Cyber attacks not only continue to grow but they are continuing to evolve. Just any form of terrorism, cyberthreats know no boundaries. They are cleverly disguised assaults on networks and businesses that can threaten any part of the world in a number of various harmful forms.
Yet no matter how much network support services continue to evolve, cyber threats still continue. They are also expected to grow only further in size and magnitude. A new kind of threat vector that is expected to emerge is the intentional misuse of Artificial Intelligence (AI) and Machine Learning (ML) tools.
These tools can have the great benefits of helping the IT support staff of any organization. They help quickly analyze the tons of information and data that they receive from their log files and to model what future threats look like. However, there is also a huge downside to them as well.
For example, the cyber attacker can also use these tools in order to predict the daily, virtual movements of their potential victims. In so doing, they penetrate through when they least expect it.
The goal here is to stay much longer from within the confines of their victim. Then proceed very slowly to go after and accomplish their mission. That mission can prove to be launching Identity Theft attacks, stealing their financial information and so on.
Unfortunately, the victim will never know that they have been hit until it is much too late for he or she to do anything meaningful in the way of recovery.
It is also expected that Phishing will still continue, but this time around, it will be almost impossible to tell what a real website is, and which is a fake one. The Cyber attacker is now even discovering new ways in which to inject malicious payloads from within the content of a legitimate website itself. So, although it may be really authentic, you could still pick up a piece of nasty malware just by visiting the website.
In this blog, we examine some of the most notorious Cyber attacks of all time.
The Most Lethal Cyber Attacks
1 – WannaCry
This has probably been deemed as the worst kind of Ransomware of its kind in history. The hacking group who was primarily responsible was known as the “Equation Group”.
This was basically an Encryptor which locked the screens and various files of its victims. WannaCry spread itself very quickly over a four-day period and took out a staggering 200,000+ computers in 150 countries. But the effects of this had far-reaching impacts.
For example, it even impacted the critical infrastructure of the healthcare industry in many of these countries, by totally locking out mission critical medical equipment and devices. There were other targets as well, which included many logistics and supply chain facilities as well as factories.
Because of this, the companies impacted in this market segment had to shut down production entirely, which resulted in financial losses for them estimated at about $4 – $5 Billion.
Even managed service providers across the globe scrambled to learn WannaCry and how to protect personal and network computers, which are especially vulnerable if they are running the Windows Operating System..
2 – NotPetya/ExPetr
This Ransomware has been deemed to be the costliest cyber attack of all time, even worse than that of WannaCry.
This malware used both the EternalBlue and EternalRomance exploit tools. The danger with this one is that the encryption that was deployed on the victim’s computer was totally irreversible. However, the primary target for this Ransomware were corporations and businesses of all kinds, it wasn’t after the individual consumer per se.
NotPetya/ExPetr was initially launched through the Security weaknesses of the “MeDoc” (which is a financial software application) update server. Because of this, the software upgrades and patches were infected with the Ransomware, and thus spread itself very quickly. The total financial damage of this has been estimated to be well over $10 Billion.
3 – Stuxnet
This is probably the most publicized Malware attack of all time and proved just how vulnerable a network can be to a cyber attack.
What was unique about this cyberattack is that its main objective was to greatly curtail the nuclear weapon development program of Iran. This was achieved by deploying Stuxnet into the controllers that powered the uranium-enrichment centrifuges and setting them at a spin level that was way too high. As a result, they were completely destroyed. But this Malware also spread itself very quickly onto unintentional targets on a global basis, even onto computers that were connected to a WAN or a LAN.
4 – Dark Hotel
What is unique about this specific piece of Malware is that it was designed to be launched at just one exclusive target: The Wi-Fi networks of the hotel and hospitality industry. When the staff members at various leading hotels worldwide logged into their corporate Wi-Fi___33 network, they were prompted to download a major update for a software application that was associated with the network. But instead, they downloaded a nefarious piece of Spyware which has termed the “Dark Hotel”.
The objective of this major cyberattack was to log and record the keystroke patterns of these employees. From there, covertly hijack all of the passwords that were possible. Once this was achieved, major Phishing attacks were then launched towards the same employees.
5 – Mirai
This is a Botnet type of cyber attack. This attack can be technically defined as a, “collection of compromised computers running malicious programs that are controlled remotely by cybercriminals,” explains Chad Lauterbach, CEO of Be Structured, an IT support company based in Los Angeles. “These criminals then target those devices in which Security was totally ignored, and were a critical aspect of the Internet of Things (IoT).”
In other words, these devices then infected other similar ones, until the Botnet grew to a huge magnitude in size.
Then on October 21, 2016 this threat vector was launched towards digital video cameras, IP cameras, and other associated recording tools that made use of the DNS service provider known as “Dyn”.
In the end, Dyn could not withstand this kind of cyber attack, and as a result, those online services based in the United States that were dependent upon its functionality were rendered totally useless. This included PayPal, Twitter, Netflix, PlayStation and Spotify.
Fortunately, these services were repaired and came back online again, but made people rethink just how insecure the IoT really is.
Cyber Attack Conclusions
In identifying the five most notorious cyber attacks we’ve seen so far it cannot be stressed enough that no one knows what the future holds. The one thing IT service companies will admit is that cyber attacks will continue to develop and evolve in their skill and deadliness.
For any business or organization that relies on a secure network, it’s important to have your IT department or managed service provider continually investigate the latest and greatest ways people are being hacked or shut down.