2021 was a banner year for ransomware, which is a type of malicious software that encrypts files, disrupts the operations of companies, and asks for a ransom in exchange for the release of the data. Attacks have devastated companies of all shapes and sizes, and crippled hospitals, fuel pipelines, food supply organizations and more. The numbers bear witness to the devastation. Ransomware nearly doubled in frequency in 2021 and now accounts for 10 percent of all breaches targeting organizations today, according to the Verizon Data Breach Report. What’s more, 37 percent of organizations reported being the victim of a ransomware attack during the year in some form — a staggering number by any metric.
Over the course of 2021, we saw some milestone attacks that have defined how we look at the significance of ransomware during our time. These are attacks that are significant for managed service providers (MSPs) to know about, as they speak to the growing threats and risk that may someday reach their clients’ doors. Read on for some of the largest attacks that affected organizations this year. You might also want to learn how MSP360 provides ransomware protection.
Kaseya
MSPs are likely familiar with Kaseya, as it offers IT management software for MSPs and large organizations. In July, the company announced it had been hit by a ransomware attack that ultimately rippled out to affect 1,500 organizations around the world that use its software. The attackers, called REvil, demanded $70 million in ransom from the company, though it ultimately declined to pay and obtained a decrypter key through other means.
JBS
JBS is one of the largest meat suppliers in the US. A ransomware attack in May affected one of its largest US plants, as well as other locations in Australia and the United Kingdom. The attack affected meat supplies around the world and JBS ultimately paid $11 million in ransom to restore its operations. Similarly to Kaseya, this attack was also attributed to the REvil group.
Colonial Pipeline
The ransomware attack on the Colonial Pipeline, which supplies a significant proportion of the fuel to the East Coast of the United States, is perhaps one of the most memorable from the past year. The attack caused lines at pumps across the country, as it shut down the fuel pipeline for several days. The company ultimately paid attackers a $4.4 million ransom, though the FBI was ultimately able to recover about half of it.
Brenntag
Organizations around the world also saw significant ransomware attacks. An attack on German chemical distributor Brenntag in April saw 150GB of data stolen from the organization, which attackers threatened to leak publicly. The company ultimately paid a ransom of $4.4 million to the attackers.
CNA Financial
Ransomware also hit one of the largest commercial insurers, CNA Financial, in March. The company ultimately had to pay $40 million to attackers to ensure that all of its systems could be fully restored and functioning.
MSPs have a critical role to play in making sure their customers are fully prepared to protect themselves against and respond to ransomware attack. These efforts can include, but are not limited to, ensuring that customers have full backups in place, are using software and network monitoring to detect signs of malware inside their organization, have patched and updated all systems, and are offering cybersecurity awareness training to all their employees.
There are no signs that these types of attacks will slow down any time soon. If anything, all the indications are that ransomware will continue to rise in the years to come. As trusted advisors to their customers, MSPs can help make sure that they are protected from this rising risk.
Read our free guide to learn about:
- Common MSP vulnerabilities;
- How to prepare for a ransomware attack to keep your clients safe;
- Which actions response to a ransomware attack should involve;
- How to manage clients while handling an attack.
About the author
Kurt Abrahams is the Vice President of Marketing at MSP360 with expertise in technology marketing, cybersecurity and AI based technology.