8 Biggest Cyber Attacks in 21st Century

Whether they’re financially or politically motivated, cyberattacks can have enormously far-reaching effects. In the 21st century, cybersecurity has become an increasingly vital geopolitical consideration. When breached, the results can be catastrophic.

In 2017, for example, the Russian cyber military unit Sandworm orchestrated a malware attack that cost global businesses an estimated $1 billion. A few years later, on the other hand, in 2021, hackers breached the system of a water treatment facility in Florida, nearly poisoning a regional water supply by programming a dangerous increase in sodium hydroxide.

Read on to find out about some of the most impactful cyberattacks in history.

#1 Cyberattacks on Estonia (2007)

Cyberwarfare is an increasingly common element of the hybrid warfare ‘mix’ but it was still fairly novel in 2007 when Estonia was bombarded by a massive cyberattack. The attack, which massively destabilised the Baltic state’s infrastructure and economy, causing nationwide communication breakdowns, banking failures and media blackouts, came after Estonian authorities decided to move a bronze memorial of a Soviet soldier from the centre of Tallinn to a military cemetery on the outskirts of the city.

A notable characteristic of cyberwarfare is that it’s often unclear who is orchestrating an attack. This was certainly the case with the 2007 attack on Estonia: while it was widely assumed that Russia was responsible, concrete evidence was hard to come by. It was only under the condition of anonymity 10 years later that an Estonian government official told the BBC that evidence suggested the attack “was orchestrated by the Kremlin, and malicious gangs then seized the opportunity to join in and do their own bit to attack Estonia.

#2 SolarWinds Cyberattack (2020)

A cyberattack on an unprecedented scale, the Sunburst attack on SolarWinds, a major software company based in Tulsa, Oklahoma, sent shockwaves through America in 2020. The attack entailed a supply chain breach involving SolarWinds’ Orion software, which is used by many multinational companies and government agencies.

By sneaking malware code (that came to be known as Sunburst) onto a routine Orion update, the hackers, thought to be directed by a Russian espionage operation, gained unfettered access to thousands of organisations, including the US government, for up to 14 months.

#3 Ukraine Power Grid Attack (2015)

This cyberattack on the Ukrainian power grid gave the world an early taste of Russia’s capacity to engage in far-reaching cyberwarfare as part of its ongoing effort to destabilise its neighbour. Carried out a year after the annexation of Crimea – widely regarded as the moment when Russia’s war with Ukraine effectively began – this complex attack is notable for being the first successful cyberattack on a power grid.

The attack, which is attributed to the Russian cyber military unit Sandworm, began when the Prykarpattyaoblenergo control centre fell victim to a cyber breach. The infiltration enabled hackers to seize control of a substation’s computer systems and take it offline. Attacks on further substations quickly followed. Ultimately 200,000-230,000 Ukrainian citizens are estimated to have been impacted by the attack.

#4 NotPetya Malware Attack (2017)

Two years after the Ukraine power grid attack, Sandworm struck again, this time with a malware attack that, while almost certainly focused on Ukraine, inflicted enormous collateral damage across the globe. It’s estimated that organisations collectively lost $1 billion as a result of the attack.

NotPetya was so named because it initially resembled a ransomware attack called Petya, which was named after a weapons system in the James Bond film GoldenEye. But NotPetya proved to be a more significant and virulent threat. Like the WannaCry ransomware that also caused global havoc in 2017, it utilised a Windows Server Message Block (SMB) exploit to spread more rapidly.

Interestingly, although NotPetya gave the impression of being a ransomware attack, clues quickly began to suggest that the motives of its creators were more political than financial and that Ukraine was their main target. One such clue was the software used to initiate the infection was the Ukrainian tax software, M.E.Doc, which is used throughout the country. As a result, 80% of NotPetya infections were estimated to have occurred in Ukraine.

#5 WannaCry Ransomware (2017)

Carried out in the same year as NotPetya, the notorious WannaCry ransomware attack employed similar methodology but, if anything, its impact was even more far-reaching. Like NotPetya, WannaCry propagated via the Windows exploit EternalBlue, which was stolen and leaked a few months prior to the attack. Many of the organisations that fell victim to WannaCry had yet to implement recently released patches that were designed to close the exploit.

WannaCry worked by automatically spreading across networks, infecting computers then encrypting data and demanding a ransom ($300 in Bitcoin within three days or $600 within seven days) to decrypt that data. The scale of the WannaCry attack was enormous, with Europol estimating that around 200,000 computers were infected across 150 countries. In the UK, it had a particularly alarming impact on the NHS, infecting 70,00 devices including computers, MRI scanners and other theatre equipment. Perhaps unsurprisingly the attack sparked an inquest into apparent NHS cybersecurity flaws.

