Ransomware attacks continue to rise globally

There was a 105 per cent increase in ransomware attacks globally in 2021 from the previous year, according to a report. PHOTO: ST FILE

Public utilities and services are increasingly being targeted as ransomware attacks rise globally.

According to the 2022 SonicWall Cyber Threat Report, there was a 105 per cent increase in ransomware attacks globally in 2021 from the previous year.

There has been a trend of cyber criminals targeting food, water and fuel supplies apart from hospitals, municipalities and education institutes, the report said. 

Singapore has formed an inter-agency task force to help businesses and other enterprises tackle the ransomware threat. In announcing the task force’s formation on Wednesday, Senior Minister Teo Chee Hean said organisations with poor cyber-security practices are particularly vulnerable.

Here are some major ransomware attacks around the world:


A ransomware attack on a major IT provider to Britain’s publicly funded healthcare system, the National Health Service, led to reduced access to patient records, affected patient referrals, ambulance dispatch and appointment bookings. The attack was spotted on Aug 4, causing disruption for weeks. No group was identified.


Ireland’s state health services provider shut all its IT systems on May 14, 2021, and cancelled medical appointments following a ransomware attack that caused widespread disruption. Several hospitals cancelled outpatient visits or urged patients with appointments not to attend, reports said. Wizard Spider, a cyber group operating from Russia, was suspected to be behind the attacks.

United States

Cyber criminals on May 7, 2021, crippled the Colonial Pipeline, which carries petrol and jet fuel from Houston in Texas to the south-eastern United States, causing fuel shortages. It was the largest cyberattack on an oil infrastructure in the US. The US Justice Department a month later announced it had seized millions of dollars in cryptocurrency Colonial Pipeline paid to the cyber criminal group DarkSide.

Costa Rica

The Costa Rican government declared a national emergency on May 8 following a wave of ransomware attacks that started in April and targeted 30 government institutions, including the Ministry of Finance and the Ministry of Labour and Social Security. The Conti Group demanded a US$10 million (S$14.24 million) ransom to give back information stolen from the Ministry of Finance and another group Hive Ransomware Group sought US$5 million in Bitcoin to restore health services.


On May 25, India airline SpiceJet said its systems faced an “attempted ransomware attack”, leading to flight delays and passengers stranded for hours across airports. The airline said that the IT team was able to contain the situation.


The world’s second-largest automotive supplier and Toyota Motor Corp’s main supplier Denso Corporation said it detected on March 10, 2022, unauthorised access using ransomware on a company office in Germany. NHK reported that a cyber crime group called Pandora said it had more than 157,000 purchase orders, e-mails and sketches, or 1.4TB worth of data.


Government hospitals and companies in Thailand were hit by hackers who held their computer systems and data to ransom, demanding payment to restore information, Thai police said on Sept 8, 2021. Regional hospital Saraburi said its computer system had been attacked and at the time asked patients to bring their own medical reports.


French cyber insurance company AXA on May 16, 2021, said ransomware gang Avaddon had targeted its Asia offices. The group’s IT operations in Thailand, Malaysia, Hong Kong and the Philippines were impacted. Reuters reported that certain data processed in Thailand had been accessed. The Avaddon group said it had 3TB of data, including passport copies and customer claims.

Join ST's Telegram channel and get the latest breaking news delivered to you.