Most computer attacks are quite commonplace. In the worst case, the user sees a ransom demand on their screen, which explains that his computer has been encrypted, and that it will be unlocked only after the user has made a payment. However, things that happen are often invisible. Several types of malware operate as quietly as possible, in order to steal as much data as possible before being detected.
But the extent, or sophistication of some computer attacks, necessarily attract our attention. This article is dedicated to the 5 most spectacular and famous computer attacks of the last 10 years.
WannaCry: A real epidemic
The WannaCry attack has allowed ransomware, and computer viruses in general, to become known to everyone, including those who do not know what a byte is. Using the exploits of the Equation Group’s hacker team, which Shadow Brokers has made public, the scammers have created a monster: an encryption ransomware that can quickly spread across the Internet, and over local networks.
The WannaCry outbreak lasted four days and affected more than 200,000 computers in 150 countries. Some critical infrastructure has even been infected: WannaCry has encrypted all devices in some hospitals, including medical equipment, and some factories have been forced to stop production. If you consider recent attacks, WannaCry is the most important.
NotPetya/ExPetr: the most expensive computer attack in history
That being said, the price of the most expensive epidemic does not belong to WannaCry, but rather to another encryption ransomware, even though technically it is a wiper, called ExPetr, and also known as NotPetya. It worked the same way: using the EternalBlue and EternalRomance exploits, the worm moved on the Web, encrypting everything in its path. This action was irreversible.
Although fewer devices were infected, the NotPetya outbreak mainly affected businesses, in part because one of the first spread vectors used MeDoc financial software. The cybercriminals managed to take control of the MeDoc update server. As a result, many customers who use the software have received the malware in the form of an update, and it has spread throughout the network.
The damage caused by the computer attack NotPetya amounted to $10 billion, while according to several estimates, WannaCry would have cost between $ 4 and $ 8 billion. NotPetya is considered the most expensive international computer attack in history. Fingers crossed, and hope that if this record is beaten, it will not be soon.
Stuxnet: a splendid computer weapon
This multi-faceted malware complex is probably the most famous attack, since it neutralized uranium enrichment centrifuges, and slows down the country’s nuclear program for several years. Stuxnet was the first worm to open the debate on the use of digital weapons against the industrial system.
At that point, nothing could match Stuxnet in terms of complexity or ingenuity. The worm could spread imperceptibly through USB keys, and wait for computers that were not even connected to the Internet or the local network.
The worm was uncontrollable, and quickly proliferated worldwide, infecting hundreds of thousands of computers. However, it could not damage these computers. It has been designed to perform a specific task. The worm only occurs on computers that run programmable logic controllers and Siemens software. When it was installed in these devices, it reprogrammed these automata. Then it physically destroyed them by selecting a rotational speed too high for uranium enrichment centrifuges.
DarkHotel: spies in luxury rooms
Everyone knows that public Wi-Fi networks at cafes and airports are not the safest. Nevertheless, many people think that things are better managed in hotels. Even though a hotel’s network is public, it requires at least some permissions.
These misconceptions have cost many senior managers and high ranking officials dearly. When they connected to the hotel network, they were asked to install the apparently legitimate update of known software, and their devices were immediately infected by the DarkHotel spyware , which the scammers specifically introduced in the network a few days before the arrival of customers, and then removed a few days after their departure. Stealth spyware recorded the keystrokes, and allowed cybercriminals to carry out targeted phishing attacks.
Mirai: the fall of the Internet
The botnets have existed for years, but the emergence of the Internet of Things has really given them a boost. Devices, whose safety had never been discussed, and for which there was no antivirus, were suddenly infected on a large scale. These devices then located machines of the same kind, and quickly transmitted the infection. This army of zombies, built from software romantically called Mirai (a Japanese word meaning “future”), has grown steadily while waiting to receive instructions.
Then one day, on October 21, 2016, the owners of this huge botnet decided to test its capabilities by asking these millions of digital video recorders, routers, IP cameras, and other “smart” equipment to flood requests from the provider of DNS Dyn services.
Dyn just could not handle a denial of service attack of this magnitude. The DNS, as well as the services that use it as a base, were then unavailable: PayPal, Twitter, Netflix, Spotify, PlayStation online services, and many other US services were affected. Dyn was able to recover, but the Mirai attack was of such magnitude that it prompted the world to think about it, and to consider the safety of “smart” objects. This is the real first warning signal.