This Edition of the Cyberguard chronicles is about the 5 most lethal cyber attacks ever!


1 – WannaCry

This has probably been deemed as the worst kind of Ransomware of its kind in history. The hacking group who was primarily responsible was known as the “Equation Group”. This was basically an Encryptor which locked the screens and various files of its victims. WannaCry spread itself very quickly over a four-day period and took out a staggering 200,000+ computers in 150 countries. But the effects of this had far-reaching impacts. For example, it even impacted the critical infrastructure of the healthcare industry in many of these countries, by totally locking out mission critical medical equipment and devices. There were other targets as well, which included many logistics and supply chain facilities as well as factories. Because of this, the companies impacted in this market segment had to shut down production entirely, which resulted in financial losses for them estimated at about $4 – $5 Billion. Even managed service providers across the globe scrambled to learn WannaCry and how to protect personal and network computers, which are especially vulnerable if they are running the Windows Operating System.

2 – NotPetya/ExPetr

This Ransomware has been deemed to be the costliest cyber attack of all time, even worse than that of WannaCry. This malware used both the EternalBlue and EternalRomance exploit tools. The danger with this one is that the encryption that was deployed on the victim’s computer was totally irreversible. However, the primary target for this Ransomware were corporations and businesses of all kinds, it wasn’t after the individual consumer per se. NotPetya/ExPetr was initially launched through the Security weaknesses of the “MeDoc” (which is a financial software application) update server. Because of this, the software upgrades and patches were infected with the Ransomware, and thus spread itself very quickly. The total financial damage of this has been estimated to be well over $10 Billion.

3 – Stuxnet

This is probably the most publicized Malware attack of all time and proved just how vulnerable a network can be to a cyber attack. What was unique about this cyberattack is that its main objective was to greatly curtail the nuclear weapon development program of Iran. This was achieved by deploying Stuxnet into the controllers that powered the uranium-enrichment centrifuges and setting them at a spin level that was way too high. As a result, they were completely destroyed. But this Malware also spread itself very quickly onto unintentional targets on a global basis, even onto computers that were connected to a WAN or a LAN.

4 – Dark Hotel

What is unique about this specific piece of Malware is that it was designed to be launched at just one exclusive target: The Wi-Fi networks of the hotel and hospitality industry. When the staff members at various leading hotels worldwide logged into their corporate Wi-Fi network, they were prompted to download a major update for a software application that was associated with the network. But instead, they downloaded a nefarious piece of Spyware which has termed the “Dark Hotel”. The objective of this major cyberattack was to log and record the keystroke patterns of these employees. From there, covertly hijack all of the passwords that were possible. Once this was achieved, major Phishing attacks were then launched towards the same employees.

5 – Mirai

This is a Botnet type of cyber attack. This attack can be technically defined as a, “collection of compromised computers running malicious programs that are controlled remotely by cybercriminals,” explains Chad Lauterbach, CEO of Be Structured, an IT support company based in Los Angeles. “These criminals then target those devices in which Security was totally ignored, and were a critical aspect of the Internet of Things (IoT).” In other words, these devices then infected other similar ones, until the Botnet grew to a huge magnitude in size. Then on October 21, 2016 this threat vector was launched towards digital video cameras, IP cameras, and other associated recording tools that made use of the DNS service provider known as “Dyn”. In the end, Dyn could not withstand this kind of cyber attack, and as a result, those online services based in the United States that were dependent upon its functionality were rendered totally useless. This included PayPal, Twitter, Netflix, PlayStation and Spotify. Fortunately, these services were repaired and came back online again, but made people rethink just how insecure the IoT really is.

Cyber Attack Conclusions

In identifying the five most notorious cyber attacks we’ve seen so far it cannot be stressed enough that no one knows what the future holds. The one thing IT service companies will admit is that cyber attacks will continue to develop and evolve in their skill and deadliness. For any business or organization that relies on a secure network, it’s important to have your IT department or managed service provider continually investigate the latest and greatest ways people are being hacked or shut down.