Two years ago this month, WannaCry shut down computers across the globe in a matter of hours. Hackers ransomed hundreds of thousands of machines across 150 countries and demanded cryptocurrency to unlock them. On the anniversary of one of the world’s most devastating cyber-attacks, there are big lessons to be learned from the whirlwind that was WannaCry and other damaging global cyber threats.
WannaCry Then and Now
WannaCry was one of several highly classified hacking tools developed by and then stolen from the National Security Agency (NSA) in 2017. Hackers published the ransomware online for anyone to use. Microsoft, already aware of the theft, pushed out a patch that would protect systems from WannaCry; however, those slow to make the fix had to be reminded – the hard way – of the importance of timely patching.
WannaCry was unique in several ways but perhaps most notably, the wild-fire speed at which it spread. In a few hours, WannaCry created billions of dollars in damage. No industry was immune – hospitals, governments, private companies and others were all hit. Even now, two years later, WannaCry variants continue to be a threat despite the availability of patches. New reports say Eastern countries, namely India, have the highest detection rates.
Nearly as old as common-use of the Internet, ransomware is said to have started in 1989 when the World Health Organization fell victim to the AIDS Trojan. The hacker demanded users cough up $189 to regain access. Beyond ransomware, cyber criminals also have countless other exploit possibilities to secure financial gain.
Attack Types on the Rise
A new report from Booz Allen predicts organizations will face growing cyber-attacks across eight categories in 2019:
- Government-run information warfare campaigns
- IoT device hacks
- ‘Chip and Pin’ weaknesses
- Weaponization of adware networks
- Use of AI in information warfare
- Expansion of wireless attack surface
- State-sponsored threat actors
- Water utility targeting
While all scary predictions, these are layered on top of the now-standard attack types every organization faces almost daily: phishing tactics, denial of service attacks, web-based malware and many others.
For more information on top cyber threats, we’ve highlighted a few of our favorites in our next episode of Cybersecurity Insights, including: MafiaBoy’s Denial of Service, Conficker, Jonathan James and the US Department of Defense, Shamoon and the Melissa virus. Watch the video below for more our top 5 cyber-attacks and how to prevent them. While you’re at it, subscribe to our full Cybersecurity Insights video series on YouTube.
Today, let’s take a look at some recently successful cyber attacks. Some of these no one saw coming.
To be sure, attacks can be successful or extinguished from the very start. But the iron-clad rule of cyberattacks is that they come in many forms, from all directions, and from incredibly different sources.
Let’s count down some of the interesting ones…
Number 5: Mafiaboy’s Denial of Service.
Michael Kals, aka Mafiaboy, then 15 years old, claimed that he had unknowingly input several widely known IP addresses into a security tool that he had downloaded from the web. Being a teenager, Kals went off to school and returned home to find his exploits were plastered all over the news.
Denial of service attacks, like Mafiaboy, flood a site with traffic, disabling its ability to serve legitimate users. Yahoo, which, at the time, was the world’s most used search engine, collapsed. Buy.com, eBay, CNN, and Amazon were all brought down for several hours, costing billions in the aftermath.
Number 4: Conficker
In 2008, the worm exploited a number of Windows operating systems. It, then, linked computers together into a massive botnet (which was a new idea at the time).
Conficker had several spoils of victory, including the creation of a whole class of threats and leaving many world leaders with no choice but to call in favors from other nations to mitigate the attack.
Number 3: Jonathan James (1999)
James breaches the US Department of Defense in 1999, stealing passwords, confidential messages, and software designed for space exploration and the US military.
In the 1960s John F. Kennedy had famously urged the US to “Go to the moon…not because it is easy, but because it is hard”. Mission accomplished.
But 30 years later, NASA had to shut down its entire network for three weeks, costing millions in response to James’s brute force attack.
Number 2: Sony Pictures
The Guardians of Peace (GOP) fessed up to the crime by releasing a trove of sensitive data, including: personal information, messages and correspondence, executive salaries, and even snatching several of Sony’s films.
The group used a modified Shamoon malware with a mechanism to wipe hard drives. Unlike the typical goal of stealing data, this malware hurts victims by completely eliminating valuable information.
And Number 1: Melissa
David Smith is (perhaps) the discoverer of phishing attacks.
Taking to an America Online chat group, Smith posted a document claiming to have credentials to several websites, but whose true content was the Melissa virus.
Melissa, then went viral: spawning itself across global email servers.
Several tech-savvy companies (Microsoft, Intel, Lockheed Martin) were forced to shut down their email services, after Melissa caused over $80 million in damages.
Attacks are inevitable. Successful attacks are not. But when we lock our focus on cyber RESILIENCE, we can withstand the unending parade of attacks.
By PERSISTING our security posture and maintaining line-of-sight, the attack surface is compressed and becomes an inhospitable place for attackers to win.
What are your top 5? Drop them in the comments section below. I can’t wait to see who’s on your list.