The biggest of them may have come to light towards the end of the year when cybersecurity company FireEye announced earlier this month that it was becoming a target for hackers who accessed tools the company uses to test the security of its customers.
While the extent and size of the attack are yet to be determined, it has now been found that this is not an ordinary cyberattack that only affects one organization.
According to a report in the Wall Street Journal, suspected Russian hackers installed malware in Orion software sold by IT management company SolarWinds and accessed sensitive data from several US government agencies, at least one hospital and one university.
At least 24 large companies, including technology giants such as Intel, Cisco, VMware and Nvidia, installed the malware-riddled software, according to the report.
“This attack is different from the tens of thousands of incidents we have responded to over the years,” said Kevin Mandia, FireEye CEO, in a statement.
Microsoft President Brad Smith said this latest cyber attack is actually an attack on the US and its government as well as other critical institutions, including security companies.
Earlier this year, Marriott International sparked shockwaves when the hotel chain announced that the personal information of nearly 5.2 million guests may have been accessed using the credentials of two franchise employees.
Twitter’s mid-year cryptocurrency hack was another major incident that highlighted the vulnerability of cyberspace. The social media platform revealed that it was a “coordinated social engineering attack” by people who successfully targeted some company employees with access to internal systems and tools.
In this attack, reports from public figures such as then-US presidential candidate Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Apple and Uber were simultaneously hacked by attackers in order to spread a cryptocurrency fraud.
This year, UK low-cost airline EasyJet announced that it had been the target of a “sophisticated cyber attack” that affected around nine million customers.
In August and September, the New Zealand Stock Exchange (NZX) was hit by several cyberattacks, which forced the exchange to even temporarily stop the delay.
Even the research and dissemination of Covid-19 vaccines caught the attention of cyber criminals.
Microsoft announced in November that it had discovered cyberattacks by nation-state actors on seven prominent companies directly involved in research into vaccines and treatments for Covid-19, including in India.
Destinations include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States. They are made by Strontium, an actor from Russia, and two bad actors from North Korea named Zinc and Cer.
In one of the biggest attacks in the Indian health sector, Dr. Reddys Laboratories launched a ransomware attack earlier this year.
There is no sign that these attacks will slow down in any way in the coming year, which only underscores the importance of strengthening cyberspace with new tools and guidelines.