Attribution for the attack has been disputed but it is widely thought that the North Korea-linked Lazarus Group was responsible.

#6 Florida Water System Attack (2021)

A troubling reminder that outmoded tech can provide hackers with an easy entrance point onto an otherwise sophisticated network. In the case of this attack on a water treatment facility in Oldsmar, Florida, an old PC running Windows 7 with no firewall enabled a hacker to gain access and increase the amount of sodium hydroxide in the water by a factor of 100. The breach could have been catastrophic had it not been caught in time.

#7 Colonial Pipeline Ransomware (2021)

Perhaps the most shocking thing about this cyberattack is the fact that it supposedly took just one compromised password to disable the largest petroleum pipeline in America for several days. On 7 May 2021, the Colonial Pipeline Company reported that it had fallen prey to a cybersecurity attack involving ransomware and had been forced to take its pipeline – which supplies about half of the East Coast’s gasoline – offline. The potential impact of a prolonged disruption was deemed serious enough to justify paying the hackers, an eastern European outfit called DarkSide, $4.4 million worth of bitcoin.

#8 Kaseya Supply Chain Ransomware (2021)

This ransomware attack echoed the SolarWinds hack in that it targeted MSPs (Managed Service Provider) to achieve a more far-reaching impact. Breach an MSP and you can compromise far more than one company. In June 2021 Kaseya, a Florida-based IT management software provider used by numerous MSPs was hit by a supply chain ransomware attack.

Hackers (identified as the ransomware gang REvil) had pushed malware to Kaseya’s global customer base via a phoney update for its Virtual System Administrator (VSA) solution. The ripple effect was extremely widespread, impacting 60 Kaseya customers (mostly MSPs) and their customers. It’s been reported that more than 1,500 companies were affected.

Stanley Ng (Stan) 黄宝明

Stan is a trainer, consultant, and coach for the past 15 years and has personally trained, consulted, and coached over 5,000 professionals from 45 fortune 500 companies. Stan is currently an active VMware Certified Instructor and Google Cloud Authorised Trainer delivering authorised IT trainings. Started his career as an IT engineer in 2005. By 2007, he led a team of 27 professionals from 5 countries managing large projects of over 10,000 users. From 2008 onwards, he started delivering training for fortune 500 companies. 

  • WSQ Advanced Certificate in Training & Assessment (ACTA)
  • VMware Certified Instructor (VCI)
  • VMware Certified Professional Data Center Virtualization (VCP-DCV)
  • VMware Certified Professional Cloud Management Automation (VCP-CMA)
  • VMware Certified Professional Network Virtualization (VCP-NV)
  • VMware Certified Professional Digital Workspace (VCP-DW)
  • EC-Council Certified Instructor (CEI)
  • EC-Council Certified Ethical Hacker (CEH)
  • Microsoft Certified Technology Specialist (MCTS) Hyper V
  • Certified Commvault Instructor (CCI)
  • CompTIA Certified Cloud+ & Mobility+
  • Cisco Certified Network Associate (CCNA)
  • Juniper Network Certified Instructor (JNCI)
  • CompTIA Certified Instructor
  • Symantec Certified Instructor
  • Google Cloud Authorised Trainer
  • AWS Certified Cloud Practitioner
0
Instructor Status
0 y
Production Experience
0 y
Training Experience
0
Fortune Companies
0 k
Professional Clients
0 k
Linkedin Followers
0 k
Facebook Followers

Clients That I've Personally Worked With...

What New Skill Do You Want To Learn Today?
On-Demand Training Videos to Build Your Skills, Accelerate Your Expertise & Advance Your Career

What Are Students Saying About Our On-Demand Training

After the course, I make $300 weekly as a freelance copywriter working from home.
Cait (United States)
After the course, I'm able to market properties on my own property blog which I designed.
Chelsea (United States)
After the course, I generate 5 times more leads and my customer base has tripled!
Diana (United States)
After the course, I provide facebook marketing as a service and make an extra $17k a month.
Ankit (India)
After the course, my perspective of running a successful business totally changed.
Ivan (Romania)
After the course, I make an extra stream of income from home and spend quality time with my kids.
Liz (United States)
After the course, my sales increased by 39% over the last 90 days!
Simon (United Kingdom)
After the course, I setup a new business generating over $15k monthly designing ecommerce sites.
Filiyann (United Kingdom)
After the course, I now have an ecommerce website where clients can order and pay online anytime.
Douglas (Malaysia)
After the course, I secure a job as the interviewer was impressed with the way I answered the questions.
Xiwen (China)
After the course, I witness a 67% increase in overall sales because of good copywriting.
Kraig (United States)
After the course, I have head-hunters inviting me for interviews and I'm confident I'll secure a job soon!
Dan (United States)
After the course, I learnt valuable experience and got a comprehensive property investment checklist.
Jade (United States)
After the course, I maximize my marketing ROI, increase conversion and enhance brand loyalty.
Mirza (Bosnia and Herzegovina)
After the course, a fresh email newsletter is automatically send weekly to my customers.
Karen (Romania)

Protect Against 7 Types of Cyber Attacks

What Constitutes a Cyber Attack?

