The U.S. government has become more proactive in attempting to curtail ransomware, launching a program in July that offered rewards of up to $10 million for information on state-sponsored hackers participating in malicious activities against critical infrastructure. The U.S. government also launched a central hub that consolidates ransomware resources from all federal agencies, according to Emsisoft.
Still, 2021 saw a ransomware group issue the largest publicly known ransom demand to date following a monumental ransomware attack that impacted as many as 1,500 businesses. The groups behind two of the year’s most prolific ransomware attacks lied low or disappeared when the U.S. government was hot on their coattails, but resurfaced a few months later, operating in one case under a different name.
Victims of the 10 biggest cyber and ransomware attacks of 2021 were hit with ransom demands totaling nearly $320 million, and reportedly paid the ransom in at least four cases. Four of the largest ransomware victims are in the technology space, while the remaining span verticals from financial services, healthcare, and automobile manufacturing to food production, oil and gas, and chemical.
Four of the biggest ransomware attacks were carried out by REvil, two were executed by Darkside, while Conti, DoppelPaymer, LockBit, and Phoenix were responsible for one massive attack each. Three of the victims are based in the United States, two are in Ireland, two are in Taiwan, with one victim in Brazil, Germany, and South Korea, respectively. Here’s how the top ransomware attacks of 2021 played out.