that security is no longer an optional investment will more successfully withstand the cybersecurity challenges they now face.<\/p>\n

Here are some steps you can take to reinforce your organization\u2019s cybersecurity framework and keep it shielded from cyber-attacks.<\/p>\n