Cyberattacks That Made Headlines In 2021


The year 2021 presented a variety of extraordinary challenges for organisations. With the many data breaches and cyberattacks occurring this year, it was a record-breaking year for data loss. Because of the evolving technologies, such as machine learning and artificial intelligence, and greater tactical cooperation between hacker groups and state actors, there was an increase in data breaches and cyberattacks.

Ransomware has been used against the Colonial Pipeline, Steamship Authority of Massachusetts and JBS Foods. These attacks lead to a shutdown of critical infrastructure, resulting in shortages, increased costs of goods and services, and financial losses caused by disrupting operations and paying ransom to hackers.

According to Harvard Business Review, 2020 saw increased cyber-attacks and ransom payments. The amount companies paid to hackers grew by 300 per cent. The sudden increase of remote work and lax security protections at home gave hackers the perfect opportunity to breach sensitive data.

Major cyberattacks in 2021

In 2021, just six ransomware groups were responsible for breaching the cybersecurity defences of 292 organisations. These criminal organisations have so far taken more than $45 million in ransom money from their attacks.


Chinese Hackers Compromised Telecom Firms

Chinese state-backed hacking groups compromised at least five global telecom companies, they stole phone records and location data. The hacking groups waged a campaign across Southeast Asia from 2017 to 2021, in some cases exploiting security vulnerabilities in Microsoft’s exchange servers to gain access to telecom companies’ internal systems, according to Cybereason.

Cyberattack Targets Gas Stations And Alters Billboards

According to Iran-based state television, gas stations across Iran were hit by a cyberattack, halting fuel sales and altering billboards to messages challenging the regime’s ability to distribute fuel. No group has claimed responsibility for the attack.

Iran-linked Hackers Breached Office365 Customer Accounts

According to Microsoft, the Iran-linked hacking group has targeted more than 250 Office365 tenants and compromised accounts for less than 20. The attacks have been carried out via password spraying, a technique where hackers try the same password repeatedly while rotating the username. All the targeted accounts were the US and Israeli defence technology companies.

Hacker Group Leaks Information On Ministry Of Defence In Israel

Moses Staff claims it has successfully conducted a cyberattack on the Israeli Defence Ministry, releasing files and photos it claims it obtained from the ministry’s servers. Moses Staff’s website claims that the group has hacked over 165 servers and 254 websites and compiled over 11 terabytes of data — including Israel Post, the Defence Ministry, files related to Defence Minister Benny Gants, the Electron Csillag company and Epsilor company.

New activity From Russian Actor Nobelium

According to Microsoft, Nobelium’s latest hack targeted resellers and other technology service providers that customise, deploy and manage cloud services. Fourteen firms successfully had their defences breached, although they haven’t been named, and the nature of the hacks have not been shared.


EU Warns Russia Over ‘Ghostwriter’ Hacking Ahead Of German Elections

According to a press release from the European Council, the Ghostwriter campaign targeted numerous parliaments, government officials, politicians, and members of the press and civil society in the EU. It was carried out by accessing computer systems and personal accounts and stealing data.

Cybersecurity Risks In Xiaomi And Huawei 5G Smartphones

Researchers found Xiaomi phones to censor content downloaded. The phone’s Mi browser receives a manufacturer’s blocked keyword list. When it detects that the content users want to send words from the list, the device stops it. At the time of the study, the module embedded in the phones detects and censors 449 keywords or groups of keywords that counter the Chinese government’s message.

Hackers Breach UN Computer Networks

Hackers breached the United Nations’ computer networks and made off with a trove of data that could be used to target agencies within the intergovernmental organisation. The hackers’ method for gaining access to the UN network appears to be unsophisticated –they got in using the stolen username and password of a UN employee purchased off the dark web.

Mobile Spyware Attacks Targeting Kurdish Ethnic Group

Cybersecurity researchers revealed a year-long mobile espionage campaign against the Kurdish ethnic group to deploy two Android backdoors that masquerade as legitimate apps. Active since at least March 2020, the attacks leveraged as many as six dedicated Facebook profiles that claimed to offer tech and pro-Kurd content — two aimed at Android users while the other four appeared to provide news for the Kurdish supporters — only to share links to spying apps on public Facebook groups. All six profiles have since been taken down.


Hacktivists Leak Videos Of Abuse In Iran Evin prison

A hacktivist group breached the internal CCTV system at Evin, a prison complex in Tehran where Iran houses most of its political prisoners and leaked videos showing extensive prisoner abuse. The videos were shared with reporters from Radio Farda (Radio Free Europe), Iran International, and the Associated Press.

Russian Cyberspies Targeted The Slovak Government

A Russian cyberespionage group targeted the Slovak government for months. The attacks were attributed to a group known as the Dukes, Nobelium, or APT29. Cybersecurity agencies from the US and other countries formally linked to the Russian Foreign Intelligence Service earlier this year after attacking software company SolarWinds.

Russia Uses New Hardware To Target Anti-Kremlin App

Russia targeted and blocked content on a “smart voting” app created by Kremlin critic Alexei Navalny and his allies to organise voting against the Kremlin in parliamentary elections.

Cyberattack Shuts Down Italian Region’s COVID-19 Vaccine Scheduling App

A cyberattack on the Covid-19 vaccine-scheduling website for the Italian region of Lazio forced the website to shut down temporarily. New vaccination appointments were unable to be scheduled for several days after the attack.


