A History of Cyber Attacks

In recent years, cyber attacks have become increasingly sophisticated and targeted. From malware to ransomware to cyber espionage campaigns, a wide variety of malicious actors have utilized different methods to exploit security vulnerabilities. Here are some of the most noteworthy attacks of the past decade, and the takeaways we can learn from them.

Aurora

In 2010, the Aurora attack targeted Google China, demonstrating that no organization is immune from cyber attacks. This attack serves as a reminder to all organizations to take cyber security seriously and implement the necessary measures to protect against cyber

Stuxnet

In 2010, the Stuxnet malware demonstrated the potential for cyber espionage and cyber warfare. This attack serves as a reminder of the importance of security measures and the vigilance required to protect against sophisticated cyber threats.

FinFisher

In 2012, the FinFisher spyware was used by governments to monitor citizens. This attack serves as a reminder that governments must be held to account for their use of surveillance technologies, and that organizations must take steps to protect their data and privacy.

Shamoon

In 2012 and 2016, the Shamoon malware wiped data from computers in the Middle East. This attack is a reminder of the importance of backing up data to prevent a complete loss.

Dark Seoul

In 2013, the Dark Seoul cyber attack targeted South Korean media and financial institutions. This attack serves as a reminder of the need for organizations to have security measures in place to protect against cyber attacks.

Dridex

In 2014, the Dridex banking Trojan was used to steal financial information. This attack serves as a reminder that financial institutions must be vigilant against malware designed to steal sensitive information.

Carbanak

In 2014, the Carbanak advanced persistent threat targeted financial institutions. This attack serves as a reminder that financial institutions must have strong security measures in place to protect against advanced threats.

Mirai

In 2016, the Mirai botnet used Internet of Things devices to attack networks. This attack serves as a reminder of the importance of IoT security.

WannaCry

In 2017, the WannaCry ransomware exploited Windows vulnerabilities. This attack serves as a reminder of the importance of patching systems regularly to prevent cyber attacks.

Triton

In 2017, the Triton malware targeted safety systems of a petrochemical plant. This attack serves as a reminder that safety systems must be monitored for malicious activity.

NotPetya

In 2017, the NotPetya ransomware used stolen NSA exploit. This attack serves as a reminder of the potential damage that can occur when government exploits are stolen and used for malicious purposes.

DarkHotel

In 2014, the DarkHotel cyber espionage campaign targeted travelers in luxury hotels. This attack serves as a reminder that targeted attackers will use any means to gain access to confidential information.

NPM Event Stream Supply Chain Attack

In 2018, malicious code was inserted into an NPM JavaScript library. This attack serves as a reminder that supply chain attacks are a growing threat, and organizations must be aware of the risks and take steps to protect themselves.

SolarWinds

In 2020, the SolarWinds cyber espionage campaign targeted government agencies in multiple countries. This attack serves as a reminder of the growing threat of cyber espionage and the need for vigilance to protect against such attacks.

GreenDispenser and ZeroCleare

In 2020, the GreenDispenser and ZeroCleare malware targeted ATMs and point-of-sale systems, respectively. These attacks serve as a reminder of the need to monitor ATMs and point-of-sale systems for malicious activity, as well as the importance of backing up data to prevent a complete loss.

Plotus and Suceful

In 2021, the Plotus and Suceful malware targeted cryptocurrency users and ATMs and point-of-sale systems, respectively. These attacks serve as a reminder of the need to take steps to protect against malicious actors when dealing with cryptocurrency, as well as the need to monitor ATMs and point-of-sale systems for malicious activity.

Golden SAML and SwiftSlicer

In 2021, the Golden SAML attack leveraged Active Directory misconfigurations, and the SwiftSlicer malware was deployed in a target environment using Active Directory Group Policy. These attacks serve as a reminder of the need to ensure that Active Directory is configured correctly and securely, and that organizations must be aware of the potential for malicious actors to use Active Directory Group Policy to deploy malware.

Conclusion

Overall, these recent attacks demonstrate the need for organizations to remain vigilant and have the necessary security measures in place to protect against cyber attacks. From backing up data to patching systems regularly to monitoring ATMs and point-of-sale systems for malicious activity, these measures can help protect against the growing threat of cyber attacks.


Data Table

Attack Year Summary Methodology Takeaway
Coreflood 2001 Botnet that targeted financial institutions Botnet Financial institutions must be vigilant against botnets
Code Red 2001 Worm that targeted Microsoft IIS web servers Worm Web servers must be patched and updated regularly
MyDoom 2004 Worm that spread via email and targeted Microsoft Spreading via email Email security must be taken seriously
Aurora 2010 Cyber attack that targeted Google China Cyber attack Cyber attacks can target any organization
Storm Worm 2007 Malware that spread via email and infected millions of computers Malware Email security must be taken seriously
Zeus 2007 Trojan malware used to steal banking information Trojan malware Security measures must be in place to prevent theft of financial information.
Stuxnet 2010 Malware, self-replicating worm targeting industrial control systems Malware, self-replicating worm Demonstrated potential for cyber espionage and cyber warfare
FinFisher 2012 Spyware used by governments to monitor citizens Spyware Governments must be held to account for their use of surveillance technologies.
Tyupkin 2014 Malware that targeted ATMs Malware ATMs must be monitored for malicious activity.
Shamoon 2012 Malware that targeted Saudi Aramco, wiping data Malware Data must be backed up to prevent a complete loss
Wiper 2012 Malware that wiped data from computers in the Middle East Malware Data must be backed up to prevent a complete loss
Dridex 2014 Banking Trojan used to steal financial information Banking Trojan Financial institutions must be vigilant against malware designed to steal sensitive information.
Carbanak 2014 Advanced persistent threat that targeted financial institutions Advanced persistent threat Financial institutions must have strong security measures in place to protect against advanced threats.
DarkHotel 2014 Cyber espionage campaign that targeted travelers in luxury hotels Cyber espionage Targeted attackers will use any means to gain access to confidential information
BlackEnergy 2015 Malware targeting critical infrastructure in Ukraine Malware Critical infrastructure must be protected from cyber attacks
Mirai 2016 Botnet that used Internet of Things devices to attack networks Botnet IoT security must be taken seriously
Triton 2017 Malware that targeted safety systems of a petrochemical plant Malware Safety systems must be monitored for malicious activity
NotPetya 2017 Ransomware that used stolen NSA exploit Ransomware Stealing and using government exploit can put many at risk
WannaCry 2017 Ransomware that exploited Windows vulnerabilities Ransomware Patching systems is essential for security
NPM Event Stream Supply Chain Attack 2018 Malicious code inserted into NPM JavaScript library Supply chain attack Supply chain attacks are a growing threat
SolarWinds 2020 Cyber espionage campaign that targeted government agencies in multiple countries Cyber espionage Cyber espionage is a growing threat, and organizations must remain vigilant against attacks.
GreenDispenser 2020 Malware targeting ATMs and point-of-sale systems Malware ATMs and point-of-sale systems must be monitored for malicious activity.
Plotus 2021 Malware that targets cryptocurrency users Malware Cryptocurrency users must take steps to protect their data and funds.
Suceful 2021 Malware targeting ATMs and point-of-sale systems Malware ATMs and point-of-sale systems must be monitored for malicious activity.
Golden SAML 2021 Attack that leverages Active Directory misconfigurations Attack Organizations must ensure that Active Directory