The European Union has made plans for a new organisation to respond to cyber-attacks. The Joint Cyber Unit will allow quicker and more coordinated responses when a member country suffers an incident. The EU joins the UK and USA in creating dedicated cybersecurity teams this year, mostly in response to the escalating threat from ransomware. Many EU countries have dealt with the effects of ransomware in 2021, including attacks on police services and hospitals. In creating this team, the EU will attempt to avoid further assaults against critical infrastructure.
According to Lindy Cameron, the head of the UK’s National Cyber Security Centre, the threat of cyber-attacks is one of the gravest of the modern era. Cameron described cyber attacks as the “primary key threat” facing the UK. The threat is applicable to “citizens, businesses and critical national infrastructure” said Cameron, and a more cohesive national effort is needed to fight ransomware in particular. Ransomware has become hugely profitable for many criminal gangs, who target organisations knowing that they may pay huge ransoms in order to avoid service downtime, leaked sensitive data, or information loss.
The United States has managed to recover most of the ransom paid by the Colonial Pipeline Company. In May 2021, the eastern USA was left with fuel shortages as a major pipeline was knocked offline by a ransomware attack. The pipeline’s owner, The Colonial Pipeline Company, decided to pay the ransom in order to minimise service disruption. However, US security forces made a major breakthrough with the Colonial Pipeline ransom and managed to recover almost all of the fee, worth around $4.4 million at the time of payment. Ransomware victims usually receive instruction to pay using cryptocurrencies, especially Bitcoin, which are extremely difficult to trace or recover.
The Irish healthcare system was left relying on paper records in late May after a successful ransomware attack on their IT systems. Around 2,000 systems and 4,500 servers were disrupted, which left hospitals across the country with delays, missed appointments and some services unavailable. The Irish Taoiseach (prime minister) described the attack as “heinous” and is another world leader to identify modern cyber attacks as a major threat. Paul Reid, chief executive of the Health Service Executive, said that the attack caused 7,000 appointments per day to be cancelled, and that he expects the cost of returning to normal to be up to €100 million.
The world’s largest meat processor suffered a ransomware attack in early June. JBS, a Brazilian-based company which provides nearly 20% of all beef in the USA, shut down most of its operations after the attack was discovered. Against FBI advice, JBS paid a ransom of almost $11 million. As is usual, JBS paid the ransom using Bitcoin. According to The Guardian, the ransom was paid in an attempt to minimise the disruption to supplies, as seen with the Colonial Pipeline attack. Operations were offline for one day before the ransom was paid, and the fee demonstrates the potential rewards for criminal gangs in targeting large companies.
A single customer managed to bring down some of the world’s most visited websites on June 8th. Services such as Amazon, Reddit, Gov.uk and Twitch were knocked offline for just under one hour, according to Data Center Dynamics. Although a cyber attack was discussed online during the outage, it quickly became known that the fault lied with Fastly, a major content delivery network. After all services were resumed, Fastly announced that a previously unknown software bug had caused the outage, and that the bug was triggered by a single customer making a very specific account configuration change which caused errors in throughout the Fastly network.
