The 2010s had many cyber-attacks, but we were able to learn lots and improve. Keep reading to see the 10 cyber-attacks that we find important.
Since 2010, there have been billions of sensitive files, personal info, and account details that have been leaked due to hacks and breaches.
As more personal data finds its way to be online, the size and impact of breaches has increased over the years. Cyber-attacks have hit pretty much every sector and don't show signs of slowing down since people are forced to trust the safety of volunteering their personal info on several websites.
Sometimes the largest hacks and breaches aren't the ones that are bigger but are the ones that are game changers for how security changes and is approached. If this talk was discussed 10 years ago, we'd all be surprised by the numbers, now though it doesn't really affect us.
In 2011, if there was a hack or breach of 1 million+ credentials, everyone would be stressing out. Today however, we probably won't read about an attack that happens with a few million credentials stolen. Which is crazy to think about!
10 Important Cyber-Attacks Since 2010
1. Stuxnet - 2010
- One of the first examples of government led cyber-attacks that could do damage to systems and structures
- Kicked of a decade of attacks by dozens of countries aimed to destroy architecture systems
This attack was allegedly conducted between the US government and government of Israel. This attack had minor effects but had extensive implications that will eventually become important.
This was one of the first examples of cyber-attacks that were government led that could destroy physical systems and structures. This then set off many attacks that are blurring the line between military cyber-attacks and cyber-attacks against infrastructure systems.
The Stuxnet worm destroyed Iran's 984 uranium enrichment centrifuges - ruining most of their nuclear program by targeting Siemens SCADA systems.
The attack had little impact in North America. However, it started a decade of attacks by dozens of countries that intended to damage architecture systems.
Later in 2015, the Russian government used a tactic similar on Ukraine. For the first time, a government was able to shut down a power grid in another country through a cyber-attack. This then opened a door to increasing efforts by countries to include cyber-attacks in their military weaponry.
2. Target - 2013
- Hackers gained access by using a third-party contractor working for the company
- Impacted customers reached 110 million
This specific attack is one of the largest to go after a major retailer that involved a point-of-sale (POS) system that was compromised by malware.
The breach highlighted a problem that would dominate the conversation of cyber security for the rest of the decade: third-party partners. Hackers gained access to the system through a heating and air-conditioning contractor that was working for the company.
With their access, they were able to get payment card details of over 40 million customers. However, the business had to admit that the number was actually higher - impacted customers reached 110 million.
Due to the breach, the CIO had to resign a few months after the attack and the company reported that it lost over $160 million.
This hack was notable because it is the first of many breaches that involve third-party system or companies.
3. Yahoo - 2013
- In 2013, all 3 billion accounts compromised
- Biggest breach in history at that time
- Was mishandled by Yahoo - took 3 years to let the public know
- Shared financial burden of the breach with new acquisition Verizon
The Yahoo breach deserves to be mentioned because of the size and the damage that the breach had on the organization's ability to compete as an email and search engine platform.
At the time of the breach, all 3 billion Yahoo accounts were compromised. In 2013, this made it the largest breach in the history of the internet. It took Yahoo a mind-boggling 3 years to let the public know that all names, email addresses, passwords, birthdays, phone numbers, and security questions had been sold on the Dark Web by the hackers.
Experts in security say that this specific breach is notable because of how Yahoo mishandled the situation and the effect that it had on Verizon's acquisition (a staggering $4.8 billion one at that). Yahoo originally discovered that a breach had occurred in 2015 that exposed 500 million accounts.
It was confirmed by American security agencies later on that the attack was executed by a group that was connected to the Russian government. When looking into the attack from 2015, officials at Yahoo realized that 1 billion+ accounts were exposed during the breach.
In 2017, Yahoo admitted that all the accounts had been breached. Verizon then removed $400 million from the buying price and signed a deal that allowed both companies to share the financial liabilities related to the breach.
4. Sony Pictures - 2014
- Originated with the film The Interview
- The North Korean leader was enraged by the film and his government threatened to attack the US if the film was released; Sony released it digitally
- Servers at Sony were attacked, which created chaos on internal systems
- Millions of emails of film executives' feelings about actors were released
This breach made the news for a variety of reasons that made it different from the usual breaches you hear about. The situation originated with the controversial film, The Interview. The plot of this film is a plan to assassinate North Korean leader Kim Jong-un. The leader was enraged by the film and the government of North Korea then threatened to attack theatres in the US if the film was released.
Sony tried various things to mitigate the controversy and ended up agreeing to recut the movie to make it less offensive and push back the release date. Due to the threats against theatres, Sony executives to not have the film in theatres, but release it digitally.
This solution did little to make the North Korean leader less angry with the film. A group that was later tied to North Korean military attacked Sony Pictures' servers, creating chaos on their internal systems. However, some Sony executives' question if it was actually North Korea behind the attack. There have been hints that it could be an annoyed insider or the Russian government.
While the company was scared of the films being leaked, what ended up hurting them the most was the millions of emails from film executives about their true feelings about some of the world's biggest movie stars. For months, gossip sites dug through 200,000 emails from Sony executives.
The attack put North Korea into international reputation. This then started a new generation of small countries showing their force with devastating, low-cost cyber-attacks. North Korea mostly had focused efforts on attacking South Korea and Japan. However, the Sony hack was interesting because it was able to show that they can hack legitimately. They were able to put themselves on the map as a threat actor.
