Cybersecurity issues dominated tech news in 2021, and with good reason. One issue that's particularly doing the rounds is ransomware. It emerged as one of the most concerning threats of 2021, with some experts calling it "the year of ransomware."

Large enterprises, NGOs, hospitals, and government institutions fell victim to ransomware, resulting in enormous financial losses, operational disruptions, privacy concerns, and massive lawsuits.

Here are some of the biggest ransomware attacks in 2021, to help you identify the trends and to arm you with the information you need to stay protected.

Understanding the Ransomware Threat

Ransomware is a type of malware that encrypts users' data and locks them out of their own systems and networks. The perpetrator then demands a ransom in return for decryption and often threatens to leak or sell the information on the dark web if the ransom isn't paid.

The amount is often collected in the form of cryptocurrencies, which is why cybercriminals manage to get away, in most cases, without being traced.

Related: What Is Ransomware and How Can You Remove It?

As per a report published by the Cybercrime Magazine in 2019, the cost of ransomware damages across the world for 2021 would be around $20 Billion, and there would be a ransomware attack every 11 seconds. It seems like the estimations were indeed quite accurate, as we’ve already observed some massive ransomware attacks this year.

The Biggest Ransomware Attacks This Year

ransom for cyberattack
Image credit: Bacho via Shutterstock

Although ransomware isn't a new phenomenon, its global impact reached new heights in 2021. The attacks this year not only fleeced companies and corporations of millions of dollars but also impacted public lives.

1. Colonial Pipeline

Earlier this year, the largest pipeline system for refined oil products in the United States, Colonial Pipeline Co., was the subject of a massive ransomware attack and the consequences that followed were even bigger.

The attack on Colonial Pipeline was one of a kind, as it caused a disruption in the supply of gasoline and jet fuel across the U.S. east coast. The attack was first identified on May 7th, which is when the supply got disrupted, and the company wasn’t able to resume supply until May 12th.

The Colonial Pipeline attack was reportedly carried out by the notorious group, DarkSide, which is allegedly based within Russia. The attackers were able to penetrate the system through the company’s virtual private network, using a compromised username and password.

Related: DarkSide Ransomware: Who Was Behind the Colonial Pipeline Attack?

The cybercriminals managed to halt the operations of the victim company and got hold of nearly 100GB of sensitive and confidential data, which they threatened to leak unless Colonial Pipeline agreed to pay around $5 million in ransom.

The company eventually did end up paying the ransom, but the damage had already been done, and vulnerabilities within the largest and most influential organizations were brought to light.

2. JBS Foods

unlock ransomware on laptop

The world’s largest meat producer was targeted in one of the world’s largest ransomware attacks in 2021.

Earlier this year, JBS Foods USA—the company responsible for producing a quarter of the country’s beef—was forced to halt operations at all of its 13 processing plants across the USA.

The attack threatened the country with serious supply shortages and potential disruptions in the food supply network, putting grocery stores, farmers, restaurants, and several other associated industries at risk.

Reportedly, JBS Foods, in consultation with their IT and cybersecurity experts, decided to pay $11 million in Bitcoin, making it one of the largest ransom amounts ever paid. JBS Foods made this decision to mitigate the impact of the attack and prevent further disruptions.

The CEO of JBS USA expressed his concerns and elaborated on the rationale behind the decision to pay the ransom upfront, as he said,

“This was a very difficult decision to make for our company and for me personally, however, we felt this decision had to be made to prevent any potential risk for our customers."

Investigations have accused a Russia-based group of cybercriminals that goes by the name of REvil for this attack. The same group has also been accused of several other large-scale ransomware attacks in multiple industries and sectors.

Related: Did REvil Ransomware Really Cause a Meat Shortage?

3. Brenntag

Brenntag, the German-based chemical distribution company with operations in over 77 countries, was hit by one of the biggest Ransomware attacks of 2021. The North American division of the company was targeted by DarkSide, the same ransomware group behind the Colonial Pipeline attack.

The attackers were able to encrypt data and devices on the compromised network and ended up stealing around 150GB of data. DarkSide claimed that it was able to launch the attack after getting access to the network through stolen credentials that it purchased, which is an alarming aspect in itself.

Eventually, Brenntag agreed to pay around $4.4 million in ransom, after negotiating it down from $7.5 million, to restore operations and minimize further disruptions.

4. Acer

A ransomware attack

The first quarter of 2021 has been a disaster for many companies, and the Taiwan-based hardware, software, and services company is among the unlucky ones. Acer was attacked by REvil, which is the same gang of cybercriminals that attacked JBS Foods this year.

Reportedly, the attackers were able to leverage a vulnerability in Acer’s Microsoft exchange server to compromise Acer’s security systems. REvil got hold of sensitive data and information, some of which was also uploaded on a website as proof by the attackers.

Related: Acer Has Been Hit With a $50 Million Ransomware Attack

While Acer initially did not admit they were targeted by ransomware, REvil asked Acer to pay $50 million, which is one of the largest ransom amounts that have ever been demanded.

5. Kaseya

The Florida-based software company, Kaseya, is the latest victim of a large-scale ransomware attack. The infamous REvil group was again responsible for the attack, claiming to have encrypted over a million end-customers' systems.

The Chief Executive of the victim firm claims the attack compromised between 800 and 1500 businesses across the globe. Assessing the real impact of the attack is even more difficult as most of the victims are end customers.

REvil initially demanded $70 million, but Kaseya claims it “did not pay a ransom to obtain the decryptor.”

Staying Protected From Ransomware

The threat of ransomware attacks is larger than ever, and there are no signs of things slowing down anytime soon. As our dependency on online services continues to rise, we'll see a highly intensified and increasingly insecure cyberspace for businesses and private users.

Preventing ransomware sometimes involves basic practices like creating strong passwords and regularly updating your systems. Educating the workforce about ransomware and its harmful effects can also go a long way in preventing these attacks.