.svg){kind=icon}
.svg)
Cyberattacks are more than just simple virus threats. They’re large-scale, devastating assaults on businesses of all shapes and sizes and, whether financially, politically, or personally motivated, they’re always evolving.
Businesses worldwide are investing more time, money, and effort into fortifying their defenses against cyber crime. However, as protections and technology evolve, so do threats. Unsurprisingly, cyberattacks are set to cost global businesses more than $15.63 trillion by the end of the decade.
Over the years, we’ve worked with hundreds of companies that, until they engaged our penetration testing services and cyber security advice, risked serious capital loss.
Beyond the cost of a breach or attack, to illustrate this building and ongoing cyber onslaught, let’s examine 12 high-profile cyberattacks from the past 15 years.
2024 - 2020 (Most Recent Attacks First)
The following cyberattacks occurred during the emergence of AI and automation technologies entering the mainstream. More importantly, they show that there’s no reason to rest on your laurels.
United States Telecommunications Hack (2024)
In late 2024, it was announced that the US had suffered what many experts believe to be the biggest telecoms hack in history. Specifically, it was determined that Chinese hackers had exploited at least eight telecoms companies in the US, and several more in Europe and Asia, between 2022 and 2024.
Intelligence experts believe that phone metadata, audio calls, and text messages were stolen. In addition, hackers intercepted a law enforcement portal through which telecom companies received court orders. This was a colossal example of nation-state espionage.
And, even now, the threat still remains:
“Right now, we do not believe any have fully removed the Chinese actors from these networks. So the risk of — there is a risk of ongoing compromises to communications.”
Nick Schifrin, quoting Anne Neuberger, US Deputy National Security Adviser for Cyber and Emerging Technology
The ultimate takeaway from this attack is that US telecoms companies need to do more to both fortify their defenses and to weed out bad actors still lingering in their systems. As our customers would agree, more advanced threat detection is key to avoiding breaches on this scale.
MOVEit Transfer Exploitation (2023)
MOVEit, a file transfer application relied upon by companies across the global supply chain, fell to hacking attempts in 2023. Cyber criminals taking aim at the app specifically exploited a vulnerability left unfixed by the program’s developers, Progress.
The immediate effect of this breach was that both company employees and customers saw their data stolen en masse. Progress responded to the fallout with security patching as an emergency.
A key lesson learned from this event is that no matter what apps your business uses, you cannot always be 100% sure that developers have secured their code. Of course, there is always an element of risk and trust – but users should always be proactive about their own cyber security as a priority.
Regular vulnerability scanning and infrastructure testing are always recommended. We’ve helped hundreds of customers avoid losing serious data due to missed weaknesses.
Medibank Data Breach (2022)
Medibank, an Australian health insurance specialist, made headlines in 2022 after hackers obtained data from almost ten million customer, past and present.
The hack was a colossal failure on the part of the firm, which saw the data posted to the dark web. Initially, Medibank reported the attack to have arisen thanks to firewall misconfigurations.
However, legal action against the company later claimed that hackers obtained sensitive login details thanks to a service operator copying and syncing them to a personal browser. What’s more, a lack of multi-factor authentication (MFA) or ID proof were also alleged to have added to the chaos.
Ultimately, the lesson companies can learn here is that MFA and stringent data protection training are vital for protecting infrastructure against hackers looking for sloppy mistakes.
Colonial Pipeline Ransomware Attack (2021)
2021 saw the Colonial Pipeline Company fall prey to a ransomware attack that locked its data for a demand of $4.4 million in bitcoin. This attack impacted the potential oil supply in up to 13 US states, and the company took swift action to shut down much of its East Coast pipelines.
The attack's impact led to immense financial repair and severe reputational damage. Reportedly, hackers gained access to CPC’s network through a compromised password and a lack of MFA. The company would keep its pipelines on lockdown until at least May 12th, some five days since it began.
Interestingly, CPC made a rare case in that it paid the ransom demanded by hackers – something the FBI advises against.
“The bureau notes that paying a ransom does not guarantee the return of the data and that paying it can incentivize malicious actors to continually engage in this illicit behavior. The ransom may also be used to fund criminal activities.”
Insurica
SolarWinds Supply Chain Attack (2020)
2020’s attack on SolarWinds, a high-profile software company, was one of the most devastating attacks of its kind on a network management system, or NMS. The NMS in question for this case was Orion, software used by tens of thousands of companies across the US – including some government bodies.
This particular attack was a supply chain breach that saw hackers introduce malware into Orion and SolarWinds through a backdoor. Although the threat immediately impacted SolarWinds customers, it affected an almost unlimited chain of victims with networks entangled through the firm’s software.