5. Ashley Madison - 2015
- Over 30 million email addresses and hundreds of credit cards were released
- For months, spouses were looking for their partner's email address
- Extortion and ransom demands to keep affairs a secret by hackers
Although the hack of this extramarital dating website wasn't significant financially, the cultural footprint was very wide. 30 million+ email addresses and hundreds of credit cards were released.
The breach also created months of marital disputes that came from spouses searching for their partner's emails in the leaked database.
A debate started online about the ethics of news outlets reporting famous individuals and politicians that were found in the database. There were reports of the hackers extorting people for info found on the site and demanding for ransom in exchange for hiding affairs.
In 2017, the company settled a lawsuit that was filed by users for more than $11 million. However, this did little to stop the social agitation over the information and messages conducted on the website. The aftermath of the hack is said to have life altering implications for some individuals.
In Toronto, police related 2 suicides to information that came from the leak. In New Orleans, an individual wrote a suicide note talking about the fear and embarrassment he felt about the leak.
6. The United States Office of Personnel Management - 2015
- 21 million records were accessed
- The breach endangered government officials around the world
- Hackers had access to the OPM system for over a year before being caught
This hack was done by the Chinese government and is one of the largest attacks to affect the United States.
Initially, it was estimated that 4 million records current and former government employees was related. After further analysis, it was found that 21 million records were accessed.
The data that was stolen included: background checks on individuals not hired, information about family members, college roommates, foreign contacts, psychological information, millions of social security numbers, names, birthdays, addresses, 6 million fingerprints. With all of this information stolen, it put government officials in danger around the globe.
The CIO had to retire and the director of the OPM had to resign.
A surprising discovery was found out later - the Chinese government hackers had access to the OPM system for over a year before getting caught.
7. Equifax - 2017
- Hackers released 200,000 credit card numbers and 182,000 documents with personally identifying information
- In front of Congress, the CEO said that one employee was responsible for not processing an important update
- Could have been prevented with patch management
The size of this particular breach pales compared to the value of the data that was exposed to the hackers. Equifax is one of the USA's largest credit bureaus, meaning that they had the most sensitive information on hundreds of millions of people.
Hackers were able to gain access to information of 143 million customers. This included their names, birthdays, driver's license numbers, social security numbers, and addresses. 200,000+ credit card numbers were released and 182,000 documents with personally identifying information was accessed by attackers.
The CEO of Equifax was forced to testify at 4 hearings in front of Congress where he claimed that one employee was responsible for failing to process an update that was necessary.
Equifax could rank as the most careless since the breach was due to an unpatched Struts vulnerability, which might have been prevented using the even the simplest protection measures.
Later on, it was revealed that the hackers were also able to get passport information from Equifax users that were affected. The Government Accountability Office released a detailed report about the breach.
8. Marriott Hotels - 2018
- Hackers breached the reservation system for Starwood Hotels
- 383 million affected by hackers getting information of those who stayed between 2014-2018
This breach was massive because of the amount of data that was exposed and the sensitivity of the information that was accessed.
Hackers breached the reservation systems of Starwood Hotels (was purchased by Marriott in 2016 for $13.6 billion). The cyber-attackers behind the attack had 4 years to move within that system - this included Sheraton, Westin, W Hotels, St. Regis, Four Points, Aloft, Le Meridien, Tribute, Design Hotels, Element, and the Luxury Collection.
The hackers were able to get names, credit cards, addresses, and passport numbers of millions of people who stayed at these hotels between 2014-2018.
Initially, Marriott said that 500 million people were affected, but later revised the number to 383 million after an investigation.
This breach was noteworthy because databases were attacked, and the content was protected at rest. This demonstrated that traditional database protection methods don't fully protect sensitive data records.
9. Capital One - 2019
- Hackers were able to access info of 100 million+ Americans and 6 million Canadians from 2005-2019
- The hacker was caught and charged in court
The company admitted from 2005-2019 hackers were able to see personal info of over 100 million Americans and 6 million Canadians.
These attackers were able to get information from credit card applications that had names, addresses, phone numbers, birthdays, and self-reported income. Capital One also said that hackers saw credit scores, limits, balances, payment history, social insurance numbers (1 million Canadians), and social security numbers (140,000 Americans).
Unlike other cyber criminals, the cybercriminal was caught and charged in court. The culprit was a former Amazon Web Services employee. She posted on GitHub about the attack, was charged for the breach, arraigned, and pleaded not guilty to all charges.
10. First American Financial - 2019
- 885 million files exposed dating back 15 years
- Was exposed by a security reporter who wrote a blog post
This company had a huge leak of 885 million files going back more than 15 years.
The breach was exposed by a security reporter who wrote a blog post explaining how millions of mortgage deals, bank account numbers, statements, mortgage and tax records, social security numbers, wire transaction receipts, and driver's license photos were exposed by the company.
The writer was tipped off from a real estate developer who discovered that anyone could access any of the documents from the company by changing the URL link. It's unclear if any of the information was accessed and used, but the company did take down their website.
As you have learned, there have been many cyber-attacks over the last decade. As scary as it is, we have all learned how to improve security. We hope that these examples have shed some light and that you have learned some things.
Have any other cyber-attacks that you remember? Use the section below for any comments.
It's always smart to make sure that you are safe online. Read our security awareness kit below.
Greig, Jonathan. (2019). The 10 Most Important Cyberattacks of the Decade. Retrieved Jan 28, 2019 from https://www.techrepublic.com/article/the-10-most-important-cyberattacks-of-the-decade/