When there is an unauthorised system or network access by a third party, we classify it as a cyber attack. When an attack is carried out, it can lead to data breaches, resulting in data loss or data manipulation. Organizations incur financial losses, customer trust gets hampered, and there is reputational damage.

Cybersecurity is the method of safeguarding networks, computer systems, and their components from unauthorized digital access. There are many varieties of cyber attacks that happen in the world today. If we know the various types of cyberattacks, it becomes easier for us to protect our networks and systems against them. 

#1 Malware Attack

This is one of the most common types of cyberattacks. “Malware” refers to malicious software viruses including worms, spyware, ransomware, adware, and trojans. The trojan virus disguises itself as legitimate software. Ransomware blocks access to the network’s key components, whereas Spyware is software that steals all your confidential data without your knowledge. Adware is software that displays advertising content such as banners on a user’s screen. Malware breaches a network through a vulnerability. When the user clicks a dangerous link, it downloads an email attachment or when an infected pen drive is used. 

Let’s now look at how we can prevent a malware attack:

  • Use antivirus software. It can protect your computer against malware. Avast Antivirus, Norton Antivirus, and McAfee Antivirus are a few of the popular antivirus software.
  • Use firewalls. Firewalls filter the traffic that may enter your device. Windows and Mac OS X have their default built-in firewalls, named Windows Firewall and Mac Firewall.
  • Stay alert and avoid clicking on suspicious links.
  • Update your OS and browsers, regularly.

#2 Phishing Attack

Phishing attacks are one of the most prominent widespread types of cyberattacks. It is a type of social engineering attack wherein an attacker impersonates to be a trusted contact and sends the victim fake mails. Unaware of this, the victim opens the mail and clicks on the malicious link or opens the mail’s attachment. By doing so, attackers gain access to confidential information and account credentials. They can also install malware through a phishing attack. 

Phishing attacks can be prevented by following the below-mentioned steps:

  • Scrutinize the emails you receive. Most phishing emails have significant errors like spelling mistakes and format changes from that of legitimate sources.
  • Make use of an anti-phishing toolbar.
  • Update your passwords regularly.

#3 Man-in-the-Middle Attack

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In this attack, an attacker comes in between a two-party communication, i.e., the attacker hijacks the session between a client and host. By doing so, hackers steal and manipulate data. As seen below, the client-server communication has been cut off, and instead, the communication line goes through the hacker.

MITM attacks can be prevented by following the below-mentioned steps:

  • Be mindful of the security of the website you are using. Use encryption on your devices.
  • Refrain from using public Wi-Fi networks.

#4 Denial-of-Service Attack

A Denial-of-Service Attack is a significant threat to companies. Here, attackers target systems, servers, or networks and flood them with traffic to exhaust their resources and bandwidth. When this happens, catering to the incoming requests becomes overwhelming for the servers, resulting in the website it hosts either shut down or slow down. This leaves the legitimate service requests unattended. It is also known as a DDoS (Distributed Denial-of-Service) attack when attackers use multiple compromised systems to launch this attack. 

Let’s now look at how to prevent a DDoS attack:

  • Run a traffic analysis to identify malicious traffic.
  • Understand the warning signs like network slowdown, intermittent website shutdowns, etc. At such times, the organization must take the necessary steps without delay.
  • Formulate an incident response plan, have a checklist and make sure your team and data center can handle a DDoS attack.
  • Outsource DDoS prevention to cloud-based service providers.

#5 Zero-Day Exploit

A Zero-Day Exploit happens after the announcement of a network vulnerability; there is no solution for the vulnerability in most cases. Hence the vendor notifies the vulnerability so that the users are aware; however, this news also reaches the attackers. Depending on the vulnerability, the vendor or the developer could take any amount of time to fix the issue. Meanwhile, the attackers target the disclosed vulnerability. They make sure to exploit the vulnerability even before a patch or solution is implemented for it. 

Zero-day exploits can be prevented by:

  • Organizations should have well-communicated patch management processes. Use management solutions to automate the procedures. Thus it avoids delays in deployment.
  • Have an incident response plan to help you deal with a cyberattack. Keep a strategy focussing on zero-day attacks. By doing so, the damage can be reduced or completely avoided.

