The Worst Cyberattacks of the Past Decade

Cyberattacks are scary, and can have consequences and effects that affects thousands of people withing a very short amount of time. The extent of the damage of cyberattacks isn’t always well known, but it can be very devastating. If you’re reading this right now, we assume you’re interested in knowing just how mind-bogglingly awful cyberattacks can be, and you’re about to see why global cyber security products have surpassed $1 trillion from 2017 to 2021 in a bit to prevent cyberattacks.

Shamoon: Developed by Iranian state-backed hackers, this Windows wiper was used in an attack against energy company, Saudi Aramco in 2012. It works by collecting data from a computer before erasing and corrupting the master boot record, thereby bricking the computer.

Office of Personnel Management Breach: In 2013 and 2014, China staged a series of breaches against the US Office of Personnel Management, which stores sensitive data on all former and current American federal employees.

The Ukrainian Blackouts: These series of attacks affected the power grid of Ukraine’s capital, Kiev. The first attack, spearheaded by Russia as part of its physical war against Ukraine, took place in 2015 as a suite of malware that stole credentials, allowing hackers to gain access and manually switch off circuit breakers, resulting in a blackout. The second attack in 2016 was against a single transmission station, which was targeted by Crash Override or Industroyer, an advanced malware. The software allowed the hackers to manipulate control systems, but a technical error prevented the physical equipment from being destroyed.

Stuxnet: This worm, which was created by the US government and Israel and initially launched in 2010, was the first virus to physically damage electronics. The worm first targeted Microsoft Windows before moving on to Siemens Step7 to manipulate PLCs.

Sony Pictures Entertainment Hack: This hack was executed in 2014 by a group known as “Guardians of Peace,” which was backed by the North Korean government and stole 100 terabytes of data, decrypted files and configurations, and later released the stolen sensitive information, including employee information such as Social Security numbers.

The 2016 U.S. Presidential Hack: two gangs of Russian hackers, APT 28 or Fancy Bear, and APT 20 or Cozy Bear, used social media disinformation operations and email phishing attempts to infiltrate the Democratic National Committee and leak information through WikiLeaks.

NotPetya: NotPetya was developed by the Russian hacker group Sandworm and was a “destructive malware meant to shut down machines, damage networks, and create mayhem.” The malware propagated around the world, finally infecting systems in Russia, disrupting businesses in industries such as pharmaceuticals, shipping, power, public transportation, and more.

These attacks highlight the high risks that cyberattacks have, and the importance of cybersecurity as a priority for individuals, corporations, and governments. Legislation against cyber crime and countermeasures also help deter these kinds of attacks, but many hackers still perform these attacks, if only for the sheer thrill of it.