Cybersecurity has become an increasing priority and concern for businesses and organisations alike. As technology develops, the attacks experienced and reported have become much more sophisticated and frequent. It is crucial to be knowledgeable about cyber security and protect your business.
This blog post will explore some of the most famous cyber-attacks in history. We’ll delve into how these cyber-attack examples occurred, their effects, and how the industry has learnt and adapted to the new challenges faced.
1. The Morris Worm, 1988
(You may see this referred to as ‘The Internet worm’!)
The first cyber attack occurred in the late 80s, a year before the invention of the World Wide Web. On November 2nd, a cyber worm was released from a computer in the Massachusetts Institute of Technology. In 24 hours, of the 60,000 computers connected to the internet, 6,000 that had a specific Unix operating system had been affected.
The worm did not modify, damage or delete – it slowed. Everything came to a halt, and with consideration to the CIA triad, this significantly affected the availability of their services and data. It is estimated that about $100,000 in damage occurred.
The culprit of the attack, Robert Tappan Morris, later admitted that the worm had got completely out of control. He had never meant for that amount of damage to happen.
This attack highlights the importance of a strong Incident Response plan, which is designed to minimise the reputational and financial impact of affected technology and services. With the correct procedures in place, it is possible this worm could have been caught and addressed earlier, minimising its impact as one of the most famous cyber attacks in history.
2. The Code Red Worm, 2001
More worms! 15th July 2021 saw the famous internet worm return, this time using enhanced features to cause much more chaos and damage.
Taking advantage of a vulnerability found in the Microsoft Internet Information Server (IIS), this worm infected 350,000 servers, causing a mass Denial of Service (DoS) attack on the White House official website.
There were some defence measures in place, but the worm was able to alter itself to evade them and cause widespread destruction in the billions.
It is crucial to understand an attack and then defend against it as quickly and thoroughly as possible. That’s why Threat Intelligence is so important for organisations. While this attack was over 22 years ago, it’s a brilliant example of the critical learning curve each business has to experience when an attack occurs.
3. Stuxnet, 2010
Into 2010 now, and an even more sophisticated worm is discovered.
Built specifically to covertly expose and derail Iran’s nuclear program, and further developed to target other infrastructure such as power plants, this was considered the first Cyber weapon.
With the increasing fear of the impact technology could play in cyber warfare, this highly complex malware showed exactly how damaging this type of cyber attack could be. It was reported to destroy one-fifth of the nuclear program developed.
Fast forward to 2023, and attacks are considerably more damaging, well-hidden and frequent. This particular attack took advantage of four zero-day vulnerabilities and was only discovered when workers noticed the centrifuges were failing at a quicker rate than normal.
If only they’d had operational Operational Threat Intelligence in place! It’s increasingly important for companies to be able to effectively identify an attack. You should also have an Incident Response plan for minor and major attacks, so you can recover at the fastest rate possible.
4. Saudi Aramco, 2012
Saudi Aramco is an oil company, reported to supply 10% of the world’s oil. Therefore, when 35,000 computers were partially wiped and destroyed, this was considered one of the worst cyber attacks of its time.
In a report posted by CNN Business, it is claimed that a phishing link gave bad actors access into the systems, and employees then started to notice some inconsistencies in their technologies. The IT team pulled out all the cables and disconnected from the internet, and the workers had to adapt to a new way of functioning.
It took over 2 weeks to recover from this attack – on day 17, its reported that the company began giving out oil for free to its customers. The effects were devasting on profit, reputation and the availability of services and data. It shows just how widespread the effects of a phishing email can be!
Not only was this company lacking a proper incident response plan (other than taking the system offline), but the entry via a phishing email suggests a lack of Security Awareness Training. The Saudi Aramco attack highlights the importance of training staff effectively and thoroughly, to prevent events that go down as the biggest cyber attacks in history.
5. WannaCry, 2017
The WannaCry cyber-attack is very well known, mainly due to its impact on the NHS and its services. Exploited through EternalBlue, a vulnerability in Microsoft Windows, the attack occurred 2 months after a patch had been released by the vendor.
