Cybersecurity a marvel of modern technology comes with its own set of advantages and challenges. Attacks against an organization or business’s cybersecurity whether political and/or financial can have long-term consequences.
In the last decade alone, there have been multiple internationally recognized cyberattacks. Read on to find out about the biggest cyberattacks of the 21st Century.
The Melissa Virus – 1999
The Melissa Virus was an email virus – a mass-mailing macro virus – that primarily targeted Microsoft and Outlook-based systems. It became a widespread issue in 1999 becoming the fastest spreading virus. The virus had a lasting impact in the field of cybersecurity with improvements being made to ensure better security.
The virus was distributed as an email attachment which when opened not only disabled “safeguard” options in Microsoft Word 1997 and 2000 but also forwarded itself to the first fifty people in the infected users’ address book. Although the virus did not destroy any files or other resource material within the infected device, it did manage to handicap many major networks across the United States including the Marine Corps and Microsoft.
The virus would enter a system as an attachment with an email usually with the subject “Important Message from [sender’s name]”, and was released by David Lee Smith in March 1999.
The programmer was eventually arrested and sentenced to prison, following which the Federal Bureau of Investigation (FBI) launched a national cyber division that focused primarily on crimes committed online.
NASA Cyberattack – 1999
A remarkable feat for the time, fifteen-year-old, Jonathan Joseph James not only hacked into but also shut down NASA’s (National Aeronautics and Space Administration) computers for approximately twenty-one days. He was the first juvenile incarcerated for his crime in the United States.
James reportedly obtained data from the Defense Threat Reduction Agency (DTRA) between August and October of 1999, after which he hacked into the NASA computers as well as Pentagon’s weapons computer system. According to reports, he intercepted nearly 3,300 emails and passwords by pretending to be an employee.
After he was captured, James acknowledged that he had accessed thirteen computers at the Marshall Space Flight Center. He was eventually sentenced for his crime at the age of sixteen and died in 2008 at the age of 24 from a self-inflicted gunshot wound.
Cyberattacks on Estonia – 2007
Back in 2007, Estonia became one of the earliest victims of cyber warfare (hybrid warfare) when it was bombarded with a massive cyberattack. At the time, the concept of hybrid warfare was relatively new and unknown so the attack came as a shock.
Towards the end of April 2007, a series of cyberattacks focused on websites of various Estonian organizations including the Estonian Parliament, banks, ministries, broadcasters, and others during a time when the country was in disagreement with Russia over the relocation of the Bronze Soldier of Tallinn.
The attack managed to destabilize Estonia’s infrastructure and economy apart from causing a nationwide communication breakdown. Although little evidence was available to provide it, Russia was believed to be the central perpetrator behind the attack.
Sony’s Playstation Network – 2011
Japanese IT giant, Sony, was attacked in April 2011 during which the private and confidential information of nearly seventy-seven million users was claimed. Since then, Sony’s Playstation Network has fallen victim to a cybersecurity threat three times.
At the time, Sony’s Chief Executive Officer (CEO) Howard Stringer had said, “Our investigation is ongoing, and we are upgrading our security so that if attacks like this happen again, our defenses will be even stronger.”
Stinger further said that there was no “confirmed evidence” that the personal and/or credit card information of its customers had been misused. In a post on the Playstation’s official website, Stringer had written, “We are also moving ahead with plans to help protect our customers from identity theft around the world.”
Adobe Cyberattack – 2013
Well-known software house, Adobe, was the latest victim of a cyberattack in 2013 when it claimed its Photoshop code had been stolen. According to initial reports of the incident, a data breach of 2.9 million users had been suspected but it was later confirmed to be nearly 38 million users. Adobe had claimed that the passwords and credit card information of approximately 2.9 million users had been compromised, meanwhile, 35.1 million users had suffered the loss of passwords and IDs.
When questioned over a discrepancy in the initial reports of the data breach, a spokesperson for Adobe issued the statement, “In our public disclosure, we communicated the information we could validate”.
Cyberattack on Yahoo! – 2014
In 2014, Yahoo! Witnessed one of the biggest cyberattacks of the year when approximately 500 million of its accounts were compromised. However, it was confirmed that while basic information and passwords had been stolen, the bank information remained safe from breach.
Then Yahoo! Fell prey to cyberattacks thrice, for two consecutive years between 2016 and 2017. This is why Yahoo lost face against other companies offering similar products and services as it failed to ensure the security of its client’s information.
Ukraine Power Grid – 2015
One of the first known Russian attacks against Ukraine, the Power Grid attack served to highlight the extent of Russia’s power against the former Soviet Union state. The attack was carried out a year after the annexation of Crimea and is regarded as the moment when the Russia-Ukraine conflict began.
According to reports, Russia’s cyber military unit Sandworm targeted the Prykarpattyaoblenergo control center and infiltrated the facility to seize control of a subsystem and its computer systems to take it offline. They also launched attacks on other subsystems ultimately affecting almost 200,000 to 230,000 Ukrainian citizens.
NotPetya Malware – 2017
Two years after the Power grid attack on Ukraine, Russia’s Sandworm struck again. This time they launched a malware called NotPetya malware resulting in lasting collateral damage to the global community. It is believed that the virus led to the loss of approximately $1 billion to the affected organizations.
The virus was allegedly named after the Petya attack featured in the James Bond installment Golden Eye, however, it proved to be a more virulent threat.
Wannacry Ransomware Attack – 2017
An attack similar to the NotPetya, with more far-reaching consequences, WannaCry propagated through the Windows exploit EternalBlue, which had been stolen and leaked a few months prior to the cyberattack. It spread automatically across networks, infecting computers and encrypting data while demanding a ransom of approximately $300 in Bitcoin which would go up to $600 Bitcoin, if previously unpaid, within a seven days period.
The effects of this cyberattack were far-reaching as it severely impacts the UK’s NHS system, by infecting nearly 7,000 devices including MRI scanners and other theatre equipment endangering the lives of patients.
Marriott Hotels attack – 2018
The Marriott hotels were reportedly attacked when they acquired the Starwood Hotels group, however, the threat was not identified before 2018. By the time the attack was discovered, the hacker has access to the personal information of almost 339 million guests.
As a result, UK’s data privacy watchdog fined the hotel chain approximately 18.4 million pounds.
Solarwinds Cyberattack – 2020
SolarWinds, a software company, based in Tulsa, Oklahoma became the victim of a cyberattack on an unprecedented scale. The attack involved a breach of the SolarWinds’ Orion software used by many multinational companies and government agencies across the United States.
The hackers reportedly connected malware code known as Sunburst, onto a routine Orion update and gained access to thousands of organizations for a period of fourteen months.
Cyberattacks in 2021
2021 was the year that witnessed multiple cyberattacks with the Florida water system, and Colonial pipeline among those affected.
The Florida Water system attack was an example that outmoded systems should be replaced with new technology as the attack was made possible due to a lack of firewall protection. The hacker gained access and increased the amount of sodium hydroxide in the water. If not caught in time, the disaster would have been catastrophic.
Likewise, this breach of privacy was made possible with one compromised password. The largest petroleum pipeline in the United States was halted for several days.
The hackers, part of the Eastern European outfit DarkSide, allegedly demanded a ransom of $4.4 million worth of Bitcoin.
Other notable cyberattacks include Kaseya supply chain ransomware, Rockyou2021, and Pegasus.
Rockyou2021 was one of the major breaches of 2021. Named after the original RockYou breach of 2009, this attack led to the breach of nearly 8.4 billion passwords.
Stay tuned to Baaghi TV for more. Download our app for the latest news, updates & interesting content!