attacks

Top 5 most notorious cyberattacks

Epidemics, espionage, destruction: We present the most
memorable cyberattacks of recent years.

John Snow November 6, 2018

Most cyberattacks are fairly mundane. In the worst cases, the user sees an on-
screen ransom demand explaining that the computer is encrypted and can be
unlocked after payment. Oftentimes, however, nothing visible happens at all —
many types of malware act as surreptitiously as possible to maximize data theft
before
We usebeing
cookies spotted.
to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
But with some cyberattacks, their scale or sophistication cannot fail to attract
attention. This post is dedicated to the five most spectacular and notorious
cyberattacks of the last decade.

WannaCry: A real epidemic

The WannaCry attack put ransomware, and computer malware in general, on
everyone’s map, even those who don’t know a byte from a bite. Using exploits
from the Equation Group hacking team that were made publicly available by the
Shadow Brokers, the attackers created a monstrosity — a ransomware encryptor
able to spread quickly over the Internet and local networks.

The four-day WannaCry epidemic knocked out more than 200,000 computers in
150 countries. This included critical infrastructure: In some hospitals, WannaCry
encrypted all devices, including medical equipment, and some factories were
forced to stop production. Among recent attacks, WannaCry is the most far-
reaching.

See here for more details about WannaCry, and here and here for business
aspects of the epidemic. Incidentally, WannaCry is still out there, endangering the
world’s computers. To find out how to configure Windows to stay protected, read
this post.

NotPetya/ExPetr: The costliest cyberattack to date

That said, the title of most costly epidemic does not go to WannaCry, but rather
to another ransomware encryptor (technically a wiper, but that doesn’t alter the
bottom line) called ExPetr, also known as NotPetya. Its operating principle was
the same: Using EternalBlue and EtrernalRomance exploits, the worm moved
around the Web, irreversibly encrypting everything in its path.

Although it was smaller in terms of total number of infected machines, the

NotPetya epidemic targeted mainly businesses, partly because one of the initial
propagation vectors was through the financial software MeDoc. The
cybercriminals
We use cookies to managed to gainofcontrol
make your experience over
our websites the
better. ByMeDoc
using and update
further server, causing
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
many clients using the software to receive the malware disguised as an update,
which then spread across the network.

The damage from the NotPetya cyberattack is estimated at $10 billion, whereas
WannaCry, according to various estimates, lies in the $4–$8 billion range.
NotPetya is considered the costliest global cyberattack in history. Fingers crossed
that if this record is ever broken, it won’t be soon.

More information about the NotPetya/ExPetr epidemic can be found in this post;
the pain it caused businesses is examined here; and see here for why the
epidemic, capable of disabling large businesses, affects not only those whose
computers are infected, but everyone else as well.

Stuxnet: A smoking cybergun

Probably the most famous attack was the complex, multifaceted malware that
disabled uranium-enrichment centrifuges in Iran, slowing down the country’s
nuclear program for several years. It was Stuxnet that first prompted talk of the
use of cyberweapons against industrial systems.

Back then, nothing could match Stuxnet for complexity or cunning — the worm
was able to spread imperceptibly through USB flash drives, penetrating even
computers that were not connected to the Internet or a local network.

The worm spun out of control and quickly proliferated around the world,
infecting hundreds of thousands of computers. But it could not damage those
computers; it had been created for a very specific task. The worm manifested
itself only on computers operated by Siemens programmable controllers and
software. On landing on such a machine, it reprogrammed these controllers.
Then, by setting the rotational speed of the uranium-enrichment centrifuges too
high, it physically destroyed them.

A lot of ink has been spilled over Stuxnet, including a whole book, but for a
general understanding of how the worm spread and what it infected, this post
should suffice.
We use cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
DarkHotel: Spies in suite rooms
It is no secret that public Wi-Fi networks in cafés or airports are not the most
secure. Yet many believe that in hotels things should be better. Even if a hotel’s
network is public, at least some kind of authorization is required.

Such misconceptions have cost various top managers and high-ranking officials
dearly. On connecting to a hotel network, they were prompted to install a
seemingly legitimate update for a popular piece of software, and immediately
their devices were infected with the DarkHotel spyware, which the attackers
specifically introduced into the network a few days before their arrival and
removed a few days after. The stealthy spyware logged keystrokes and allowed
the cybercriminals to conduct targeted phishing attacks.

