In the technological era, firms and businesses have accepted new developments with open hands. Their working mechanism and processes have been reinforced with cybersecurity protocols, making headway from simple antiviruses to XDR (Extended Detection and Response) services. Protect your digital assets from cyber security attacks with robust solutions and proactive measures. However, with rising security comes new threats, more advanced and detrimental to mechanized systems.
[ez-toc]
Following 2017, there have been several incidents that have shaken business magnates, MNCs, and enterprises. Ransomware threats have been the most potent of threats, eroding revenues and causing operational inefficiencies around the world. Let’s discuss the top 10 cyber security attacks taken place after 2017.
1. Equifax Data Breach
In the month of September 2017, Equifax proclaimed a security breach that exposed the personal information of 147 million individuals. Aligning with the Consumer Financial Protection Bureau, Federal Trade Commission, and 50 US states, the firm agreed to a settlement of $425 million. The following aspects were addressed as a result of identity theft or fraud:
- Fees paid to professionals like accountants and attorneys.
- Losses from unauthorized charges.
- Other expenses, including notary fees, postage, and phone charges, and document shipping fees.
According to a report from the University of Central Florida, Equifax introduced a system of patch management Policy in April 2015. With 8500 vulnerabilities already in action, the company could not but manage limited security practices. The hacker exploited the firm for two months undetected: He obtained an exploit tool using a CVE vulnerability that had been patched.
This data breach was one of the largest threats in history, the worst one to date.
2. WannaCry Ransomware Attack
A major cyberattack that took place in May 2017 by the WannaCry Ransomware Cryptoworm. It was planned on systems using Windows; the ransom payment was demanded in Bitcoin cryptocurrency. The hackers (The Shadow Brokers) exploited EternalBlue, a software developed by the US National Security Agency.
The initial infection took place in Asia at 07:44 UTC through a susceptible SMB port. In a day, the code affected 230,000 computers in 150 countries. The attacks were targeted at systems that ran old versions of Windows or those that didn’t install the latest updates. As of June 2017, 327 payments (US$ 130,634.77) were transferred.
According to Kaspersky Lab, the four most affected countries were Russia, India, Ukraine, and Taiwan. The attack’s dynamics were considered to be low compared to other similar threats. In another report, economic losses from the attack reached up to $4 billion.
3. NotPetya Ransomware Attack
According to Wired Magazine, the cyber-attack commenced in the wee hours of companies finalizing their work. In addition, it was planned on a holiday in Ukraine when IT firms were on leave. Although the malware was visible in other countries, such as Germany and the US, the attack tactics were novel and unknown to the defense authorities of the targeted country.
NotPetya’s targets included Chernobyl Power Plant, Kiev Airport, and the Ukrainian Healthcare System. The financial toll was high, with projected damages exceeding $10 billion. Notably, Maersk, the world’s largest container shipping company, reported losses of over $300 million due to the attack.
4. Solar Winds Supply Chain Attack
SolarWinds supply chain was one of the most intricate and long-lasting cyberattacks in recent history, displaying weaknesses inherent in organized digital ecosystems. In December 2020, it was revealed that malicious actors had compromised SolarWinds’ Orion Software, which was used by several government agencies and Fortune 500 companies.
The attack took place with attackers inserting a backdoor into the software, allowing them to infiltrate the networks of thousands of organizations worldwide. According to estimates, approximately 18,000 consumers downloaded the affected software update, with at least 100 organizations falling victim to subsequent breaches.
In addition to exposing private information, this malicious threat highlighted the difficulties in defending against supply chain attacks, which take place when enemies use endpoints and vulnerabilities to subtly enter targets.
5. Colonial Pipeline Ransomware Attack
The May 2021 ransomware attack on Colonial Pipeline serves as a clear warning of how susceptible vital infrastructure is to online attacks. One of the biggest fuel pipelines in the US was temporarily shut down as a result of the attack, which was planned by the cybercriminal organization DarkSide. This resulted in significant interruptions to the fuel supply along the East Coast.
The attack demonstrated the increasing sophistication of ransomware tactics used by cyber adversaries, in addition to the potential economic consequences of cyberattacks on critical infrastructure. Colonial Pipeline reportedly paid the hackers a ransom of almost $4.4 million to get back access to their computers, demonstrating the financial motivations behind these kinds of operations.
6. Microsoft Exchange Server Vulnerabilities
The emergence of Microsoft Exchange Server vulnerabilities was a serious concern, as attackers accessed sensitive data without authorization. According to a report, over 30,000 companies were penetrated globally in 2021 alone as a result of these vulnerabilities, underscoring the pervasiveness of these attacks.
The attack was linked to a Chinese state-sponsored hacking group called Hafnium. The weaknesses, referred to as ProxyLogon gave threat actors the capability to manage arbitrary codes on Exchange servers. Moreover, they could eavesdrop, steal sensitive data, or carry out ransomware attacks.
7. JBS Cyber Security Attacks
The JBS cyberattack of 2021 exposed the susceptibility of vital infrastructure to cyber attackers, sending shockwaves through the worldwide meat sector. Being one of the biggest meat processing corporations in the world, JBS’s production, supply networks, and ultimately consumer access to meat products were disrupted across several continents.
According to reports, JBS handed over an amount of $11 million to the attackers, highlighting the financial implications of such incidents. Another report stated that the attack compelled JBS to close facilities in the US, Canada, and Australia, which together produce a sizable amount of the world’s beef.
8. Capital One Data Breach Attack
One of the biggest cyber disasters in recent memory was the Capital One data breach that took place in July 2019. It exposed the flaws in contemporary digital banking systems. Over 100 million customers were robbed of their personal information in the incident, including 80,000 bank account numbers and about 140,000 Social Security numbers.
A compromised web application firewall was the main reason: It was not configured correctly to access data: The firewall was kept on Capital One’s cloud server without authorization. To guarantee strong security measures and proactive risk management techniques to protect client data, the financial industry’s cybersecurity policies came under increased scrutiny following the incident.
9. Twitter Bitcoin Scam
The 2020 Twitter Bitcoin hoax, which was a renowned cybersecurity concern, took control of well-known Twitter accounts, including those of well-known individuals and businesses (Barack Obama, Joe Biden, Elon Musk, and Bill Gates, among others) to advertise fictitious Bitcoin giveaways.
The scammers tricked gullible users into transferring their Bitcoin currency by taking control of their accounts. This scam took benefit of the confidence that was placed with these people as well as the attraction of cryptocurrencies. The scam brought in the criminals about $121,000 in Bitcoin in a single day.
10. Garmin Ransomware Attack
Garmin Ransomware Attack took place in July 2020. The operation procedures and processes of Garmin were severely disrupted by the cyber intrusion, which called for a multi-day impact on its GPS navigation and aviation services. The attack was linked to the WastedLocker ransomware, which was purportedly used by Evil Corp, a Russian cybercrime organization. According to sources, Garmin did not confirm or deny paying the $10 million ransom to the attackers.
Financial damages were reported in the range of $10 million to $15 million, including costs for recovery, revenue loss, and possible long-term effects on customer confidence.
It’s time to strengthen your Cyber security attacks systems against threats looming at a global level.
Get Free Threat Assessment Report for your organization
Empower your cybersecurity strategy with actionable insights. Get your Free Threat Assessment Report today!
