Internet security threats spread in different forms across almost every device worldwide, and still pose significant risks to companies' financial and operational sectors. According to US President Biden, cyberattacks could trigger a "real war ," after seeing the news about internet security in the first half of this year.
Numbers, statistics, and news related to leaked data on the internet give us a sense of the challenge of dealing with internet security. The first half of 2021 revealed alarming data and, compared to previous years, reached record levels in both attacks and financial losses for companies that were victims of these crimes.
This article aims to show the main data and statistics on cyberattacks in the first half of 2021, and also to remember the most iconic and famous attacks of this period, in order to raise awareness among managers and IT professionals responsible for the internet security of companies.
Cyber attack statistics
The first half of this year was marked worldwide as the year of cyberattacks. According to a report , the increase compared to previous years was over 95%.
More than 120 million cyberattack detections were recorded in the first six months alone. According to the report, more than 4.6 billion pieces of data were leaked online during this period, and the number of leaked credentials is expected to surpass 10 billion by the end of the year.
In addition to leaked data, cyberespionage has been the subject of much debate. According to an investigation conducted by 17 organizations, some spyware applications were spying on journalists, politicians, lawyers, and human rights activists. The application was initially intended to spy on criminals, but leaked data revealed a list of over 50,000 phone numbers.
In Brazil, the statistics are even more worrying. From January to June, Brazil suffered more than 3.2 billion attempted cyberattacks . The country leads the Latin American rankings
Home office breaches are still being exploited by cybercriminals with less secure home networks. According to a security report , there has been a 29% increase in cyberattacks against organizations across various sectors.
The numbers reflect the global trend of adopting remote and hybrid work models, especially in underdeveloped countries where concern about internet security is lower, such as Brazil.
To better understand the importance of this topic, watch the video below for some characteristics of the main cyber attacks:
In the following lines, you will see some of the most "important" cyberattacks and data leaks that occurred in the first half of 2021.
Major Internet Security Breaches in the First Half of 2021
The first half of 2021 highlighted the importance of adopting good internet security systems and practices, especially for companies, as a result of all the major data leaks and security breaches exploited by cybercriminals.
Below, you'll see the main and most impactful data breaches of the first half of the year and some relevant information about each case.
You can receive all this news and tips about internet security weekly in your email through our Internet Security Week .
Data leaked from 214 million Facebook, Instagram and LinkedIn users
A Chinese company known as Socialarks exposed data from approximately 214 million Facebook, Instagram, and LinkedIn users, including both public and private information. The revelation comes from the research lab at SafetyDetectives, an international collective dedicated to identifying and mitigating this type of incident. According to the experts, the unprotected environment was an Elasticsearch server, a platform used to index and streamline searches within large volumes of data.
Data leak of almost the entire Brazilian population
Researchers at dfndr lab, PSafe's security lab, identified a massive data leak on Tuesday morning (19). Although the experts did not disclose details about the exposure, they assure that the CPF numbers of more than 220 million citizens were exposed — that is, practically the entire population of Brazil, including "major Brazilian authorities." Furthermore, a few days later, it was discovered that in addition to CPF numbers, photos and salaries were also part of the leak.
Hacker breaks into Ministry of Health network and warns that "the site is garbage"
The Ministry of Health's network was compromised by a hacker on January 28th. The attack, however, wasn't intended to leak data or cause damage to the platform—the attacker simply issued a warning regarding the vulnerability: "This site is garbage!" The hacker's message was displayed in capital letters on FormSUS, DataSUS's form creation service that collects data from patients admitted to the public health system.
New mega data leak of 102 million cell phone numbers
After finding more than 223 million Brazilian CPF numbers on the deep web, cybersecurity firm PSafe announced on February 10th the discovery of yet another major breach. The new security breach exposed more than 102 million cell phone numbers, including those of celebrities such as journalists William Bonner and Fátima Bernardes, as well as a supposed personal phone number of President Jair Bolsonaro.
PoupaTempo Portal has leaked data from 223 million Brazilians
A solution implemented in 1997 to facilitate citizen access to public information and services. The program brings together public service providers and agencies in a single location.
According to DefCon Lab, a research firm specializing in cyber vulnerabilities, threats, and risks, a vulnerability in PoupaTempo's databases may have allowed attackers to access data from 223 million Brazilians.
Among the leaked data are: name, CPF, cell phone number, date of birth and address.
Computer giant Acer hit by $50 million ransomware attack
Computer giant Acer was hit by a ransomware attack, in which threat actors demanded the largest known ransom to date, $50 million.
Acer is a Taiwanese electronics and computer manufacturer known for laptops, desktops, and monitors. Acer employs approximately 7,000 people and had revenue of $7.8 billion in 2019.
Descomplica leak exposes data from 4.8 million accounts
Leaked data from Descomplica users was distributed for free on the internet.
Among the compromised information were email addresses and partial numbers for 1.4 million credit cards. The data came from a leak that occurred after an attack on March 14, 2021. At the time, Descomplica reported the incident to its help center. According to the company, the incident "impacted different data for different student segments," such as ENEM (National High School Exam), undergraduate and graduate programs, and non-formal courses, among others.
The largest password leak on the internet exposed more than 68,000 Brazilian government credentials.
Researchers at Syhunt, a Rio de Janeiro-based information security solutions developer, analyzed a compilation of leaks they consider to be the largest password leak in internet history, with 3.28 billion passwords linked to 2.18 billion emails from government representatives, judiciaries, private companies, and end users worldwide, exposed on a cybercriminal forum, free of charge.
Florida hospital network returns to pen and paper after cyberattack
UF Health Central Florida suffered a reported ransomware attack that forced two hospitals to shut down parts of their IT infrastructure.
University of Florida Health, also known as UF Health, is a network of hospitals and medical practices serving countries throughout Florida.
Both hospitals continued to see patients and provide health care, but forcing staff to use pen and paper.
JBS, the world's largest meat processor, has operations halted due to cyberattack
The world's largest meat processor, JBS, was paralyzed for a weekend by a major cyberattack on its global information technology systems.
The company took immediate action, suspending all affected systems, notifying authorities, and activating the company's global network of IT professionals and third-party specialists to resolve the situation. The company's backup servers were unaffected, and their downtime lasted only two days.
How to protect your company?
Prevention is key. It may be considered a cliché, but without prevention, your company could end up in the same statistics and news stories mentioned above.
Protecting company data online is crucial and directly impacts the financial and operational sectors if not properly addressed. With the advent of the LGPD, substantial fines could be added to the costs of data breaches.
To prevent this, there are several tools, training, and precautions that can be used in companies, especially small and medium-sized ones. In some articles and materials here on our blog, we list some tools and precautions, such as:
- Use antivirus on all devices
- Keep your software up to date
- Secure your Wi-Fi network
- Establish a policy for the use of technology resources
- Provide training for employees
- Have backup of all relevant business data
- Limit physical access to computers
- Protect financial systems information
- Be strict when defining passwords
- Block access to harmful websites and control the company's internet
- Beware of unauthorized software installations
You can learn more about each tip, as well as some useful tools, in the Internet Security Guide for Businesses . The material is available for free download and you can share it with your colleagues and friends.
I hope this text helps you understand the importance of keeping your company's data protected.
Until later!