Read more about the DarkHotel infection and its aftermath here.

Mirai: The fall of the Internet

Botnets had been around for ages already, but the emergence of the Internet of
Things really breathed new life into them. Devices whose security had never been
considered and for which no antiviruses existed suddenly began to be infected on
a massive scale. These devices then tracked down others of the same kind, and
promptly passed on the contagion. This zombie armada, built on a piece of
malware romantically named Mirai (translated from Japanese as “future”), grew
and grew, all the while waiting for instructions.

Then one day — October 21, 2016 — the owners of this giant botnet decided to
test its capabilities by causing its millions of digital video recorders, routers, IP
cameras, and other “smart” equipment to flood the DNS service provider Dyn
with requests.

Dyn simply could not withstand such a massive DDoS attack. The DNS, as well as
services that relied on it, became unavailable: PayPal, Twitter, Netflix, Spotify,
PlayStation online services, and many others in the US were affected. Dyn
eventually recovered, but the sheer scale of the Mirai attack made the world sit up
and think about the security of “smart” things — it was the mother of all wake-up
calls.
We use cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
You can read more about Mirai, Dyn, and “the attack that broke the Internet” in
this post.

Please let us know what you think about this article

How would you rate this article?

Continue

APT attacks botnets cryptors cyberweapons Darkhotel ddos

ExPetr malware Mirai NotPetya Ransomware stuxnet threats

WannaCry

We use cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
 Related

Isn’t anyone in the middle?

We use cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
If only thewebsite
on this Internet starred by
is available in sci-fi movies
clicking on more information.
 Read next

New leakage of Facebook user data, including private

messages
The personal data of 257,000 Facebook users, including private messages belonging to 81,000 of them,
has leaked online. Hackers claim to have access to 120 million accounts.

November 2, 2018

Tips
Tips

How to control your subscriptions and save money

You’re spending way more on subscriptions than you expect. How to take control of them and save
money?

We use cookies to make your experience of our websites better. By using and further
September 12, 2023 ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
 Tips

Back-to-school threats: virtual classrooms and

videoconferencing
Web services and apps are part and parcel of the modern learning process — both online and offline.
But they’re often insecure and pose a threat to your child’s personal data. How to stay safe?

September 11, 2023

Tips

Mastodon: yet another social network — with a

difference
The decentralized Mastodon social network claims to be a different breed of social network. Here’s
how it works and how to use it without compromising privacy and security.

September 6, 2023

Tips

Back to School Security Tips

The new school year is in session. Here are some tips for keeping your kids safe both on their devices
and online.

September 4, 2023

Sign up to receive our headlines in your

inbox
We use Address
Email cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.
 I agree to provide my email address to “AO Kaspersky Lab” to receive information about
new posts on the site. I understand that I can withdraw this consent at any time via e-mail
by clicking the “unsubscribe” link that I find at the bottom of any e-mail sent to me for the
purposes mentioned above.

Home Solutions

Kaspersky Standard

Kaspersky Plus

Kaspersky Premium

All Solutions

Small Business Products

1-100 EMPLOYEES

Kaspersky Small Office Security

Kaspersky Endpoint Security Cloud

All Products

Medium Business Products

101-999 EMPLOYEES

Kaspersky Endpoint Security Cloud

Kaspersky Endpoint Security for Business Select

Kaspersky Endpoint Security for Business Advanced

All Products

Enterprise Solutions
1000 EMPLOYEES

Cybersecurity Services

Threat Management and Defense

Endpoint Security

Hybrid Cloud Security

All Solutions

We use cookies
Copyright to make
© 2023 AO your
Kaspersky experience
Lab. of our websites
All Rights Reserved. better.
• Privacy Policy • By using
Online and further
Tracking Opt-Out Guide
ACCEPT AND CLOSE
•navigating
Anti-Corruption Policy • License
this website Agreement
you accept B2C • License
this. Detailed Agreementabout
information B2B the use of cookies

on this website is available by clicking on more information.

Contact Us • About Us • Partners • Blog • Resource Center • Press Releases • Sitemap

Securelist • Eugene Personal Blog • Encyclopedia

   

 Global 

We use cookies to make your experience of our websites better. By using and further
ACCEPT AND CLOSE
navigating this website you accept this. Detailed information about the use of cookies
on this website is available by clicking on more information.