Op-ed views and opinions expressed are solely those of the author.
Ransomware and other hacking attacks exploded in 2021. Personnel changes at the Cybersecurity and Infrastructure Security Agency (CISA) and a new philosophical direction in the American intelligence community foreshadowed a scattered response to the increasing threat posed by countries like Russia, China, Iran, and North Korea.
Despite several new initiatives that yielded inconclusive results, for-profit hackers and state-sponsored hacking outfits that specialize in espionage had a banner year.
That said, here are the most memorable cybersecurity news items for the year 2021.
- January: The disputed 2020 presidential election birthed a bitter feud between still-sitting President Donald Trump and former CISA Director Christopher Krebs over the security and legitimacy of election results. After Krebs endorsed a November 17thJoint statement from the Elections Infrastructure Government Coordinating Council and the Election Infrastructure Sector Coordinating Executive Committees claiming that “The November 3rd election was the most secure in American history,” Trump would fire Krebs. Krebs would not be unemployed for long, as in January of 2021, he was hired as a consultant by SolarWinds, which was victimized by what has been called the most wide-ranging cyberattack in history.
- February: February of 2021 saw DHS Director Alejandro Mayorkas announce new initiatives intended to secure the American cybersphere. Among the initiatives was a plan to increase spending for cybersecurity via Federal Emergency Management Agency (FEMA) grants and “The Reduce the Risk of Ransomware Campaign,” which would be administrated by CISA.
- March: Microsoft Exchange Server software was exploited in an attack that gave hackers access to the email accounts of more than 30,000 entities in the United States. The attack was the handiwork of Chinese Advanced Persistent Threat Group Hafnium. The aftermath would see threats of new economic sanctions against China from the US and European allies. As of December 2021, those sanctions are yet to be established.
- April: The world would have to wait until May to hear the news of the hack against Colonial Pipeline by Russia’s DarkSide Ransomware Gang, although the attack was actually initiated in late April of 2021. As a result of the attack, the 5,500-mile pipeline responsible for providing 45% of the east coast’s fuel supply was temporarily shut down.
- May: Additional hacking-related supply chain issues in the US sprung up with May’s attack against meat manufacturer JBS Foods. This Russian-based outfit was carried out by the REvil Ransomware Gang. The attackers saw a huge payday of 11 million dollars.
- June: June of 2021 saw the CEO of Colonial Pipeline summoned to appear in a congressional hearing to answer questions regarding the DarkSide attack. One of the more serious topics of conversation related to the question of whether Colonial Pipeline had violated an Office of Foreign Assets Control (OFAC) advisory that set forth penalties for businesses that are found to have issued ransom payments to individuals or groups under US sanctions.
- July: REvil launched an attack against IT infrastructure and services provider Kaseya. The attack had devastating potential due to the companies wide-ranging client base. The attack vector leveraged was a fake software update that penetrated the security mechanisms of both Kaseya’s clients and their client’s customers. REvil claims that as many as one million systems were encrypted and the group demanded $70 million in bitcoin as a ransom.
- August: Newly confirmed CISA Director Jen Easterly announces the formation of a Joint Cyber Defense Collaborative at the 2021 Black Hat cybersecurity conference on August 5th. The new initiative will combine the expertise of public sector companies like Google, Amazon and Microsoft, with the knowledge base of the federal government in an effort defend critical infrastructure and other valuable American targets.
- September: Cyberattacks around the globe saw the South African Department of Justice struck with a devastating ransomware attack that took the country’s DOJ and Constitutional Development website and services offline. Additionally, New Zealand’s postal service website and online services for many of the country’s largest banks were rendered inaccessible due to a DDoS attack on September 7th. In America, the Labor Day weekend saw Howard University victimized by a ransomware attack that interrupted online classes for several days.
- October: The Sinclair Broadcast Group and their 185 local TV stations across America, were victimized by Russian-based hackers. The attacks shut down email, phone systems, and data networks. An October 24th blog post from Microsoft cited Nobelium, the group that was behind the SolarWinds attack, as the group attacking companies that resell Microsoft cloud services.
- November: Palo Alto Networks indicated that foreign hackers were able to successfully breach nine organizations in the energy, defense, healthcare, technology, and education sectors.
- December: The United Arab Emirates and Israel establish agreements on defense and cyber intelligence. This new agreement was made possible by President Trump’s Abraham Accords. CISA warns of the Log4j vulnerability that is linked to a utility running in the background of many common software apps. The vulnerability could potentially affect hundreds of millions of devices.
Cybersecurity is perhaps the most critical issue affecting both the public and private sectors today. The never-ending threats posed by ransomware gangs and state-sponsored Advanced Persistent Threats (APTs) will only continue to grow in 2022. The question is, will the Biden administration be able to rise to the constantly evolving challenges present in the cybersphere.
DONATE TO BIZPAC REVIEW
Please help us! If you are fed up with letting radical big tech execs, phony fact-checkers, tyrannical liberals and a lying mainstream media have unprecedented power over your news please consider making a donation to BPR to help us fight them. Now is the time. Truth has never been more critical!
- How Google is enabling cybercriminals via ‘malvertising’ - April 1, 2023
- TikTokers in Congress are compromising cyber and data security - February 8, 2023
- Cybersecurity in 2022: Cyberwarfare, infrastructure, espionage, and hacking-for-profit - December 30, 2022
We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.