High-profile ransomware attacks that occurred in Singapore and overseas

In 2021, 137 firms in Singapore fell prey to such malicious software. PHOTO: REUTERS

SINGAPORE - Ransomware attacks are expected to climb amid rapid digitalisation worldwide.

In 2021, 137 firms in Singapore fell prey to such malicious software, with hackers locking up digital systems until a ransom is paid.

The Cyber Security Agency of Singapore said the number of attacks were up 54 per cent here from 2020 to 2021. It has urged companies to invest in defensive strategies and recommends that victims not pay the ransom, as this will encourage attackers to continue and target more victims.

Here are three recent significant ransomware attacks:

Singtel (2021)

The personal data of about 129,000 Singtel customers were stolen by hackers in January 2021 during a breach of a third-party file sharing system used by the telco.

Information such as names, addresses, phone numbers, identification numbers and dates of birth, in varying combinations, were put up for sale on the Dark Web. The hackers also stole the bank account details of 28 former Singtel employees, and credit card details of 45 employees of a corporate customer.

Hackers had exploited vulnerabilities in the United States-based tech firm Accellion’s file-sharing software, which is used by Singtel and many global companies.

Cyber criminals later posted a ransom note addressed to Accellion demanding US$250,000 (S$355,500) worth of Bitcoin. It is not clear if the ransom was paid.

Colonial Pipeline (2021)

A sign seen at an Exxon station after a cyber attack crippled the biggest fuel pipeline in the country, run by Colonial Pipeline, in Washington, on May 15, 2021. PHOTO: REUTERS

A ransomware attack on American oil pipeline supplier Colonial Pipeline in May 2021 crippled its computerised equipment controlling the network, leading to fuel shortages across the country’s east coast.

Within a few hours, the company paid the amount demanded by the hacker group - US$4.4 million - and received a digital tool to restore the system.

The hack affected oil and gas supply to about 50 million customers, resulting in fuel shortages and price hikes. It was the largest cyber attack on an oil infrastructure target in the history of the US.

Experts believe hackers found an employee’s personal password on the Dark Web and used it to hold the company to ransom.

JBS (2021)

The JBS meat placing plant in Plainwell, Michigan, on June 2, 2021. PHOTO: AFP

One of the world’s largest meat producers, JBS temporarily suspended operations at its processing plants in North America and Australia, after a ransomware attack in June 2021 shut down its IT network. 

The move threatened to disrupt global food supply chains and further inflate prices. The company later paid US$11 million to criminals to restore its data.

Join ST's Telegram channel and get the latest breaking news delivered to you.