Most Common Cyberattacks

You have likely encountered a cyberattack at some point in your computer use history. Most computer users receive messages about compromised passwords and emails from fraudulent accounts. The number of cyberattacks in 2021 highlights an upward trend, which experts do not expect to go away anytime soon.

Cyberattacks have risen steadily since 1988, when the first known cyberworm attacked computer systems. Due partly to the rise in remote workers, security breaches increased in 2020 and continued to rise throughout 2021.

The FBI reports that internet crime complaints increased by more than 7% from 2020-2021. In total, the American public reported over 847,000 complaints to the Internet Crime Complaint Center in 2021, associated with the loss of $6.9 billion. Phishing, vishing, and other similar attacks accounted for 324,000 complaints.

A majority of business leaders recognize an increase in company cybersecurity risks. With easier access to company files and networks through home internet services, security breaches expanded in 2020.

While cyberattacks overall continued to rise in 2021, a few types of incidents are slowly decreasing. For example, malware attacks and malicious email files saw a slight downward trend since a peak in 2018.

Some of the most common cyberattacks in 2021 made headline news. The frequency of ransomware attacks rose by 105% globally in 2021, making them the most common type of cyberattack on record.

Based on the past decade's trends, we can expect an increase in cyberattacks in 2022 and beyond. Following U.S. sanctions in light of the Russia-Ukraine war, The White House released a March 2022 statement and fact sheet warning private sector businesses of potential Russian retaliation in the form of cyberattacks.

We go into more detail below about what a cyberattack is and how to increase your cybersecurity. We also investigate the top cyberattacks of 2021 and share what we can learn from them.

What Is a Cyberattack?

Cyberattacks target computer systems and frameworks. These attacks work to disable, steal, or alter data and information. Cell phones, personal computers, company laptops, and internal corporate networks all risk cyberattacks.

Some of the most common cyberattacks include:

• Malware attacks: Malicious software such as ransomware, viruses, and spyware are downloaded onto a user's computer system, typically through a fraudulent link.
• Phishing scams: Seemingly trustworthy emails or websites entice users into clicking a dangerous link that installs malware on their devices. Similar attacks include vishing and smishing, in which hackers use fraudulent phone calls, voicemails, and text messages to obtain victims' personal information.
• Spear phishing scams: These sophisticated phishing attacks target companies and organizations, typically executives.
• Denial of service attacks: High traffic flooding shuts down websites, servers, and network systems.
• Password attacks: An attempt to breach password protections by cracking or guessing passwords using software.
• SQL injections: Deceptive website programming code that grants access to network databases.

Cyberattacks wreak havoc on computer systems and threaten data in affected networks. Attacks provide hackers and other cybercriminals access to confidential information, internal computer networks, and programming code.

In addition to disclosing personal information and threatening company data, some cyberattacks can even threaten national security. Ransomware affects the United States more than any other country, hitting government agencies the hardest.

What Do the Biggest Cybersecurity Threats Have in Common?

Some of the most common cyberattacks include malware and ransomware, phishing and spear phishing, and password attacks. These cybersecurity threats allow hackers to access personal and organizational information that can be sold, destroyed, or ransomed.

Cybersecurity experts agree that we can prevent most cyberattacks from occurring. Human error is the most common factor among cybersecurity threats worldwide. Weak passwords, public wifi, and outdated software contribute to cyberattacks on personal and professional computers.

Clicking on fraudulent links and providing personal or login information gives cyberattackers a way to invade networks. Cyberattacks cause disruptions to business operations and personal activities.

In recent years, cybersecurity threats worked to capitalize on the COVID-19 pandemic. Attackers used pandemic-related content to persuade individuals to click fraudulent links or send confidential information to illegitimate companies.

Combat Cybersecurity Threats as a Career

Top 10 Cybersecurity Threats

Ransomware topped the list of cybersecurity threats in 2021, responsible for hundreds of attacks across the globe. Businesses attacked by ransomware lose access to company data. Regaining access to this information poses a challenge and often includes paying large sums of money.

