As we stride into the new year, it would be remiss not to turn back and assess the previous 12 months. Cyber security in 2021 was once again a ‘hot ticket item’, with numerous high-profile security incidents and developments. Today we ask Patrick Carolan to take a look at some of those with us in an end-of-year review.


At the start of the year Patrick and the team were impressed when US President Joe Biden sought advice from past national security experts in the aftermath of the SolarWinds hack. In January we referenced this article from IT News, which looked at Biden’s move to refocus attention on cyber security. Patrick was certainly impressed, insisting that Donald Trump’s “… demotion of cyber security… was… a mis-step.”


May 2021 saw a series of cyber-attacks against targets in travel and healthcare. Air India was a high-profile victim of a data breach, with as many as 4.5 million customers affected around the world. Our news round-up that month also featured this article from the BBC on a cyber-attack against Irish health service computer systems. Being Irish himself, Patrick took particular umbrage at the incident. “This was the possibly the biggest cyber-attack against the Irish state. The NCSC reported a ransomware attack which then led to the health service shutting down its IT systems. As a result, many hospitals were severely disrupted. It is another demonstration of the importance of having a solid IT security strategy in place.”


Another BBC News story caught our eye in July 2021. It looked at the vulnerabilities associated with remote working, something so many of us now engage in frequently. Patrick Carolan is one of many cyber security experts who firmly believes that ransomware incidents will continue to multiply, along with other forms of attack. He strongly urges remote and home workers to stop using personal email addresses when working. “So many people were using personal accounts for work when the pandemic began. A lot of them still are and with no discernible IT figure in view, they are adopting other poor security practices. Every organisation must protect data at all costs.”


In October, this story on Cyware Social about YouTube creators being targeted by phishing attempts caught our collective attention. For years hackers have tried to trick them into joining fake collaborations, something that did not surprise the team at CRIBB – as Patrick points out here. “Social engineering is fertile ground for cyber-criminals. Social media platforms therefore provide huge opportunities for them. Anyone using YouTube, Facebook etc. Should aim to be as discreet with their personal information as possible.”

Cyber security in 2021 was dominant in most tech news updates and will continue to be so in 2022. Those who have never paid much attention to IT Security need to change that – and fast. Now, on a lighter note… Happy new year everyone and all the best for 2022!