Cyberattacks that shook the world

The threat of cyberattacks looms larger than ever before. We’re in constant risk of becoming victims of cyberattacks; we can get struck by a ransomware attack, identity theft, or several different types of phishing. These attacks, committed by hackers and cybercriminals, can damage and disrupt company security, business economies, and compromise sensitive information.

We’ll look further into five cyber attacks that shook the world - these attacks made it very clear to the public that cyber attacks are no joke, and that they can do significant damage to anyone who becomes the hacker’s target.

Stuxnet: The advanced worm (2010)

The first cyber attack we’re looking at, happened in 2010. It was a new and groundbreaking computer worm, called Stuxnet, that took the world by storm. Compared to conventional malware, Stuxnet is designed to specifically target users with privileged accounts or supervisory control - and data acquisition (SCADA) systems. The systems and supervisors are used to control and monitor industrial processes.

Stuxnet’s primary aim was to disrupt and damage Iran’s nuclear program - and it did it with unprecedented sophistication.

Stuxnet exploited several zero-day vulnerabilities in the targeted software which made it pretty much impossible for the targets to detect the attack. It was furthermore very difficult for the target to remove the malware from the infected system, because the Stuxnet worm was so powerful. Stuxnet set a new precedent in cyber warfare when it caused malfunctions in the Iranian uranium enrichment centrifuges.

With the Stuxnet attack came the thoughts of state-sponsored cyber attacks, thus starting the discussion of cyberwarfare. This attack emphasized the importance of high cybersecurity on a national scale - both for governments, businesses and private people.

It has not been confirmed, but the alleged responsible parties of the attack is the United States’ government in collaboration with the Israeli government - the attack should allegedly go under the name Operation Olympic Games.

WannaCry ransomware attack (2017)

The next big cyber attack we’re looking at, happened in May 2017. This time, it was the WannaCry ransomware attack that wreaked havoc on computer systems around the world.

The WannaCry malware was designed to exploit a vulnerability in Microsoft’s Windows operating system, where it encrypted files and then demanded a ransom, paid in Bitcoin, in exchange for the decryption key. The thing that made WannaCry particularly dangerous was just how fast it could spread across networks, and thus infect hundreds of thousands of devices in more than 150 countries - only in a matter of days.

The WannaCry attack targeted many different organizations, including governments, and healthcare facilities. The attack disrupted crucial services which led to great financial losses (here we’re talking billions of dollars lost due to the attack). WannaCry was a serious wake-up call to many people. It thus emphasized the importance of regular software updates and better cybersecurity practices.

WannaCry is thought to use the EternalBlue attack method, developed by the American group Shadow Brokers. It has not been confirmed whether the group was behind the attack.

Equifax Data Breach (2017)

Later in the same year as the WannaCry-attack occurred, the U.S. was struck by a historical data breach. It was Equifax who became the victim of this significant data breach - Equifax is one of the largest credit reporting agencies in the U.S. and the hackers exploited a vulnerability in the company’s website. Here they gained unauthorized access to sensitive information, on their customers and employees. The information that was stolen and leaked was everything from names, social security numbers, birthdays and addresses - on approximately 147 million American citizens.

Not only did the hackers expose private people and their information for identity thefts and financial fraud but it also made people question the general security practices in organizations which handled sensitive personal information. Equifax was not particularly quick to react to the breach and thus protect their customers’ information, and this emphasized just how important cybersecurity is to a company - and how important it is to act quickly on any breaches.

Theories are currently that it was a Chinese state-sponsored attack with the purpose of data theft and not a data breach.

SolarWinds Cyberattack (2020)

In December 2020, the SolarWinds cyber attack was discovered. This attack sent shockwaves through the entire cybersecurity community. SolarWinds was attacked by a supply chain attack where several parties of the supply chain were infected. SolarWinds is a company that provides network management software and the hackers managed to insert malicious code into the company’s software updates. This allowed the hackers to compromise thousands of SolarWinds’ customers. Some of SolarWinds’ customers include government agencies, bigger corporations and critical infrastructure providers.

The attack was attributed to a state-sponsored group, and demonstrated the vulnerabilities that there are in supply chains - if there’s one provider in the supply chain everyone in the supply chain can be severely affected. This incident emphasized that organizations need to be critical towards their suppliers and how they handle cybersecurity.

This attack was allegedly executed by a Russian hacking group, and thus a Russian state-sponsored attack.

Colonial Pipeline ransomware attack (2021)

Four years after the WannaCry ransomware attack, the Colonial Pipeline fell victim to a ransomware attack that absolutely paralyzed its operations. Colonial Pipeline is a significant fuel pipeline operator in the U.S. and it thus affected many people when the organization fell victim to a cyberattack. This attack was executed by the (allegedly Russian) hacking group, DarkSide. The group encrypted the pipeline’s data and afterwards demanded a ransom payment in crypto currency.

The attack led to a widespread panic among consumers - they bought an extreme amount of fuel and hoarded the product, which led to a fuel shortage in several states.

The Colonial Pipeline attack showed how important it is with a good infrastructure that is secured as well. Sectors like the energy sector and transportation sector cannot be that vulnerable now that cyberattacks are one of the biggest threats out there.

The attack did, however, start discussions about the importance of fighting hacking attacks, and how international corporations should work together to combat the attacks - and hold cybercriminals accountable for their actions.

What we can learn

These five attacks are just the tip of the iceberg - there are several cyberattacks happening every day, big and small, nationally and internationally. These attacks have directed our attention to the importance of good cybersecurity and cyber defense in any corporation. We should be vigilant and stay updated on the latest trends in the cyber landscape - the hackers work around the clock and constantly try to find new ways to attack us.

To prevent this from happening, we need to stay one step ahead of the hackers and be proactive in our fight against cybercrime.

Human error is often a hacker's gateway into systems and software - and we don’t want to be the reason they can hack and infiltrate our systems and get our information.