Thousands of cybersecurity threats occur each year. The most notable cybersecurity threats of 2021 included malware attacks, ransomware heists, and data breaches. The incidents listed below impacted large populations and significantly altered our understanding of cybersecurity threats.

Healthcare Cyberattacks

The healthcare industry stores confidential information for millions of people around the world. Cyberattacks within the healthcare industry highlight an increase in ransomware targeting.

According to the U.S. Department of Health and Human Services' 2021 trends report, 34% of healthcare organizations encountered a ransomware attack. Less than half of these incidents resulted in encrypted data restoration.

The majority of ransomware attacks within the global healthcare industry occur in the United States. Data leaks from these attacks occur in over 70% of incidents, making patient information particularly vulnerable.

Cyberattacks on healthcare providers continue to rise, with more than 38 million patients affected in 2021. This trend shows no signs of slowing. In the first three months of 2022 alone, over 7 million patients had their health information exposed by cyberattacks.

Colonial Pipeline Ransomware Attack

This ransomware attack launched in May 2021 and caused Colonial Pipeline servers and fuel lines to shut down temporarily. The cyberattack resulted in a $4.4 million ransom payment within hours of the data breach.

Hackers logged into the Colonial Pipeline network through an employee password leak and stole over 100 gigabytes of data. The stolen information included personal information from 5,800 individuals.

Colonial Pipeline shut down its gasoline services once employees discovered the cyberattack, causing gas shortages for customers in the eastern United States. Once the company secured its network, service restarted.

Microsoft Exchange Email Hack

A malware attack on the global email and calendar service Microsoft Exchange affected over 30,000 companies with malware and stole data from targeted researchers, schools, and government agencies. The malware attack gave hackers long term Microsoft network access.

The vulnerable, customer-controlled email network requires stronger cybersecurity methods to prevent future cyberattacks. Cloud services may provide the necessary security measures for email platforms.

The company suffered similar attacks years prior when hackers shared stolen data on the dark web. The occurrence of future, similar attacks seems likely. However, Microsoft hopes to prevent future attacks of this kind through security patches and regular software updates.

Facebook Data Leak

In April 2021, stolen Facebook user information showed up online after a hacker scraped the data from an old platform feature. Hackers exposed personal information from over 530 million accounts around the globe.

Facebook notified users of the hack in hopes that individuals could then protect themselves against phishing or other cyberattacks likely to stem from the leak. Hackers use personal data to steal identities and launch future cyberattacks.

T-Mobile Data Breach

An August cyberattack on T-Mobile servers allowed hackers to access the personal data of over 47 million former, current, and prospective customers. Obtaining personal data gives cyberattackers information that can launch other fraudulent efforts, such as identity theft and SIM swapping.

SIM swapping provides cell phone access to a hacker. Once a hacker has access to your cell phone, they can use your phone number and any connected information to log into other accounts.

Poly Network's Cryptocurrency Heist

Poly Network, a blockchain financial organization, lost $600 million worth of bitcoin to a cyberattack on their network. Considered one of the biggest cryptocurrency attacks, the ransomware heist highlighted the company's system vulnerability.

The hacker later returned most of the bitcoin currency to Poly Network. Despite getting back most of the cryptocurrency, this cyberattack showcases the evolving capabilities of hackers.

Kaseya Ransomware Attack

The ransomware attack on the information technology company Kaseya affected hundreds of companies. The hackers stole and encrypted data, requiring a $70 million ransom payment for its return.

The United States government worked with Kaseya to contact affected businesses and individuals about the data breach. Kaseya helps small businesses secure their data and technology, showcasing a larger problem within the tech industry.

Cyberattacks on companies working to limit cyberattacks highlight the lack of safety and protection from cybersecurity threats. Kaseya opted to use a decrypting tool to get back the compromised data.

