Top five largest cyber-attacks in the past year and lessons learnt

  /  ICS Security   /  Cybersecurity   /  Top five largest cyber-attacks in the past year and lessons learnt

Top five largest cyber-attacks in the past year and lessons learnt

Sponsored by RunSafe Security

Cyberattacks are becoming far too common, especially after the COVID-19 pandemic, as companies are changing how they’re doing business.

Large cyber-attacks on enterprises’ software, in particular, have already affected millions of users. Unfortunately, these will continue to impact more people unless organizations take proper precautions to prevent cybercriminals from exploiting vulnerabilities.

Microsoft Exchange Server Cyber Attack

Microsoft was victim to a large cyber-attack targeting zero-day vulnerabilities, which has been linked back to Hafnium, a state-sponsored threat group from China.

The bad actors used the vulnerabilities in Microsoft Exchange to install malware and access email accounts. The attacks began to appear as early as January of 2021. Although it is not connected to the SolarWinds attack, it has still affected more than 30,000 organizations in the US alone. The attack didn’t become global until February 26-27, 2021.

Microsoft released security updates to patch the vulnerabilities on March 2, 2021. However, Microsoft saw more attacks on March 5-8, 2021, which may have affected around 250,000 organizations. Additionally, the Microsoft Defender Antivirus was released on March 18, 2021, to mitigate Exchange vulnerabilities automatically.

More about Defending ICS and SCADA Systems from Cyber Attacks

Lessons learned from this large cyber attack:

The lesson from this attack again involves the importance of immunizing your software from both known and unknown vulnerabilities. Many of the most commonly targeted vulnerabilities go after memory weaknesses in code. If we can render inert in one fell swoop all exploits that target memory vulnerabilities, we can elevate everybody’s security posture.

See other tips on how to protect your network from malware attacks.

Let’s look at the other four largest cyberattacks in the past year to learn what could have been done to prevent or reduce the time spent resolving the issues.