Thought Leadership
What can we learn from 2021’s global cyber security events? by Raymund Taylan, Senior Security Advisor
Regardless of the amount of investment and effort spent on cyber security, anyone can experience or be targeted by a data breach. 2020 is the year everyone will remember for the global disruption caused by COVID-19. The pandemic brought unforeseen changes in the cyber world that accelerated digital transformations and in just a few months, brought about digital advancements that once could have been considered impossible for many organisations. COVID-19-related threats have persisted into 2021, and cyber threats actors continue to adapt attack techniques to exploit unprepared organisations who are still struggling to adopt digitalisation, support their remote workforce, and enable their business to grow. Now that we’re nearly at the end of 2021, let’s look at high-profile cyber security attacks and critical vulnerabilities that surfaced in the news and reflect on how we can build an ecosystem that enables trust and resilience in an organisation.
Supply chain attacks and critical vulnerabilities As 2021 began, the SolarWinds supply-chain attack and Accellion vulnerabilities came along with it, making the first month of the new year difficult for organisations who were directly, and indirectly, impacted by these attacks. In December 2020, the SolarWinds attack was initially discovered. This breach affected more than 18,000 organisations who received an automatic software update for SolarWinds Orion system. This update allowed the attackers to add a backdoor called “Sunburst,” enabling attackers to spy on the organisations’ assets both in the cloud and on-premises. 6
ZERO-DAY VULNERABILITIES RANSOMWARE
Accellion Breach
Microsoft Excha Server Data Brea DEC 2020
JAN 2021
FEB 2021
MA 20
SolarWinds Breach SUPPLY CHAIN ATTACK RANSOMWARE
SECON CYBER
