Stuxnet to DarkSide – Tracking the biggest cyber attacks in history

Twenty years ago, the internet was slowly progressing from energetic, theoretic use case that had overcome the initial ‘internet bubble burst’ towards the indispensable digital tool that permeates nearly every aspect of daily life. Alongside all the progression, has also risen the specter of devastating cyber attacks.

Despite growing numbers of cyberattacks and the impact on all those involved, a worrying number of businesses don’t have the knowledge or resources to help mitigate risk. According to PwC’s 2017 Global State of Information Security Survey, while breaches are more common, many organizations struggle to even comprehend and manage cyber risk. The annual survey noted 44% of respondents do not have an information security strategy, with 39% expecting “loss or compromise of sensitive data” as a consequence of a cyber attack.

From paralyzing the internet in Estonia to a US$4.4-million ransom being paid last week after the shutdown of a major US pipeline, TechHQ takes a look back at 15 years of the biggest cyber attacks in history.

 

Cyberwars begin

The Baltic nation of Estonia was the first state hit by a massive cyber attack in 2007, paralyzing key corporate and government web services for days. Estonia blamed Moscow, with which it was mired in a diplomatic conflict, but the Kremlin denied the charge.

 

First industrial target

A powerful computer virus called Stuxnet attacked Iran’s nuclear facilities in 2010 in an apparent bid to cripple the country’s atomic program. Stuxnet hit the functioning of Iranian nuclear sites, infecting several thousand computers and blocking centrifuges used for the enrichment of uranium.

Tehran accused Israel and the US of being behind the origin of the cyber attack, the first to target an entire industrial system.

 

Yahoo hacking

A 2013 hack that affected all three billion accounts at Yahoo is believed to be among the biggest cyber attacks in history. Some even believe it to be the single-biggest recorded hack ever.

Another attack on the web services provider, blamed on Russia, affected some 500 million accounts in 2014, with stolen data including usernames, email addresses and birthdates.

It was only revealed five years later and resulted in a fine of US$35 million.

 

Sony

Sony Pictures Entertainment became the target of a major cyber attack in 2014 linked to its North Korea-set satire “The Interview”.

Washington blamed Pyongyang for the hacking, a claim it denied – though it had strongly condemned the film, which features a fictional CIA plot to assassinate its leader Kim Jong Un.

 

Islamic State

A group declaring support for Islamic State jihadists hacked into the social media accounts of US Central Command (CENTCOM) in 2015, an embarrassing setback for Washington in its war against IS in Syria and Iraq.

Two months after the attack a group calling itself the “Islamic State Hacking Division” published what they said were the names and addresses of 100 military personnel and urged supporters to kill them.

 

US vote meddling

In the run-up to the 2016 US presidential election, emails of Democratic Party candidate Hillary Clinton’s campaign staff were published online.

After Donald Trump was elected to the White House, the US intelligence community alleged that Moscow influenced the outcome of the vote, resulting in a snowballing probe, sanctions and expulsion of diplomats.

US intelligence agencies accused Moscow of being behind hacking entities Fancy Bear and Cozy Bear which carried out cyber attacks on the Democratic Party.

 

WannaCry’s ransomware

In 2017, scores of world organizations and companies were hit by a massive cyber attack that spread rapidly using a security flaw in an older version of Microsoft’s Windows XP operating system.

The attacks were launched via WannaCry, a type of malware called ransomware that encrypts files on an infected computer and demands money via virtual currency Bitcoin to unlock them.

It affected 300,000 computers in 150 countries. Among its victims were Britain’s National Health Service, a factory belonging to French carmaker Renault and Spanish phone operator Telefonica.

 

SolarWinds breach

In the first of a recent trio of cyber attacks against the US, security software company SolarWinds was hacked in late 2020 in an attack lasting months and affecting up to 18,000 clients and more than a hundred US companies.

Washington announced economic sanctions against Russia and accused it of being responsible for the attack.

 

Huge Microsoft hack

In March, a hack exploiting flaws in the Microsoft Exchange service affected at least 30,000 US organizations including local governments, and was attributed to an “unusually aggressive” Chinese cyberespionage campaign.

 

DarkSide shuts US pipeline

A cyber attack in mid-May paralyzed Colonial Pipeline, one of the largest US oil pipeline operators and the biggest in the east of the country, operating a system that serves 50 million consumers.

Washington identified the Russia-based DarkSide as the group which produced the ransomware used in the attack. A few days later Colonial Pipeline admitted that it has paid a ransom of US$4.4 million (3.6 million euros).

 

There are many lessons that organizations, governments, and individuals can take away from the biggest cyber attacks in history. From attacks initiated by state-endorsed hacker groups to ransomware attacks where valuable data is the hostage, businesses need to shield themselves from an ever-evolving threat surface that has the benefit of cyberthreat experience on its side – at least 15 years worth. IT specialists need to parse years of data breaches and learn how to better adapt their systems to stay on top of their game, 360-degrees.

 

 

© Agence France-Presse