The first half of 2023 isn’t even close to over yet. But we’ve already seen enough cyber attacks that could fill pages till the end of the year. It’s true that cybersecurity capabilities and the technology to beat advanced criminals is evolving rapidly. But unfortunately, the sophistication and agility of hackers is improving at a faster rate.
In this blog, we are turning the spotlight on some of the biggest (in our opinion) cyber attacks, data breaches and ransomware attacks that made news in the first four months of 2023. These attacks, may or may not be, the 5 biggest ones of the year. But they're definitely amongst the ones you should know about.
Some experts suggest that Cyber Crime is the cause of the greatest transfer of wealth in the history of the world. Cybersecurity Ventures predicts that the cost of cyber attacks will reach an estimated $10.5 trillion annually by 2025.
It’s important to note here that the cost of cyber attacks refers to a cumulation of expenses. These include but are not limited to:
The primary reason for highlighting these attacks is to press upon the fact that there is an urgent need for a shift in corporate mindset. Cybersecurity can no longer be viewed as an after-thought. Long gone are the days when it figured last on the list of priority items. Management teams can no longer believe that they must first establish the business, enter new markets, conduct extensive PR activities and then worry about cybersecurity.
Getting your cybersecurity processes and procedures right from the very start is now critical. It must go hand-in-hand with every other important business activity if those activities have to be protected from disruption.
If you don’t have any cybersecurity artefacts or emergency cyber incident response plans in place, it’s not too late. You can hire specialists like our Virtual Cyber Assistants. They can work with you flexibly and remotely over the long term to help you build a sound cybersecurity maturity. You should at least have the basic, minimum assurance that if you were attacked tomorrow, you could potentially bounce back from it - with the least possible disruption.
Pro-Russian gang Killnet, however, took responsibility for the attack. They said they bombarded Lufthansa’s network with a three-million-requests-per-second DDoS attack. Supposedly, the attack was in retaliation for Germany’s support for Ukraine.
Following closely on the heels of the Lufthansa outage, websites of more airports in Germany went offline. These included the popular airports of Dusseldorf, Nuremberg, and Dortmund.
A hacker group that calls itself “Anonymous Russia” took responsibility for the cyber attacks on seven German airports.
As per some estimates, more than 2,300 flights were cancelled and all of Germany was cut off from international air traffic. Speaking of the intangible costs of cyber crime, one can only imagine what the stranded passengers, the airline crew and staff went through.
The infamous ALPHV ransomware group then took responsibility for the attack. They also posted samples of Sun Pharma’s data on their leak site, claiming they had over 17 TB of the pharma giant’s data.
While Sun Pharma initially denied the ransomware attack having any significant impact on their business or core operations, a filing to the stock exchange revealed that the attack did have an impact on the company’s business operations and revenue.
3. Royal Mail: This ransomware attack made a huge splash in the media and for good reason. It affected the daily life of several common people as well as small to medium businesses.
Royal Mail was hit by a ransomware attack in January 2023. The international shipping of parcels and letters came to a standstill. The attackers, LockBit ransomware, made a huge ransom demand which the organisation obviously refused to pay. But the attack did debilitate operations at the 500-year old organisation.
Read all about this major ransomware attack in 2023 in our detailed RoyalMail Attack Timeline.
In March, the loan giant announced that a cyber criminal stole an employee's login to breach two of the company's service providers holding customer data. Initially, Latitude Financial stated that data of 3,28,000 customers was compromised. It later said the affected customer number was actually a whopping 14 million and customers in both Australia and New Zealand were affected.
This information included names, full addresses, emails, dates of birth and even passport numbers. This is the largest known theft of data from an Australian financial organisation.
5. All India Institute of Medical Sciences: Another Indian name on the list but unfortunately this one severely impacted the delivery of healthcare services to the common man.
All India Institute of Medical Sciences or AIIMS New Delhi is one of the foremost and largest government healthcare institutions in the country. 5 of its servers were allegedly impacted by a recent ransomware attack. This apparently led to encryption of 1.3 TB of patient data and forced hospital operations to run manually.
If you are concerned about your ability to handle a cyber-attack or ransomware attack, reach out to us today. Our highly-experienced Cybersecurity Consultants can help you achieve your desired cybersecurity goals within a time-frame that suits your organisation.
In the meanwhile, here are some handy, printable resources created by our experts which you can start implementing in your organisation right away: