By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Versatile Threats: Dangers for any Device – Kaspersky Daily
    12 months ago
    Kaspersky Internet Security for Android wins independent anti-virus testing
    12 months ago
    DEF CON 23: Tell me who you are and I will tell you your lock screen pattern
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    2 days ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    3 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    3 days ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Cloudflare Introduces User Friendly CAPTCHA Alternative Called Turnstile
    12 months ago
    Windows 10 build 19044.1947 (KB5016688) outs as preview
    12 months ago
    How to disable WiFi or Ethernet network adapter on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Detecting zero-days before zero-day
    Detecting zero-days before zero-day
    22 hours ago
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    22 hours ago
    Network performance update: Birthday Week 2023
    Network performance update: Birthday Week 2023
    22 hours ago
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    2 days ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    2 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Why is it so popular and why is it dangerous?
    12 months ago
    How to calibrate the display on a smartphone?
    12 months ago
    5 Useful Things Google Maps Can Do
    12 months ago
    Latest News
    How to enable extensions for Google Bard AI
    2 days ago
    Window 11 Copilot: 10 Best tips and tricks
    2 days ago
    How to create AI images with Cocreator on Paint for Windows 11
    3 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    4 days ago
  • Glossary
  • My Bookmarks
Reading: Top 5 most notorious cyberattacks
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Threats

Top 5 most notorious cyberattacks

Tom Grant
Last updated: 13 October
Tom Grant 4 years ago
Share
8 Min Read

Most cyberattacks are fairly mundane. In the worst cases, the user sees an on-screen ransom demand explaining that the computer is encrypted and can be unlocked after payment. Oftentimes, however, nothing visible happens at all — many types of malware act as surreptitiously as possible to maximize data theft before being spotted.

Contents
WannaCry: A real epidemicNotPetya/ExPetr: The costliest cyberattack to dateStuxnet: A smoking cybergunDarkHotel: Spies in suite roomsMirai: The fall of the Internet

But with some cyberattacks, their scale or sophistication cannot fail to attract attention. This post is dedicated to the five most spectacular and notorious cyberattacks of the last decade.

WannaCry: A real epidemic

The WannaCry attack put ransomware, and computer malware in general, on everyone’s map, even those who don’t know a byte from a bite. Using exploits from the Equation Group hacking team that were made publicly available by the Shadow Brokers, the attackers created a monstrosity — a ransomware encryptor able to spread quickly over the Internet and local networks.

The four-day WannaCry epidemic knocked out more than 200,000 computers in 150 countries. This included critical infrastructure: In some hospitals, WannaCry encrypted all devices, including medical equipment, and some factories were forced to stop production. Among recent attacks, WannaCry is the most far-reaching.

See here for more details about WannaCry, and here and here for business aspects of the epidemic. Incidentally, WannaCry is still out there, endangering the world’s computers. To find out how to configure Windows to stay protected, read this post.

NotPetya/ExPetr: The costliest cyberattack to date

That said, the title of most costly epidemic does not go to WannaCry, but rather to another ransomware encryptor (technically a wiper, but that doesn’t alter the bottom line) called ExPetr, also known as NotPetya. Its operating principle was the same: Using EternalBlue and EtrernalRomance exploits, the worm moved around the Web, irreversibly encrypting everything in its path.

Although it was smaller in terms of total number of infected machines, the NotPetya epidemic targeted mainly businesses, partly because one of the initial propagation vectors was through the financial software MeDoc. The cybercriminals managed to gain control over the MeDoc update server, causing many clients using the software to receive the malware disguised as an update, which then spread across the network.

The damage from the NotPetya cyberattack is estimated at $10 billion, whereas WannaCry, according to various estimates, lies in the $4–$8 billion range. NotPetya is considered the costliest global cyberattack in history. Fingers crossed that if this record is ever broken, it won’t be soon.

More information about the NotPetya/ExPetr epidemic can be found in this post; the pain it caused businesses is examined here; and see here for why the epidemic, capable of disabling large businesses, affects not only those whose computers are infected, but everyone else as well.

Stuxnet: A smoking cybergun

Probably the most famous attack was the complex, multifaceted malware that disabled uranium-enrichment centrifuges in Iran, slowing down the country’s nuclear program for several years. It was Stuxnet that first prompted talk of the use of cyberweapons against industrial systems.

Back then, nothing could match Stuxnet for complexity or cunning — the worm was able to spread imperceptibly through USB flash drives, penetrating even computers that were not connected to the Internet or a local network.

The worm spun out of control and quickly proliferated around the world, infecting hundreds of thousands of computers. But it could not damage those computers; it had been created for a very specific task. The worm manifested itself only on computers operated by Siemens programmable controllers and software. On landing on such a machine, it reprogrammed these controllers. Then, by setting the rotational speed of the uranium-enrichment centrifuges too high, it physically destroyed them.

A lot of ink has been spilled over Stuxnet, including a whole book, but for a general understanding of how the worm spread and what it infected, this post should suffice.

DarkHotel: Spies in suite rooms

It is no secret that public Wi-Fi networks in cafés or airports are not the most secure. Yet many believe that in hotels things should be better. Even if a hotel’s network is public, at least some kind of authorization is required.

Such misconceptions have cost various top managers and high-ranking officials dearly. On connecting to a hotel network, they were prompted to install a seemingly legitimate update for a popular piece of software, and immediately their devices were infected with the DarkHotel spyware, which the attackers specifically introduced into the network a few days before their arrival and removed a few days after. The stealthy spyware logged keystrokes and allowed the cybercriminals to conduct targeted phishing attacks.

Read more about the DarkHotel infection and its aftermath here.

Mirai: The fall of the Internet

Botnets had been around for ages already, but the emergence of the Internet of Things really breathed new life into them. Devices whose security had never been considered and for which no antiviruses existed suddenly began to be infected on a massive scale. These devices then tracked down others of the same kind, and promptly passed on the contagion. This zombie armada, built on a piece of malware romantically named Mirai (translated from Japanese as “future”), grew and grew, all the while waiting for instructions.

Then one day — October 21, 2016 — the owners of this giant botnet decided to test its capabilities by causing its millions of digital video recorders, routers, IP cameras, and other “smart” equipment to flood the DNS service provider Dyn with requests.

Dyn simply could not withstand such a massive DDoS attack. The DNS, as well as services that relied on it, became unavailable: PayPal, Twitter, Netflix, Spotify, PlayStation online services, and many others in the US were affected. Dyn eventually recovered, but the sheer scale of the Mirai attack made the world sit up and think about the security of “smart” things — it was the mother of all wake-up calls.

You can read more about Mirai, Dyn, and “the attack that broke the Internet” in this post.


Source: kaspersky.com

Translate this article

TAGGED: Authentication, Malware, Phishing, PoC, RC4, Security, Software, SQL injection, Threats, Vulnerabilities, Windows
Tom Grant October 13, 2022 September 30, 2019
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Detecting zero-days before zero-day
Detecting zero-days before zero-day
Apps 22 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps 22 hours ago
Network performance update: Birthday Week 2023
Network performance update: Birthday Week 2023
Apps 22 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 2 days ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 2 days ago

You Might Also Like

Detecting zero-days before zero-day
Apps

Detecting zero-days before zero-day

22 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps

See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan

22 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps

Cloudflare now uses post-quantum cryptography to talk to your origin server

2 days ago
Privacy-preserving measurement and machine learning
Apps

Privacy-preserving measurement and machine learning

2 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme

10 New Stories

Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
Previous Next
Hot News
Detecting zero-days before zero-day
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Network performance update: Birthday Week 2023
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?