Over the years we have seen how organizations have lost huge sums of money to cybersecurity attacks. A 2017 report from Cybersecurity Ventures predicted ransomware damages would cost the world $11.5 billion in 2019 and it is estimated that costs will reach $20 billion by 2021. When it comes to cybersecurity, companies still have a lot of work to do to find ways to anticipate and avoid data breaches. Let’s take a look at a few of the most notorious cybersecurity attacks that have happened over the last few decades and see what we can learn.
NASA and U.S. Defense Department - 1999
In 1999, a 15-year-old hacker named Jonathan James managed to shut down NASA’s computers for a total of 21 days. The hacker gained access to 13 computers at the Marshall Space Flight Center and was able to download $1.7 million worth of NASA proprietary software. The hacker gained access through a router and installed a back door for access. In doing so, he managed to access thousands of messages, usernames and passwords, as well as source code for the International Space Station.
According to NASA, “the software [purported to be worth $1.7 million] supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.” Having systems down for three weeks cost NASA a total of $41,000.
Advice: Rectify and fortify - your code is only as strong as its weakest part.
Performing regular revisions of software and hardware can help your enterprise spot possible vulnerabilities and patch them before they've been exploited. It's important to keep equipment up to date and perform regular patch cycles on them. It's worth nothing to enforce security policies on your employees if your equipment is vulnerable to external attacks.
The Melissa virus - 1999
The Melissa virus was a mass-mailing macro virus targeting Microsoft Word and Outlook-based systems. While the actual damage was minimal other than slowing connection speeds to a crawl, panic spread like wildfire with companies shutting down their internet connections. The hacker, David Smith, placed the virus hidden inside a file that promised usernames and passwords to fee-based adult websites. Once downloaded and opened using a Word doc, the virus was activated and spread through the system. This became the first successful mass-mailing worm and while it looked like a simple virus, it cost a total of $80 million in damage.
Advice: Avoid downloading random files from the internet and opening them.
It's well known how many attacks are due to a human error. Therefore, enforcing security policies and training staff is vital to ensure your systems and data are safe.
Heartland Payment system - 2008
Payment processing company Heartland’s systems were compromised by malware through a SQL injection attack. This is one of the most dangerous and commonly exploited vulnerabilities to steal data. Old and vulnerable code was not identified in annual internal and external audits, allowing hackers entry into the system. The intruders managed to bypass various antivirus packages, installing sniffer software that captured payment card data, focusing on stealing data in transit. Even though the company had been warned by security analysts, Heartland didn’t seem to worry. The breach was discovered almost a year later by Visa and MasterCard and cost a reported $200 million.
Advice: Listen to security specialists and don’t assume third-party software is secure; respond quickly to a breach.
In 2017, a global ransomware attack known as WannaCry affected a number of countries and sectors. This type of malware encrypts user data and demands a ransom. Despite the fact that it started spreading around the world in 2017, this ransomware worm is still live on the internet and can also be found under the names WannaCrypt, WanaCrypt0r, WRrypt, and WCRY. WannaCry combines two malicious software components — a worm that spreads rapidly without user interaction, and a ransomware that encrypts user files and then asks for money in order to decrypt the files.
Advice: Update and protect your systems.
Having backups and storing work on a network share can minimize the losses. Ensure your Enterprise updates systems and don't allow personal emails to be opened on work laptops or PCs.
The World Health Organization - 2020
The World Health Organization was recently the victim of a cybersecurity attack. Various groups working on the coronavirus pandemic saw staff emails and passwords dumped online, including the National Institutes of Health, the World Health Organization and the Gates Foundation. How did it happen? There’s not a clear answer as no one knows where or when the data breach came from or if the passwords and email addresses gave hackers an entry point. It is thought that the ‘Elite Hackers’ might be behind this cyberattack where nearly 25,000 email addresses and passwords were leaked.
Advice: Check your vulnerabilities and do not rely on antivirus software or blindly trust in new software.
It is important to perform penetration tests regularly. Relying on professionals can help your enterprise to identify new vulnerabilities. Keep your OS and apps up to date.