Global cyber security firm CrowdStrike on Tuesday released its 2021 Global Threat Report and eCrime Index, which highlights the intensity of the cyber-criminal market over time.
CrowdStrike chief executive George Kurtz said 2020 had been the most active year in recent memory in cyber security and described the “onslaught” of attacks as “unrelenting” and, for many, “overwhelming”.
CrowdStrike specifically identified actors in North Korea, Iran, Russia and China as countries pursuing objectives likely related to strategic national security and espionage priorities.
Ransomware continued to be a serious issue across the globe, with CrowdStrike recording 18 so-called “Big Game Hunter” ransomware groups attacking more than 100 healthcare organisations around the world.
“We anticipate state-sponsored actors to target the data being generated by Australia’s vaccine rollout in an effort to gain access to government intelligence and sensitive personal information,” CrowdStrike chief technology officer Michael Sentonas told the Financial Review.
“The government must work alongside the healthcare industry to protect vaccine supply chains through a comprehensive and identity-centric approach to security.”
The attack on Segafredo Zanetti was conducted by a group known as Darkside, which last year made headlines when it donated $US10,000 to two US charities, Children International and The Water Project.
The group published a press release on its darknet website saying “no matter how bad you think our work is, we are pleased to know that we helped change someone’s life”.
The charities rejected the gesture.
Darkside also says it refuses to act against a range of targets including charities, medical facilities and not-for-profit organisations.
Emsisoft threat analyst Brett Callow said people should not be suckered in to believing the criminal hacking group, which emerged in mid-2020 and was likely a breakaway from another group, had altruistic purposes.
“While the Darkside operators may be attempting to spin themselves as Robin Hood-like, the reality is that they’re garden variety criminals,” Mr Callow said.
“They likely attempt to present themselves as ‘honest’ criminals simply because it helps lower the barriers to companies paying. Put another way, a company may be more likely to pay a (supposedly) ethical hacking group than help fund a gang that puts lives at risk by attacking hospitals.”
The Australian Cyber Security Centre publicly advises companies never to pay a ransom as there is no guarantee cyber criminals will decrypt files once the ransom is paid, and there is a chance that files may not be recoverable.