For decades, cyber attacks have been taking down businesses and causing disruption of catastrophic proportions. In the true spirit of Halloween, we share with you some of the most gruesome…
1 – MafiaBoy DDoS Attacks
In 2000, Michael Calce under the name MafiaBoy caused $1 billion dollars in damages by unleashing a DDoS attack on a number of high profile commercial websites including Amazon, CNN, eBay and Yahoo! At the time, Yahoo! was a multibillion-dollar web company and the top search engine. Mafiaboy’s Rivolta managed to shut down Yahoo! for almost an hour. Today, Calce is a white hat hacker. Companies hire him to help identify security flaws in their systems and design better security features. He says the internet is a far scarier place today than it was back in 2000. For one, there is more and more at stake as we rely ever more on online systems for our daily lives.
2 – Melissa Targets Microsoft Word
The Melissa virus in 1999 targeted Microsoft Word, it was an e-mail attachment that would once open, forward the virus onto the first 50 users on Microsoft Outlook by Office’s native share function. This virus shut down multiple e-mail servers due to the wide spread attack, it cost $80 million in damages due to the virus acting like a Denial of Service attack to e-mail clients. Many people in the IT industry said that the situation could have been much worse, as what the virus really did was email itself. The Virus has multiple Simpson’s jokes hidden inside it.
3 – WannaCry Ransomware Attacks
WannaCry was a ransomware attack in 2017 that had widespread success, hacking into organisations from the NHS to Telefonica and FedEx. It uses the EternalBlue exploit the US National Security Agency reportedly found, in order to do its damage. It asked the user to pay fee of $300 in BitCoin to unlock the files. The ransom note indicated that the payment amount would be doubled after three days. If payment was not made after seven days it claimed the encrypted files would be deleted. It’s estimated that WannaCry caused $4 billion in damages so far and earned up to $49,000 through BitCoin so far.
4 – TalkTalk’s Data Breach
The TalkTalk hack in 2015 was sparked off by a 17 year old boy and performed by two friends Matthew Hanley, 22, and Connor Allsopp, 20. The data breach was severe with customer sort codes and account numbers being made available. The firm said 4% of TalkTalk customers have sensitive data at risk. The attack cost the company £42 million and further had to pay £400,000 as they failed to have a secure system in place to avoid customer data breach.
5 – Ashley Madison Hit by The Impact Team
In July 2015, “The Impact Team” stole user data of Ashley Madison, a commercial website billed as enabling extramarital affairs. On 18 and 20 August, the group leaked more than 25 gigabytes of company data, including user details. The site’s policy of not deleting users’ personal information caused distress to many users as they feared being publicly shamed. This was the largest security breach of Consumer information in history. Impact Team wanted the owners of Ashley Madison (Avid Life Media) to remove the site due to the sites nature of encouraging affairs.
6 – NetSky and Sasser Worms
In 2004, Sven Jaschan developed and released two damaging worms called NetSky and Sasser. At the time, they were responsible for over 25% of all virus reports in the first half of 2005. Sasser instead of attacking computer’s by e-mail, would use a script to forward to an at risk computer and instruct it to download the script. Forwarding on and on. The system would also be difficult to shut down without unplugging manually. NetSky utilised e-mail to send files that would cause a Denial of Service attack as systems would collapse while trying to handle the data and traffic. These viruses caused over 20 billion dollars in damages.
7 – Sony’s Playstation Network Hacked by Anonymous
Sony suffered a massive blow to its Playstation Network in April 2011 after it was hacked by Anonymous via DDoS attacks. They attacked again on the 21st April 2011, and Sony kept the Network offline for 3 whole weeks. They were quiet about the reason for 5 whole days, when they announced that 77 million users personal information was compromised. Sony couldn’t rule out the possibility that Credit Card data was taken either. After apologising and reimbursing customers with free games, subscriptions and anti-fraud protection, Sony was left with a loss of £171 million.
8 – Soviet Pipeline hit by Logic Bomb
Prior to the internet, computers were being used for coding and creating different software. This was the case for a Canadian pipeline company in 1982. The CIA suspected the KGB might steal the software so they planted a logic bomb in the code, and a few months later, the Soviet pipeline exploded producing the most monumental non-nuclear explosion and fire ever seen from space. This is an instance of a Trojan horse before the widespread use of this method of virus occurred in the Personal Computing industry. Due to this attack, they only trust IBM an American manufacturer of computer chips to develop them.
9 – 130 Million Records Stolen from TJX Hack
Albert Gonzalez was sentenced to 20 years in prison after hacking TJX the parent company of TJ Maxx (TK Maxx in the UK). He obtained 130 million records of personal information, including credit card information. He utilised backdoors on several systems to obtain the information. Once arrested the police seized multiple items he paid for with the information, such as $1.6 million ($1.1 million of which was in plastic bags buried in a three foot drum under his parents backyard.), multiple top of the range laptops, and a compact Glock pistol.
10 – Shamoon hit by Cutting Swords of Justice
The Shamoon virus targeted computers and workstations of energy suppliers. It was developed in 2012 by a hacker group by the name “Cutting Swords of Justice” with the aim of destabilising the Saudi Amarco Company. They were successful and managed to infect more than 30,000 workstations, this prevented machines from connecting to the network that gave workstations access of communicating with each other and the web. The virus even infected Qatari RasGas Company and LNG Company.
All of these were big and newsworthy cyber attacks, but thousands of smaller attacks, both in scale and target, happen every day. If you want to find out more about how to protect yourself, get in touch with cybersecurity specialists Adarma today.
References:
1. a) https://en.wikipedia.org/wiki/MafiaBoy & Davis, Wall. Crime and the Internet. New York: Routledge, 2001.
2. a) http://www.pandasecurity.com/mediacenter/malware/most-famous-virus-history-melissa/
2. b) https://nakedsecurity.sophos.com/2009/03/26/memories-melissa-virus/
3. a) https://www.symantec.com/connect/blogs/wannacry-3
3. b) http://uk.businessinsider.com/wannacry-ransomware-attack-49000-3-bitcoin-wallets-2017-5
4. a) http://www.bbc.co.uk/news/business-34743185
5. a) http://www.ibtimes.co.uk/ashley-madison-hack-who-are-impact-team-why-did-they-leak-website-data-will-they-be-caught-1516328
5. b) https://www.reddit.com/r/AnythingGoesNews/comments/3h71ar/we_are_the_impact_team_we_are_releasing_the/
6. a) https://www.sophos.com/en-us/press-office/press-releases/2005/07/va_sasserfree.aspx
6. b) http://virus.wikia.com/wiki/Sasser
6. c) http://virus.wikia.com/wiki/Netsky
7. a) http://www.eurogamer.net/articles/2016-04-26-sony-admitted-the-great-psn-hack-five-years-ago-today
7. b) https://www.theregister.co.uk/2011/05/24/sony_playstation_breach_costs/
8. a) http://www.telegraph.co.uk/news/worldnews/northamerica/usa/1455559/CIA-plot-led-to-huge-blast-in-Siberian-gas-pipeline.html
8. b) http://www.nytimes.com/2009/10/27/science/27trojan.html?_r=1&ref=science&pagewanted=all
9. a) http://www.cbsnews.com/news/soupnazi-with-1m-buried-in-backyard-pleads-guilty-to-biggest-hack-in-us-history/
9. b) http://www.nydailynews.com/news/world/soupnazi-hacker-albert-gonzalez-nerdy-life-sex-guns-drugs-article-1.394977
10. a) http://www.nytimes.com/2012/12/10/business/global/saudi-aramco-says-hackers-took-aim-at-its-production.html