Internet security threats spread in different ways across almost all devices around the world, and still pose major risks to companies' financial and operational sectors. According to Biden, the president of the United States, cyber attacks could provoke 'real war' , after seeing the news about internet security in the first half of this year.
Numbers, statistics and news related to leaked data on the internet give us the dimension of the challenge of dealing with internet security. The first half of 2021 revealed alarming data and, compared to previous years, reached records in both attacks and financial losses for companies that were victims of these crimes.
This article aims to show the main data and statistics about cyber attacks in the first half of 2021, and also to remember the most iconic and famous attacks of this period, in order to raise awareness among managers and IT professionals responsible for internet security. companies.
Cyber attack statistics
The first half of this year was marked around the world as the year of cyber attacks. According to a report , the growth compared to previous years was more than 95%.
More than 120 million cyberattack detections were recorded in the first 6 months alone. According to the report, more than 4.6 billion pieces of data were leaked onto the internet during this period and the forecast is that by the end of the year the number of leaked credentials will exceed 10 billion.
In addition to leaked data, cyber espionage has been widely debated. According to an investigation carried out by 17 organizations, it was found that some spyware applications were spying on journalists, politicians, lawyers and human rights activists. The application would initially be used to spy on criminals, but some leaked data showed a list of more than 50,000 phone numbers.
In Brazil, the statistics are even more worrying. From January to June, Brazil suffered more than 3.2 billion attempted cyber attacks . The country leads the ranking in Latin America, with almost half of the 7 billion attempts in the period.
Home office loopholes are still being exploited by cybercriminals with less protected home networks. According to security report , there has been a 29% increase in cyber attacks against organizations across various sectors.
The numbers reflect the global trend towards the adoption of remote and hybrid work models, mainly in underdeveloped countries where there is less concern about internet security, such as Brazil.
To better understand the importance of the topic, see the video below for some characteristics about the main cyber attacks:
In the next few lines, you will see some of the most “important” cyber attacks and data leaks that occurred in the first half of 2021.
Major internet security breaches in the first half of 2021
The first half of 2021 reflected the importance of adopting good internet security systems and practices, especially for companies, noting all the major data leaks and security breaches well exploited by digital criminals.
Below, you will see the main and most impactful data leaks from the first half of the year and some relevant information about each case.
You can receive all this news and tips about internet security weekly in your email through our Internet Safety Week .
Leaked data from 214 million Facebook, Instagram and Linkedin users
A Chinese company known as Socialarks exposed data from approximately 214 million Facebook, Instagram and LinkedIn users, including public and private information. The revelation comes from the research laboratory at SafetyDetectives, an international collective dedicated to identifying and mitigating this type of incident. According to experts, the unprotected environment was an Elasticsearch server, a platform used to index and speed up searches within large volumes of data.
Data leak of almost the entire Brazilian population
Researchers at dfndr lab, PSafe's security laboratory, identified a massive data leak this Tuesday morning (19). Although the experts did not disclose details about the exposure, they guarantee that the CPF numbers of more than 220 million citizens were exposed — that is, practically the entire population of Brazil, including “major Brazilian authorities”. Furthermore, a few days later, it was discovered that in addition to the CPF, photos and salaries were also part of the leak.
Hacker invades Ministry of Health network and warns that “website is rubbish”
The Ministry of Health had its network invaded by a hacker on January 28th. The attack, however, did not aim to leak data or cause damage to the platform – the attacker only issued a warning regarding the vulnerability: “This site is rubbish!”. The hacker's message was displayed in capital letters on FormSUS, a DataSUS form creation service that collects data from patients cared for by the public network.
New mega data leak of 102 million cell phone numbers
After finding more than 223 million Brazilian CPFs on the deepweb, the cybersecurity company PSafe announced on February 10th the discovery of yet another mega leak. The new security breach exposed more than 102 million cell phone numbers, including those of personalities such as journalists William Bonner and Fátima Bernardes, as well as an alleged personal phone number for President Jair Bolsonaro.
Portal PoupaTempo has leaked data from 223 million Brazilians
Solution implemented in 1997 to facilitate citizen access to information and public services. The program brings together bodies and companies providing public services in a single location.
According to DefCon Lab, a research company on vulnerabilities, threats and cyber risks, a vulnerability in PoupaTempo's databases would have allowed attackers to gain access to data from 223 million Brazilians.
The leaked data includes: name, CPF, cell phone number, date of birth and address.
Computer giant Acer hit by $50 million ransomware attack
Computer giant Acer was hit by a ransomware attack, in which the threat actors demanded the largest known ransom to date of the incident, $50 million.
Acer is a Taiwanese electronics and computer manufacturer well known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and had revenues of US$7.8 billion in 2019.
Descomplica leak exposes data from 4.8 million accounts
Leaked data from Descomplica users was freely distributed on the internet.
Among the compromised information are email addresses and partial numbers of 1.4 million credit cards. The data came from a leak that occurred after an attack on March 14, 2021. At the time, Descomplica reported the incident to its help center. The occasion, according to the company, “impacted different data, for different segments of students”, such as ENEM, undergraduate, postgraduate, free courses, among others.
Largest internet password leak exposed more than 68,000 Brazilian government credentials
Researchers at Syhunt, a developer of information security solutions, based in Rio de Janeiro, analyzed a compilation of leaks that they consider to be the largest password leak in the history of the internet, with 3.28 billion passwords, linked to 2.18 billions of emails from representatives of governments, judiciaries, private companies and end users from around the world, exposed on a cybercriminal forum, free of charge.
Florida hospital chain returns to pen and paper after cyberattack
UF Health Central Florida suffered a reported ransomware attack that forced two hospitals to shut down parts of their IT structure.
University of Florida Health, also known as UF Health, is a network of hospitals and medical offices providing care to countries throughout Florida.
Both hospitals continued to see patients and provide health care, however, forcing employees to use pen and paper.
JBS, the largest meat processor in the world, has operations paralyzed by cyber attack
The largest meat processor in the world, JBS was paralyzed for a weekend by a major cyber attack on its global information technology systems.
The company took immediate action, suspending all affected systems, notifying authorities, and activating the company's global network of IT professionals and third-party experts to resolve the situation. The company's backup servers were not affected and its offline time lasted just two days.
How to protect your company?
Prevention is the key word. It may be considered a cliché, but without prevention, your company can fall into the statistics and news mentioned above.
Protecting company data on the internet is important and directly interferes with the financial and operational sector if it does not receive the necessary attention. With the arrival of the LGPD, “salty” fines can be added to the costs in cases of data leaks.
To avoid this, there are several tools, training and precautions that can be used in companies, especially small and medium-sized ones. In some articles and materials here on our blog, we list some tools and precautions such as:
- Use antivirus on all devices
- Keep software up to date
- Secure your Wi-Fi network
- Establish a policy for the use of technology resources
- Offer training to employees
- Back up all relevant business data
- Limit physical access to computers
- Protect information from financial systems
- Be strict when setting passwords
- Block access to harmful websites and control the company's internet
- Beware of unauthorized software installations
You can see more about each tip, as well as some useful tools, in the Internet Security for Business Guide . The material is available for download for free and you can send it to your colleagues and friends.
I hope this text can help you understand the importance of keeping your company's data protected.
Until later!