Cybercriminals Target at Least 17 US Institutions Since March

by Ryan


  • Businesses, local governments, and other organizations in the US have been victims of cyberattacks this year.
  • The largest attacks occurred on gas provider Colonial Pipeline and meat producer JBS.
  • President Biden is expected to address cyberattacks with Russian President Vladimir Putin during their meeting Wednesday.
  • See more stories on Insider’s business page.

A growing number of cyberattacks have occurred on US businesses, local governments, and public systems since the start of 2021.

These attacks usually originate from outside the US, in countries like Russia and China, experts who spoke to Insider earlier in June said. Tyler Moore, a professor of cybersecurity and information at the University of Tulsa, said there were three kinds of major cyber attacks:

ransomware
attacks, espionage attacks, and email compromise attacks.

“There was a big increase in ransomware attacks in 2020 that continued in 2021,” Allan Liska, who works on the computer security incident response (CSIRT) at the cybersecurity company Recorded Future, previously told Insider.

“What I think we’re starting to see is ransomware attacks that have more of an impact on a broad swath of consumers,” he said.

President Joe Biden earlier this year placed sanctions on Russia for its involvement in the attack on SolarWinds, which was reported last year. Biden is also expected to address cybercrime when he meets with Russian President Vladimir Putin in Geneva on Wednesday.

These are the cyberattacks that US companies, agencies, and institutions have faced so far this year. 

CNA Financial Group

CNA Financial Group announced in May it had been the victim of a ransomware attack in March, Bloomberg reported. According to the report, the Chicago-based insurance company paid hackers $40 million to regain control of its IT systems. The company said it did not believe data was stolen in the attack.

Microsoft’s Exchange Server email software

At least 30,000 victims that included small businesses and local governments were hacked by an organization in March that is thought to have ties to China. The hackers exploited four vulnerabilities with Microsoft’s Exchange Server email software, according to Krebs on Security.

A Maryland drug-treatment clinic

Turning Point Clinic, the largest drug-treatment clinic in Baltimore, Maryland, was the victim of a cyberattack in April, according to the Baltimore Sun. The hackers may have accessed and copied patient’s personal information, officials said, according to the report.

An Iowa school district

The Union Community Schools District in Cedar Rapids, Iowa, was the victim of a cyberattack in April, school officials announced in June, according to KCRG. The breach briefly took the school’s website down, and school officials said the hackers may have accessed the school district’s documents.

New York’s metro authority

Also in April, the Metropolitan Transportation Authority, the New York state agency that operates public transit in New York City was targeted by cybercriminals. Officials said hackers did little damage to its systems and did not access train controls, according to a report from NBC New York

An Alaska court system

The Alaska court system said it was the victim of a

malware
attack in April, according to the Associated Press. The court system took its systems offline and was working to make them stronger to avoid future attacks, according to the report. It said it did not believe personal information was stolen as a result of the breach.

Alaska’s Department of Health and Human Services

The Alaska Department of Health and Human Services was the victim of a malware attack in May, it said, taking some of its online services offline, according to Alaska Public Media. The department said it wasn’t clear if personal information was accessed during the hack, according to the report.

America’s largest fuel pipeline 

Ransomware organization DarkSide, which is believed to be tied to Russia, in May targeted Colonial Pipeline, the operator of the largest fuel pipeline in the US. The shutdown caused gasoline shortages and price hikes for about a week across the East Coast, leading governors in several states to declare states of emergency, as Insider reported.

The world’s largest meat supplier

JBS USA, the world’s largest meat supplier, announced in May it too had been the victim of an attack by cybercriminals. The company temporarily suspended operations at around 10 of its global plants due to the attack, according to a report from Bloomberg. It paid hackers $11 million, according to NBC News.

The government of an Illinois county

The government in St. Clair County, Illinois, was the victim of a cyberattack at the end of May that caused weekslong disruptions, according to Government Technology. The hack prevented residents from using online systems to access court records or pay taxes, according to the report. A ransomware group named Grief took responsibility for the attack, according to the report.

Tulsa’s computer systems 

Hackers in May breached computer systems in the city of Tulsa, Oklahoma, prompting officials to quickly shut them down, according to the Associated Press. City residents were left unable to use online systems to pay their water bills. A spokesperson for the city of Tulsa said the hack was stopped before any information could be leaked, according to the AP.

A truck and military vehicle manufacturer

Navistar, a US truck and military vehicle manufacturer, said it was the victim of a cyberattack in May. The company said that data had been stolen from its IT system. It said the IT system remained fully functional. It’s unclear what data was stolen, Insider previously reported.

San Diego health system

San Diego health system Scripps Health reported it fell victim to ransomware attack May 1, according to Fox 5 San Diego. As a result, the system took its system offline for a month, leading to missed appointments and patients’ inability to access their medical records. It’s unclear if hackers accessed private patient data, according to the report.

Puerto Rico’s main power provider

Luma Energy LLC, the main power provider in Puerto Rico experienced a denial-of-service attack on June 10, according to The Wall Street Journal. A denial-of-service attack occurs when hackers overwhelm a system with requests in an attempt to bring it down. Shortly after the attack, a fire at the facility broke out, causing 900,000 people to lose power. The cause of the fire has not yet been determined, according to the report.

McDonald’s

McDonald’s announced on June 11 it had been hit by a cyberattack in the US, South Korea, and Taiwan. The hack exposed employee information, and information about some of its restaurants, but the company said no customer information was leaked as a result of the hack, The Wall Street Journal reported.

Massachusetts ferry service

The Steamship Authority of Massachusetts was the victim of a ransomware attack in June, NBC Boston reported. While ships continued to operate normally during the attack, customers were unable to book or change their tickets online or by phone for a week.

An Iowa community college

Both in-person and online classes were canceled in June at the Des Moines Area Community College in Iowa after a cyberattack took down its computer systems, Fox Business reported. In-person classes have resumed, while online courses remained canceled as of June 14, according to the college. The school said it didn’t believe that student or faculty data had been leaked due to the breach, according to Fox Business.

NYC’s law department

New York City officials confirmed in June they were investigating a hack on its Law Department. According to a report from the New York Daily News, the breach left lawyers unable to access documents and may have made put employee’s personnel information at risk.

Television stations

In June, at least three US television stations owned by Cox Media Group were hit with a reported cyberattack, according to a report from NBC News. Cox Media Group did not return Insider’s request for comment and has not publicly spoken about the hack.

Video game developer 

Hackers in June stole data from game developer Electronic Arts (EA), according to Vice. In an online forum, hackers claimed to have stolen data about the company’s upcoming games, including “FIFA 21,” the report said. Hackers reportedly used Slack to breach the company. In total, the hackers claimed to have stolen 780 GB of data, according to Vice. The company told Vice no customer data had been extracted in the hack.



Source link

Related Articles