Like the Saudi Aramco event, the attack was spread via a phishing campaign. EternalBlue was then used to install a backdoor in the compromised computers.
The attackers then demanded Bitcoin payment in return for the use of the files they had stolen. Lives were on the line.
Over a third of hospital trusts were affected. Ambulances were rerouted, appointments cancelled, and the attack cost the NHS £92 million in damages alone.
Computer systems in 150 companies were affected, with an estimated cost of $4 billion in global damages.
The obvious takeaway from this attack is to regularly upgrade your systems. 2 months prior to the cyber-attack, the vendor addressed the situation with a security patch that could have protected thousands of computers from being compromised.
To enforce system upgrades and other basic security policies, we recommend looking into our Risk Management Workshop. This is a personalised training session to strengthen your risk management skills and empower your staff to prevent cybersecurity attacks.
6. SolarWinds, 2020
SolarWinds is a piece of software that provides management tools and networking/ infrastructure monitoring. It is also the piece of software that caused a major supply chain breach in 2020!
Unauthorised access was gained in September 2019, allowing the attackers to inject malicious code that laid dormant for some time. In March 2020, SolarWinds unknowingly sent out software updates for Orion with the malicious code, with over 18,000 users installing the update. The attack was only reported in December 2020.
This attack affected numerous organisations, including Microsoft, FireEye, Intel, and a number of government departments. It is a striking example of how a single vulnerability in a piece of software can be spread so effectively and quickly, with severe consequences on the confidentiality and integrity of data held by multiple organisations.
As the malicious code lay undetected for a considerable number of months, this attack also spotlights how important it is to monitor your systems. We encourage clients to report any changes – no matter how small – and always refer to company policies when updating systems.
7. The Facebook Data Leak, 2021
In 2021, when social media was very much an everyday feature in people’s lives, 530 million individuals had personal information leaked from a Facebook breach. It is reported that this data was scraped from information already publicly available, and Facebook have denied wrongdoing.
This stance has sparked a debate regarding the protection of the users’ data, and if any GDPR laws were breached by Facebook. There are ongoing lawsuits, due to the breadth and depth of people affected and data accessed.
While there is still a conclusion to be drawn regarding Facebook’s involvement and if they had been following best practice, this attack highlights the importance of knowing how much data you are sharing on the internet. By disclosing previous education, birthdates, interests and all other settings Facebook asks for, you are acknowledging that the information you provide is publicly accessible to the extent you set your privacy settings.
The responsibility is not solely on the individual, though. Companies must be aware of the risks that holding customer data carries and comply with laws regarding access to publicly available data. Head to Cyberfort’s Governance, Risk and Compliance page to understand the effects non-compliance could have on you and your business.
8. UK Electoral Register Breach, 2023
Number 8 in our round-up of the world’s most famous cyber attacks is the UK Electoral Register breach of 2023.
The integrity of the UK’s electoral system was pulled into question earlier this year, when 40 million registered voters’ personal data was leaked. These records were accessible to bad actors dating back to August 2021. The leak included names and addresses,and the commissioner’s email system was possibly compromised too.
Most of this data was publicly available anyhow, and a paper-based electoral system made it unlikely this would overturn any results, but it was still a significant, concerning breach of UK citizens’ data. During the investigation, it was noted that the Electoral Commission had not completed their Cyber Essentials training. This suggests that they were not educated to be aware of best practices in cyber security, which may have had an effect on the defences they had present at the time of the attack.
The Cyber Essentials scheme is designed to ensure an organisation has a foundational understanding of cyber security and a level of protection. It features basic technical controls that should be reviewed annually. Being certified is likely to attract more customers as they can trust you are taking the minimum precautions to protect their data.
When you look at the most famous cyber attacks in history, there is no doubt that attacks are becoming more sophisticated and more widespread. Individuals and businesses need to be knowledgeable, prepared and protected.
Cyberfort can help you to:
- Stay up to date with the latest news
- Increase your knowledge of cyber security attacks
- Monitor your systems
- Respond to incidents
- Protect your assets
Want to learn more? Contact us to see how we could help your business flourish.