SolarWinds, in fact, distributed malware without realizing it. In early 2020, hackers sneaked code into a standard update. It took over a year between the hackers' first access to SolarWinds and the malware's eventual quashing.
2019 - 2010 (Older but Highly Significant Cyber Attacks)
We can still learn from older mistakes and vulnerabilities exploited by cyber criminals. Here are seven more high-profile incidents worth learning about.
Equifax Data Breach (2017)
Consumer credit giant Equifax announced in September 2017 that, on the back of a major data breach, up to 148 million US customers’ personal data had been stolen. Such data included social security information, driver’s license details, addresses, names, and dates of birth. It’s also thought hundreds of thousands of credit card numbers were leaked.
Eventually, the US government would indict members of China’s military in response to the hack. The fallout would also lead to consumers claiming money from Equifax as a result of expenses from the breach.
This particular incident is still notable because of the sensitivity of the data stolen at such a large scale.
NotPetya Attack (2017)
NotPetya was fast-spreading, far-reaching malware designed to attack systems based in Ukraine – which, along the way, infected systems of at least 60 nations worldwide. The malware would brick and destroy tens of thousands of devices, with some banks even losing server access.
NotPetya was a destructive force disguised as ransomware – its aim wasn’t to claim money, but to reap chaos. By 2018, the CIA reportedly concluded that a Russian spy agency had deployed the program.
WannaCry Ransomware Attack (2017)
WannaCry gained infamy around the world as a particularly aggressive form of ransomware that encrypted information and demanded cash payments. However, it gained particular infamy in the United Kingdom, where it brought down computers in 60 trusts across the National Health Service.
As a result, patient records were restricted and non-urgent surgeries were cancelled as experts scrambled to fix the damage.
Several years after the attack, it emerged that several NHS bodies were still running outdated systems, with 1.4 million still running Windows XP in July 2019. Microsoft ended support for the product in April 2014.
Yahoo Data Breaches (2013–2014)
A data breach affecting online giant Yahoo in 2013 resulted in what’s still the biggest corporate leak of all time. The attack, revealed in 2016, reportedly saw three billion accounts compromised – with email addresses, names, and phone numbers among the data stolen.
The breaches occurred largely through hackers manipulating cookies to bypass authentications – with the second major breach, attackers even copied the user account database!
Yahoo followed up the breach by appointing data security staff, upgrading security protocols, and advising users to reset their passwords.
Stuxnet Worm (2010)
Stuxnet remains a fascinating case from a cyber security history perspective. First emerging around 2010, this intrusive worm was specifically developed to exploit vulnerabilities in Microsoft’s Windows OS. Interestingly – and, of course, controversially – the worm was largely used to attack Iran’s uranium supplies. However, it was adapted for various attacks over the years.
It’s notable – and infamous or being the first malware of its kind to physically destroy the devices it infects. As such, Iran’s nuclear program was left hobbled.
Stuxnet was developed as a highly intelligent piece of malware, largely leaving devices outside of its target mission barely harmed. It’s thought to have been transferred through USB sticks, penetrating files, modifying code, and altering system operations.
It’s been alleged over the years that Stuxnet was a joint venture between the US and Israel. However, no precise confirmations have been made.
Key Takeaways from History’s Worst Cyber Attacks
So, what can we effectively learn from history’s worst cyberattacks? For one thing, you can never be too well protected against emerging threats – which is why our customers run penetration testing at least twice a year.
Cases such as SolarWinds and Stuxnet suggest that there is still a rising threat of nation-state cyber warfare behind the scenes. Given that so many important infrastructures and tools are dependent on servers and data storage, state-driven cyber warfare can only get more threatening.
Ransomware, too, continues to be a major player in the threat landscape. As we’ve seen with the NHS and the CPC, no company is too big or too critical to be free from harm. Seven out of ten cyberattacks are related to ransomware!
And, let’s not forget the long-term consequences of large-scale hacking! Cases such as Yahoo’s and Equifax’s tell us that it’s not just reputation that’s at stake, but millions of dollars in repairs and reparations, too.
Ultimately, the bigger picture remains – corporations and government agencies are still lagging behind on ensuring their cyber security practices are up to snuff against emerging threat vectors.
However, small business owners can protect their own interests – and set fantastic examples – by taking their security postures more seriously. It all starts with scanning for vulnerabilities and running penetration tests – and VikingCloud is on hand to help.
Call our team now to learn more about how we can help prevent you from ending up on lists like these!
