1. Ransomware Attack on German Hospital Causes Death
When: September Where: Germany Düsseldorf University Hospital was hit with a ransomware attack on the 9th of September. The hospital computer system became inoperable and some patients had to be transported to other hospitals for their procedures. Sadly, one female patient didn’t survive the journey to the nearest hospital 30 kilometers away. It appeared that the hacker actually wanted to attack another university and not the hospital, since the decryption key was handed over to the hospital without a mention of a ransom. But by then it was already too late for the deceased patient. Hospitals have been the target of ransomware attacks before, but this was the first time that the loss of a life can be linked directly to the cyber-attack. Usually hackers will ask for a ransom fee in these situations. To prevent the loss of life many health organizations will pay up. Even amid a global pandemic hackers are willing to attack hospitals with total disregard for the potential loss of lives. The German hospital was by no means the only healthcare facility that was attacked by hackers this year.
2. Finnish Mental Health Organization Hacked
When: October Where: Finland In Finland hackers broke into the records of mental health organization Vastaamo with centers across the country. Hackers got their hands on very personal and private information about patients of the Finnish facility. They emailed many of the patients and threatened to make their information public if they didn’t pay up. The hackers asked for €200 worth of Bitcoin in their ransom emails. After an investigation it appeared that the data had actually been stolen 2 years prior and had found its way to the dark web. This incident is painful as it targeted an already vulnerable group of people. When you seek mental health support the last thing you want is for your issues to be made known to the whole world. It is no wonder that there was an overwhelming amount of calls to support numbers, with destressed victims phoning in for help.
3. Twitter Bitcoin Phisher Promises to Double Your Money
When : July Where: Worldwide On July 15th several high profile twitter accounts tweeted out a scam. Everyone from Elon Musk, Bill Gates, Jeff Bezos to Kanye West tweeted out an especially generous offer. The tweets told people to send Bitcoin to a cryptocurrency wallet and get double the amount of Bitcoin sent back to them. The tweets also pressured people into acting quickly by saying the offer was only good for 30 minutes. This is a classic method in phishing scams to make sure people do not get to time to stop and think about what they are doing. $110,000 US dollars’ worth of Bitcoin had been deposited into the scammer’s wallet before Twitter was able to shut their operation down. Eventually three people were arrested, but the fact remains that they were able to gain access to these twitter accounts. They targeted Twitter employees and through social engineering got the access they needed to pull off this scam. With the enormous reach of at least 130 popular accounts, it is no wonder that they were able to amass this amount of money. For those who fell victim to the attack it was a ruthless lesson that nothing in this world is every really free. This wasn’t the first time twitter accounts were hacked, nor will it be the last. This year, for example, also saw how a Dutch hacker gained access to the Twitter account of president Trump serveral times. These hacks are a reminder that we should always keep our wits about us when we are using social media. To prevent someone from hacking your social media accounts, make sure to create strong passwords and, if possible, use two-factor-authentication.
4. EMA Corona Vaccine Documents Hacked
When: December Where: Europe In December the European Medicines Agency (EMA) was hit by a cyber-attack. The hack was discovered when an employee logged into the system at unusual moments of the day. It appeared that the hackers were using that account to gain access to certain documents. The company BioNTech, that works together with Pfizer on a corona vaccine, was told by the EMA that unauthorized individuals had gained access to their documentation. The EMA states that the attack didn’t impact their work and that they are launching an investigation into the hack. It is unclear who was behind the hack, although sources do suggest that it was a foreign intelligence service. As the whole world is desperately looking to get corona under control, a hack like this might not be very surprising. This time it doesn’t appear to have direct consequences but it is terrible to think what happens if a hacker is able to slow down the process of vaccination for the whole of Europe.
5. Attack on US Governments Through SolarWinds Hack
When: December Where: US In the last month of the year a large hack was discovered in the SolarWinds’s Orion software. Hackers inserted a trojan into updates of the software. Via this route they got into networks for the US federal government, state governments and local governments. It seems different specific departments within US government where targeted by the hackers. Both the Department of Energy and the Commerce Department have acknowledged the hack. Although it is not clear what, if any, information was taken. The hack also hit many private companies some of which are Microsoft, FireEye, Cisco, and Intel. And the breach does not stop there because some of their customers were also at risk. Even if the hack doesn’t result in any direct casualties, it does show how vulnerable the infrastructures of the US government and large private companies are. It seems that Russian hackers were most likely behind the attack. The consequences of a foreign government gaining access to US government online infrastructure are immense.
What do These Attacks tell us?
One thing these cases show us is that cyber-attacks are only getting more ruthless. The fact that hackers are willing to risk lives by shutting down hospital systems is telling. Not just multibillion dollar companies are being targeted but also the most vulnerable people are forced into paying hackers to gain control over their own private information again. In these times when many are struggling, we sadly cannot expect cybercriminals to be mild. The chaotic state of the world is the perfect playing field for those looking to make money through scams. We are all living our lives online more than we ever have. We can speculate on the type of attacks we’ll see in 2021. What we know for sure is that it’s about time that we protect ourselves online as we would in real life.