Cyberattack is defined by CheckPoint as an assault launched by cybercriminals using one or more computers against a single or multiple computers or networks. It is dangerous for business because it can disable computers, steal data, or use a breached computer to launch other malicious programs.
Cybersecurity attacks happen for many reasons, including:
- Financial gain. Cyber criminals steal sensitive information that can be sold or send malicious links that can destroy a security system before demanding a ransom.
- Espionage, for example gathering intelligence and information for a nation state.
- Ideological motivations, such as conducting a cyberattack as an act of protest to certain companies.
According to Statista’s Cybersecurity Outlook, the global cost of cybercrime is expected to rise in the next five years. In 2022, the cost of cybercrime is estimated to be US$8.44 trillion and will increase triple times to US$23.84 trillion in 2027. Since more people are on the internet, whether for work or scrolling TikTok, there are potential opportunities for hackers to exploit. Furthermore, cyber criminal techniques and skills are becoming more sophisticated with more tools available to help them.
The GOAT (Greatest of All Time) in Cybersecurity Attack
Cybercriminals can use many methods to launch cyber threats, including malware, phishing, ransomware, denial of service (DoS), etc. There have been many significant attacks over the years, so it is difficult to say which ones are the GOAT in cybersecurity attacks. However, some of the most notable cyberattacks history include:
Stuxnet Worm (2010)
In 2010, the Stuxnet worm was discovered after it had been used to target and disrupt the Iranian nuclear program. The worm was able to spread through computer networks and infect industrial control systems, allowing it to manipulate and disrupt the operation of physical systems such as centrifuges used in nuclear enrichment.
The legacy of Stuxnet lives on in other malware even though it was reportedly the program would expire in June 2012. According to Trellix, several “sons of Stuxnet” include:
- Duqu (2011). Based on Stuxnet code, Duqu was designed to log keystrokes and mine data from industrial facilities, presumably to launch a later attack.
- Flame (2012). Flame, like Stuxnet, travelled via USB stick. Flame was sophisticated spyware that recorded Skype conversations, logged keystrokes, and gathered screenshots, among other activities. It targeted government and educational organisations and some private individuals mostly in Iran and other Middle Eastern countries.
- Havex (2013). The intention of Havex was to gather information from energy, aviation, defence, and pharmaceutical companies, among others. Havex malware targeted mainly U.S., European, and Canadian organisations.
- Industroyer (2016). This targeted power facilities. It’s credited with causing a power outage in the Ukraine in December 2016.
- Triton (2017). This targeted the safety systems of a petrochemical plant in the Middle East, raising concerns about the malware maker’s intent to cause physical injury to workers.
- Most recent (2018). An unnamed virus with characteristics of Stuxnet reportedly struck unspecified network infrastructure in Iran in October 2018.
Yahoo Data Breaches (2013-2014)
In 2013 and 2014, Yahoo suffered two major data breaches that resulted in the personal information of billions of users being accessed by hackers. It was dubbed as one of the biggest security breaches in history because 3 billion accounts were stolen. As a result, Yahoo was required to pay a fine of US$55 million up to victims, US$24 million for two years of credit monitoring, up to US$30 million for legal fees and to US$8.5 million dollars for other expenses. The breaches were not discovered until 2016, and the company was criticised for its slow response and inadequate security measures.
WannaCry Ransomware Attack (2017)
In May 2017, a ransomware attack known as WannaCry infected more than 230,000 computers in 150 countries in just a few hours, causing widespread disruption to businesses and governments. The WannaCry is a worm that spreads by exploiting vulnerabilities in the Windows operating system and became the first example of worldwide ransomware attack.
The hacker demanded a ransom payment of between US$300 to US$600 in Bitcoin within three days to decrypt the files. However, even after paying, only a handful of victims received decryption keys. Hospitals across the U.K. declared a “major incident” after they were knocked offline by the malware. Government systems, railway networks and private companies were also hit.
NotPetya Malware Attack (2017)
In June 2017, a malware attack known as NotPetya infected computers in Ukraine before spreading to other parts of the world, causing widespread disruption to businesses and government agencies. The attack used a combination of ransomware and a destructive wiper, rendering infected computers inoperable and causing significant damage to affected organisations.
NotPetya took its name from its resemblance to the ransomware Petya, a piece of criminal code that surfaced in early 2016 and extorted victims to pay for a key to unlock their files. But NotPetya’s ransom messages were only a ruse: The malware’s goal was purely destructive. It irreversibly encrypted computers’ master boot records, the deep-seated part of a machine that tells it where to find its own operating system. Any ransom payment that victims tried to make was futile. No key even existed to reorder the scrambled noise of their computer’s contents.
Equifax Data Breach (2017)
In 2017, the credit reporting agency Equifax announced that hackers had accessed the personal information of 147 million people in the USA, including names, social security numbers, and dates of birth. The breach was the result of a vulnerability in the company’s website software, which the hackers were able to exploit to gain access to sensitive data.
The result of the breach was Equfax had spent US$1.4 billion on cleanup costs, including “incremental costs to transform our technology infrastructure and improve application, network, [and] data security.” Moreover, In July 2019 the company reached a record-breaking settlement with the FTC, which wrapped up an ongoing class action lawsuit and will require Equifax to spend at least US$1.38 billion to resolve consumer claims.
Protect your organisation from cyberattack because it is costly. You can try ArmourZero, All-in-One Cybersecurity for business. It is the future of cybersecurity, powerful and modern Cloud IT Security Operation as-a-Service in one platform. Also, get a Free 14-days Email Assessment to Check Your Business Email Security Level.
Share this post
- 02 Feb 2023
- By:Bernadetta Septarini
- Category: ArmourHacks
Indonesia’s reliance on antivirus alone is a cybersecurity blindspot. Today, we need multi-layered security to stop cyberattacks. Find out more about it here.
- 13 Jan 2023
- By:Bernadetta Septarini
- Category: ArmourHacks
In 2023, how can businesses ensure their budget while still protecting themselves from cyber threats? Learn tips on how to protect your endpoint from threats.