Executive Summary
- As business have moved into the digital realm, so too have criminals shifted their operations online. With 46% of businesses facing a breach attempt each year, cybersecurity measures are more important than ever.
- In this article, we’ll discover what happens when things go wrong, by putting some of the world’s most notorious cyberattacks under the spotlight.
Introduction
There’s simply no question anymore: cybersecurity is everyone’s business.
Whether you’re a micro-business taking payments via PayPal or a large national business with a distributed workforce, the common thread is one thing: the internet.
And digital business means digital threats.
With more and more companies moving their operations online, cybersecurity is a larger concern than it’s ever been. In fact, according to the government’s own Cyber Security Breaches Survey 2020, 46% of UK businesses have reported breaches or attacks in the last year.
But what are you really protecting your business from? It’s sometimes useful to look at what can happen if you choose not to act.
So let’s do exactly that.
Here’s a short history of the world’s most notorious cyberattacks.
#1: The PlayStation Network double-whammy (2011)
Some cyberattacks are small. Some are large. And some are the April 2011 PlayStation Network cyberattack.
Why are we referring to this attack a “double-whammy”?
Well, not only did it take down the PlayStation Network for a full 23 days, leaving PlayStation 3 owners unable to access the digital storefront or log in to their accounts, but it also resulted in the theft of 77 million user account details. Even worse, in May 2011, Sony confirmed that this stolen data did indeed contain personally identifiable information.
In no uncertain terms, this was an unmitigated disaster for Sony.
The root cause of the cyberattack remains somewhat of a mystery to this day, at least to the general public, although Sony has confirmed that the attack was due to an “external intrusion”.
At the time, it was the largest data breach in history, resulting in damages to Sony’s business totalling $171 million over the 3+ weeks of downtime.
#2: The “Shamoon” attacks (2012)
The next cyberattack we’re looking at is less of about theft and more about straight-up destruction.
Discovered in August 2012, the “Shamoon” malware was a computer virus also known as “W32.DistTrack”. It was used as part of cyberwarfare campaigns and targeted various national oil companies in the middle east. In one particular Shamoon attack on oil company Saudi Aramco, 35,000 individual workstations were infected with the virus, resulting in over a week’s work to restore them all to working order.
So what makes Shamoon so destructive, exactly?
The virus works by first gaining access to a single workstation – usually by way of a phishing scam. Once on a computer, the virus will go to specific locations on the system, copy certain files, then upload them to the attacker. After that, it deletes the files. But that’s not all. The final step for the virus is to overwrite what’s known as the “master boot record”. Think of this like the starter on a car – without it, the computer won’t boot. Shamoon can also travel between computers on a network, effectively disabling each one as it does so.
Shamoon is, in every sense of the word, a virus.
#3: The Ukranian “Petya” attacks (2017)
On June 27th, 2017, a series of cyberattacks began targeting the websites of public bodies and private companies in Ukraine. Banks, newspaper, ministries – and even the radiation monitoring systems at the Chernobyl Nuclear Power Plant – were all targeted.
Around the same time, other instances of the Petya virus were detected in the UK, France, Germany, Poland, Russia, and elsewhere – but cybersecurity experts estimate that 80% of the attack took place in Ukraine.
The attack took the form of the “Petya” malware, which was ostensibly a piece of ransomware which demanded payment in exchange for unlocking encrypted files.
However, after the attack was stopped – which took authorities less than 24 hours – it became clear that the Petya malware had in fact irreparably damaged certain files. Despite the virus displaying a message about files being “safely and easily” recovered, it was obvious that the attack was less about bribery and more about causing damage to state-owned properties.
It’s not clear exactly how much total damage the Petya malware caused in that 24-hour period of June 2017, but FedEx reported a loss of $400 million, $300 million for Maersk, and more than $870 million in damages for Merck.
#4: The “WannaCry” ransomware attack (2017)
Perhaps the most well-known cyberattack in recent memory, the “WannaCry” ransomware attack took place in May 2017 and had a global impact.
WannaCry was a ransomware cryptoworm – which is about as nasty as it sounds. It targeted a specific vulnerability in Windows-based computers and, once infected, would actively encrypt files on the machine then display a message demanding a ransom in Bitcoin to unlock them.
Once identified, the WannaCry attack was stopped in its tracks within a few days. Microsoft pushed an emergency patch to vulnerable Windows systems which prevented the worm from spreading to any further machines.
In terms of root cause, WannaCry took advantage of a security exploit in older Windows workstations. While Microsoft had patched the exploit on more recent machines, any business still running the old software was vulnerable to the attack.
The lesson here is something we’ve covered before on the Get Support blog: if you don’t keep up with security updates from Microsoft, or stick with end-of-life software, you could open yourself up to potential cyberthreats.
Don’t become a statistic – toughen up your company’s security today
It’s easy to assume that crises like cyberattacks will never happen to you… until they do.
With almost 50% of businesses suffering attempted attacks in the last year alone – and the potential consequences we’ve explored in this article – deploying proper safeguards is essential.
At Get Support, we can help you protect your business from cyberthreats with the latest technologies and preventative measures. Start the conversation today by filling in the form below or calling our IT support experts on 01865 59 4000.