JBS Ransomware Attack

An international food distribution company, JBS Foods, was hit by a ransomware attack in May 2021 that forced the shutdown of all its United States operating plants. Additional closures and facility disruptions occurred around the globe.

The top U.S. meat distributor shutdown caused shortages in grocery stores and may impact the costs of JBS meat products. The company temporarily suspended its computer system while cybersecurity workers assessed network threats.

JBS paid an $11 million ransom to ensure data safety. The attack highlights the impact of cybersecurity threats on supply chain distribution.

Cyberattack Cover Up Attempt

Accenture, an innovative technology company, suffered a ransomware attack midway through 2021. The attack compromised six terabytes worth of data. The hackers requested a $50 million ransom payment to return the stolen data.

The company reported on the uptick of cyberattacks before admitting to the ransomware attack on its network. Accenture attempted to hide the cyberattack and its effects before hackers released stolen data online.

The attempted cover up of the attack and minimization of the cyberthreat exposes new concerns about company requirements to disclose cybersecurity information to its customers.

Florida's Water Supply Hacked

In February 2021, a water treatment plant in Florida acknowledged a cybersecurity threat. A hacker gained access to software that controlled water treatment plants across the state. An attack on water systems can affect large populations.

When used in small doses, sodium hydroxide helps to clean our water. Hackers elevated the levels to nearly 100 times the norm. Hackers gained access to the water system through remote worker's software, highlighting the need to ensure cybersecurity measures for all company employees.

How to Protect Yourself From the Top Cybersecurity Threats

In the United States, many people admit they do not know how to protect themselves from cyberattacks or how to manage an identity theft situation. The number of data breaches that included personal information nearly doubled from 2019-2020.

Ensuring your cybersecurity requires regular attention. Do as much as you can as frequently as possible to protect yourself.

• Update your computer software. Organizations regularly update their software to reinforce cybersecurity weaknesses and prevent cybersecurity threats.
• Use varied passwords. Ideally, each of your login accounts uses a unique password. Limit the ease of hacking into your network by varying your passwords. Password managers can help you keep track but pose their own hacking risk.
• Triple-check links and downloads. Ensure the legitimacy of every link and downloadable file before you click, even those sent from recognizable email addresses. Some even say you should never click on anything from an email or text message. Instead, you should go directly to the source.
• Set up a spam filter. Email filters can sift out potentially fraudulent emails from your inbox, reducing the number of threats. Reduce the possibility of clicking on malicious links with fewer threats in your inbox.
• Back up your data. If a cyberattack deletes your data, a back up can prevent a total loss of valuable information. Back up options include external hard drives and cloud storage.
• Install antivirus software. Programs can detect and protect against malware and other cybersecurity threats on your computer. Remember to update your antivirus software regularly.

While these practices help protect you from cyberattacks, they do not eliminate cybersecurity threats completely. Protecting yourself from cybersecurity threats is an ongoing and evolving process.

Common Questions About Cyberattacks

Is cyberhacking on the rise?

Cyberattacks, including hacking, increase every year. The FBI's Internet Crime Complaint Center received more than 847,000 complaints in 2021, an increase of more than 7% from 2020. Phishing, vishing, and smishing scams were the most commonly reported complaint.

How do you prevent cybersecurity issues?

Businesses can prevent cybersecurity issues by encrypting data, educating employees, and creating a security-focused culture at work. Individuals can prevent cybersecurity issues by backing up their data, using strong passwords, and proactively identifying scams.

Who are the most common targets of cyberattacks?

Hackers and other cybercriminals frequently target individuals, businesses, nonprofit organizations, and government agencies to seek monetary gain or steal valuable, private information.

Should everyone worry about online security threats?

Cyberattacks can affect anyone, so it's best to be proactive and prepared. Protect yourself from threats by purchasing antivirus software, regularly backing up your data, and using strong passwords.