#6 Cryptojacking

The term Cryptojacking is closely related to cryptocurrency. Cryptojacking takes place when attackers access someone else’s computer for mining cryptocurrency. The access is gained by infecting a website or manipulating the victim to click on a malicious link. They also use online ads with JavaScript code for this. Victims are unaware of this as the Crypto mining code works in the background; a delay in the execution is the only sign they might witness. 

Cryptojacking can be prevented by following the below-mentioned steps:

  • Update your software and all the security apps as cryptojacking can infect the most unprotected systems.
  • Have cryptojacking awareness training for the employees; this will help them detect crypotjacking threats.
  • Install an ad blocker as ads are a primary source of cryptojacking scripts. Also have extensions like MinerBlock, which is used to identify and block crypto mining scripts.

#7 SQL Injection Attack

A Structured Query Language (SQL) injection attack occurs on a database-driven website when the hacker manipulates a standard SQL query. It is carried by injecting a malicious code into a vulnerable website search box, thereby making the server reveal crucial information. This results in the attacker being able to view, edit, and delete tables in the databases. Attackers can also get administrative rights through this. 

To prevent a SQL injection attack:

  • Use an Intrusion detection system, as they design it to detect unauthorized access to a network.
  • Carry out a validation of the user-supplied data. With a validation process, it keeps the user input in check.

Stanley Ng (Stan) 黄宝明

Stan is a trainer, consultant, and coach for the past 15 years and has personally trained, consulted, and coached over 5,000 professionals from 45 fortune 500 companies. Stan is currently an active VMware Certified Instructor and Google Cloud Authorised Trainer delivering authorised IT trainings. Started his career as an IT engineer in 2005. By 2007, he led a team of 27 professionals from 5 countries managing large projects of over 10,000 users. From 2008 onwards, he started delivering training for fortune 500 companies. 

  • WSQ Advanced Certificate in Training & Assessment (ACTA)
  • VMware Certified Instructor (VCI)
  • VMware Certified Professional Data Center Virtualization (VCP-DCV)
  • VMware Certified Professional Cloud Management Automation (VCP-CMA)
  • VMware Certified Professional Network Virtualization (VCP-NV)
  • VMware Certified Professional Digital Workspace (VCP-DW)
  • EC-Council Certified Instructor (CEI)
  • EC-Council Certified Ethical Hacker (CEH)
  • Microsoft Certified Technology Specialist (MCTS) Hyper V
  • Certified Commvault Instructor (CCI)
  • CompTIA Certified Cloud+ & Mobility+
  • Cisco Certified Network Associate (CCNA)
  • Juniper Network Certified Instructor (JNCI)
  • CompTIA Certified Instructor
  • Symantec Certified Instructor
  • Google Cloud Authorised Trainer
  • AWS Certified Cloud Practitioner
0
Instructor Status
0 y
Production Experience
0 y
Training Experience
0
Fortune Companies
0 k
Professional Clients
0 k
Linkedin Followers
0 k
Facebook Followers

Clients That I've Personally Worked With...

What New Skill Do You Want To Learn Today?
On-Demand Training Videos to Build Your Skills, Accelerate Your Expertise & Advance Your Career

What Are Students Saying About Our On-Demand Training

After the course, I make $300 weekly as a freelance copywriter working from home.
Cait (United States)
After the course, I'm able to market properties on my own property blog which I designed.
Chelsea (United States)
After the course, I generate 5 times more leads and my customer base has tripled!
Diana (United States)
After the course, I provide facebook marketing as a service and make an extra $17k a month.
Ankit (India)
After the course, my perspective of running a successful business totally changed.
Ivan (Romania)
After the course, I make an extra stream of income from home and spend quality time with my kids.
Liz (United States)
After the course, my sales increased by 39% over the last 90 days!
Simon (United Kingdom)
After the course, I setup a new business generating over $15k monthly designing ecommerce sites.
Filiyann (United Kingdom)
After the course, I now have an ecommerce website where clients can order and pay online anytime.
Douglas (Malaysia)
After the course, I secure a job as the interviewer was impressed with the way I answered the questions.
Xiwen (China)
After the course, I witness a 67% increase in overall sales because of good copywriting.
Kraig (United States)
After the course, I have head-hunters inviting me for interviews and I'm confident I'll secure a job soon!
Dan (United States)
After the course, I learnt valuable experience and got a comprehensive property investment checklist.
Jade (United States)
After the course, I maximize my marketing ROI, increase conversion and enhance brand loyalty.
Mirza (Bosnia and Herzegovina)
After the course, a fresh email newsletter is automatically send weekly to my customers.
Karen (Romania)