As we head into 2020, I thought it’d be a nice time to take a moment to review and prognosticate the upcoming decade. So, for the next two Offsite Insights blog posts, I’ll be doing just that.
In reviewing the last decade, Wired magazine’s Lily Hay Newman outlined the last 10 years of cybersecurity in an article titled “The worst hacks of the decade.”
“It’s been apparent for decades that an increasingly computerized world would inevitably invite constant digital threats,” Hay Newman says in the article. “But the actual evolution of hacking—with all its scams, criminal black markets, and state-sponsored forces—has been characteristically human, not a sterile, dispassionate artifact of an unknown future.”
Below are the cyber attacks Hay Newman outlined in chronological order. Note that these attacks range in type and victims.
- Stuxnet: Created by the U.S. government and Israel, the worm, which was used in 2010, was the first malware to physically damage equipment, Hay Newman reports. The worm targeted Microsoft Windows, and then located Siemens Step7 in order to manipulate PLCs.
- Shamoon: Developed by Iranian state-backed hackers, the Windows wiper was used in 2012 in an attack against oil company Saudi Aramco, and works by collects a computer’s data before wiping and destroying the master boot record, effectively bricking the computer, Hay Newman says. The malware resurfaced in 2017 and 2018.
- Sony Hack: Supported by the North Korean government, a group calling themselves “Guardians of Peace” attacked Sony Pictures Entertainment in 2014, stealing 100 terabytes of data, deteling files and configurations, and later releasing the stolen sensitive information, including employee information like Social Security numbers, Hay Newman reports.
- Office of Personnel Management Breach: A series of breaches orchestrated by China in 2013 and 2014 against the Office of Personnel Management, which stores sensitive data about all past and present federal employees, Hay Newman states. In 2013, the hackers entered the OPM network to collect its blueprints, then in 2014 they entered again to gain control of the administrative server and stole employee information and information about other U.S. citizens through 2015 when the OPM became aware of the intrusion.
- Ukrainian Blackouts: Spearheaded by Russia as part of its physical war against Ukraine, the first attack occurred in 2015 as a suite of malware that stole credentials, allowing the hackers to gain access and manually turn off circuit breakers, causing a blackout, Hay Newman says. The second attack in 2016 was against a single transmission station targeted by an evolved malware known as Crash Override or Industroyer. This malware allowed the hackers to manipulate control systems, but a technical mistake didn’t allow for the intended physical equipment destruction, Hay Newman reports.
- Shadow Brokers: After surfacing in 2016, the Shadow Brokers hacker group released an extensive collection of the National Security Agency’s tools, including the Microsoft Windows exploit EternalBlue, in 2017. EternalBlue then branched into the WannaCry malware, which used built by North Korean hackers and used to attack public utilities and large corporations worldwide, Hay Newman says.
- 2016 U.S. Presidential Hack: Two groups of Russian hackers—APT 28 or Fancy Bear, and APT 20 or Cozy Bear—ran social media disinformation campaigns along with email phishing attacks to breach the Democratic national Committee and release information via WikiLeaks, Hay Newman reports.
- NotPetya: Developed by Russian hacking group Sandworm, NotPetya was a “destructive malware built to lock down computers, devastate networks and create chaos,” Hay Newman says. The malware spread around the world, eventually coming back to infect systems in Russia itself, and disrupted companies in sectors including pharmaceutical, shipping, power, public transit, and more.
- Equifax: This well-known data breach in 2017 exposed personal information of nearly half of the U.S. population. Due to the company’s handling of the breach, the situation only got worse, as phishing attacks and imposter sites asked for people’s personal information, which is how the company itself was relaying to individuals whether their information had been compromised, Hay Newman reports. Equifax is only one example of corporate data breaches in the 2010s, which also included the Target data breach, Home Depot data breach and Ashley Madison data breach.
- Aadhaar: In 2018 alone, it’s estimated at 1.1 billion Aadhaar numbers as associated data were breached and shared on the black market, Hay Newman reports. Aadhaar is the Indian government’s identification database and “is used in everything from opening a bank account to signing up for utilities or a cell phone.” Due to all the connections, data has been exposed by third parties or the government itself improperly storing data, Hay Newman says.