Hacker Downloaded 286,000 ID Photos From Government Database

A Tallinn-based hacker downloaded 286,438 ID photos from the Estonian government database, exposing a vulnerability in a platform managed by the Information System Authority (RIA).

Saudi Aramco Facing $50 Million Cyber Extortion Over Leaked Data

A cyberattack gained access to 1 terabyte of data from the Saudi Arabian Oil Company, Saudi Aramco, through zero-day exploitation. Hackers offered to delete the data in exchange for $50 million in cryptocurrency.

 Cyberattack On Microsoft Exchange Servers

The United States, the European Union, NATO and other world powers released joint statements condemning the Chinese government for a series of malicious cyber activities. They attributed responsibility to China for the Microsoft Exchange hack from early 2021 and the compromise of more than 100,000 servers worldwide.

Pegasus iPhone Spyware Hack

Several countries used Pegasus, surveillance software created by NSO Group, targeting iPhone and Android operating systems through zero-day exploitation of devices belonging to activists, politicians, and journalists.

Spies Catfishing US Military Targets

Spies used Facebook accounts to pose as recruiters, journalists, and NGO affiliates, targeting US military personnel. The hackers sent malware-infected files or tricked targets into submitting sensitive credentials to phishing sites.

Russian Defence Ministry  Website Hit By Cyberattack

The Russian defence ministry claimed it was hit with a DDoS attack that caused its website to shut down, stating the attack came from outside the Russian Federation.

Kaseya Ransomware Attack

Russian hackers exploited Kaseya’s virtual systems/server administrator (VSA) software allowing them to deploy a ransomware attack on the network. The hack affected around 1,500 small and midsize businesses, with attackers asking for $70 million in payment.

Russian Hackers Hit Ukraine’s Navy Website

The Ukrainian Ministry of Defence claimed its naval forces’ website targeted Russian hackers who published fake reports about the international Sea Breeze-2021 military drills.


Verizon, Water Agency Targeted In Chinese Cyber Espionage Campaign

Chinese actors targeted organisations, including Verizon and the Metropolitan Water District of Southern California, using a platform used by numerous government agencies and companies for secure remote access to their networks.

Cyber Attack On Polish Officials

A cyberattack reportedly from Russia compromised the email inboxes of more than 30 prominent Polish officials, ministers and deputies of political parties, and some journalists.

Details Of UK Special Forces Soldiers Leaked

An astonishing data security blunder saw the personal data of Special Forces soldiers leaked. The document contained details of all 1,182 British soldiers, including sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.


Cyberattack Hits World’s Largest Meat Supplier

The world’s largest meat processing company, Brazilian-based JBS, was the victim of a ransomware attack. The attack, which shut down facilities in the US, Canada and Australia, was attributed to the Russian speaking cybercrime group, REvil.

Fujitsu SaaS Hack

Hackers gained access to Fujitsu’s systems and stole files belonging to multiple Japanese government entities. So far, four government agencies have been impacted.

South Korean Government Targeted

Cybersecurity researchers identified a North Korean hacking group responsible for a cyber espionage campaign, targeting high profile South Korean government officials, utilising a phishing methodology. The group’s targets were based in South Korea and included the Korea Internet and Security Agency (KISA), ROK Ministry of Foreign Affairs,  International Atomic Energy Agency Nuclear Security Officer, among many others.

Irish Cyber-attack: Hackers Bail Out Irish health Service For Free

Upon discovering the attack, government authorities shut down the HSE system. The attackers utilised the Conti ransomware-as-a-service (RaaS), which is reported to be operated by a Russia-based cybercrime group.

Colonial Pipeline Cyber Attack

Colonial Pipeline, the largest fuel pipeline in the US, was the target of a ransomware attack. The energy company shut down the pipeline and later paid a $5 million ransom. The attack is attributed to DarkSide, a Russian speaking hacking group.


Facebook Says Palestinian Spies Behind Hacking Campaign

Hackers linked to Palestinian intelligence conducted a cyber espionage campaign that compromised approximately 800 Palestinian reporters, activists, and dissidents in Palestine and the Middle East.

Cyberattack Hit European Commission

The European Commission announced that a significant cyberattack hit the EC and multiple other EU organisations by unknown hackers.


Russian Hackers Exploit Lithuanian Infrastructure and Target German Parliament

Russian hackers targeted top Lithuanian officials in 2020 and used the country’s IT infrastructure to carry out attacks against organisations involved in developing a COVID-19 vaccine. Suspected Russian hackers attempted to gain access to the personal email accounts of German parliamentarians in the run-up to Germany’s national elections.


North Korean Hackers Tried To Steal Pfizer Vaccine

North Korea attempted to steal coronavirus vaccines and treatments information by hacking Pfizer. Digital espionage targeting health bodies, vaccine scientists, and drugmakers who have surged during the COVID-19 pandemic state-backed hacking groups scramble to secure the latest research and information about the outbreak.

Cyber Groups Spying On Dissidents

Two Iranian hacking groups conducted espionage campaigns against Iranian dissidents in 16 countries in the Middle East, Europe, South Asia, and North America.

If you liked reading this, you might like our other stories

Darker Side Of The Web
Is RPA Catalysing Healthcare Industry?