Since Robert Morris created the first computer virus in 1989, the complexity and scale of attacks have grown exponentially. Specialist insurer Hiscox found that half of UK businesses received cyberattacks in a single year.
With so much for them to gain, it is little wonder that cybercriminals have become so relentless, with a cyber attack taking place every 39 seconds on average!
Of course, some cyber-attacks stand out from the crowd in terms of financial or social damage caused or simply for their sheer audacity.
Our pick of 10 worst cyber crimes
- Internet brought to a standstill by DDoS attack
- The reign of the Iceman
- Digital warfare with physical consequences
- Cheater's site gets cheated...
- US mistakes teen hackers for cyber-terrorists
- NHS patients really did want to cry
- You've got mail...actually everyone has
- The ultimate in bad reviews for Sony Pictures
- MafiaBoy's teenage crimes
- Yahoo exposes all 3bn users' data twice...
1. Internet brought to a standstill by DDoS attack
A series of distributed denial of service (DDoS) attacks managed to significantly disrupt Internet use in North America and parts of Europe during 2016. The target of the attacks was Dyn, a company in charge of much of the internet's domain name system (DNS) infrastructure, which is why the damage caused was so extensive.
While people with technical know-how could get around it, most typical internet users were affected for hours. Many of the world's most popular sites were rendered unresponsive, including Twitter, Amazon, Netflix, GitHub, PayPal, Pinterest, the Guardian and Fox News.
What is a DDoS?
Internet-enabled devices are infected with malware to make them a bot. They are controlled as a group (botnet) to make repeated requests to a particular server. This flood of traffic crowds out normal users resulting in a 'denial of service'.
2. The reign of the Iceman
Perhaps one of the most ambitious individuals in hacking history, the Iceman, born Max Ray Butler, stole the details of more than 2 million credit cards over the course of his criminal career. What makes him particularly unique is that his victims were not just businesses, banks, and individuals but also rival hackers themselves.
Operating via the deep web, he set up CardersMarket, a forum for cyber-criminals to buy, sell and exchange illicitly obtained personal details, such as credit card information. However, this still wasn't enough for him, as he then went on to hack into another similar site before permanently merging it with his own. The Iceman is currently serving a 13-year sentence.
What is the Dark Web?
The Dark Web is a name given to areas of the web that traditional search engines like Google cannot reach. It uses the public internet but requires specific software to access to keep users anonymous. While technically legal to use, many sites on the dark web support criminal activity, such as arms dealing or the sale of stolen goods.
3. Digital warfare with physical consequences
Easily the most terrifying entry on this list, the Stuxnet worm was one of the world's first instances of weaponised computer code. This means that it was not only able to cause damage digitally but could also cause physical harm to targets in the real world. Needless to say, the outcome could be utterly devastating if it were to fall into the wrong hands!
Stuxnet was most famously used against a nuclear research facility in Tehran in 2012. The worm exploited four zero-day flaws within the research facility's system, infecting over 60,000 state-owned computers and physically destroying approximately 1,000 nuclear centrifuges. This was around a fifth of the total owned by Iran and slowed nuclear projects by several years.
How does the Stuxnet worm work?
After being planted on the target device, Stuxnet travels through a network, searching for specific vulnerabilities. If successful, Stuxnet instructs the device to carry out actions to cause physical damage, such as by drastically speeding up moving parts or shutting off cooling systems. It also sends false feedback to the primary controller, leaving its presence concealed until too late.
4. Cheater's site gets cheated...
While not technically the largest cybercrime in terms of financial damage caused or the number of victims involved, the notorious Ashley Madison hack in 2015 deserves a place on this list due to the sheer sensitivity of the data stolen. Ashley Madison specifically offers a dating service for cheating spouses. The 300GB of user data leaked included users' banking data and real names and details of their private sexual desires.
The group of hackers, known as Impact Team, said the website's Cybersecurity was almost non-existent, claiming that they "worked hard to make a fully undetectable attack, then got in and found nothing to bypass." They also exposed the company for failing to delete users' data after charging them to do so. The company got off rather lightly in the end and only had to settle two dozen class-action lawsuits for $11.2 million-plus and a $1.66 million fine for the data breach.
5. US mistakes teen hackers for cyber-terrorists
Way back in 1998, the US Department of Defense (DoD) suffered a series of attacks on its network via a well-known operating system vulnerability. After gaining access to each network, the hackers implanted data-gathering devices (sniffers) to collect data to be retrieved later. Networks compromised included the US Air Force, US Navy, US Marines, NASA, and the Pentagon, granting the hackers access to hundreds of network passwords.
Once detected, the US government initially suspected that Iraqi state-funded hackers were behind the breach since the US was preparing for possible military action against Iraq at the time. However, they eventually discovered that three teenage hackers conducted the attacks, two from California and one from Israel.
What is a sniffer attack?
A sniffer attack reads and analyses unencrypted data packets as they are transmitted across networks. The attacker will then be able to read network communications or use the information gained to cause the network to crash or become corrupted later.
6. NHS patients really did want to cry
In May 2017, a particularly nasty form of ransomware called WannaCry was let loose upon computer networks worldwide, wreaking havoc everywhere it went. In a matter of days, it had infected close to 200,000 devices in almost 150 countries. Once infected, files stored on a PC would become encrypted. A digital ransom letter would then appear on the desktop, demanding a payment in Bitcoin to unlock the files.
Apart from the many private users affected, WannaCry also caused damage to several large corporations, such as the NHS, Renault, Nissan, and FedEx. As many as 70,000 devices may have been infected in the case of the NHS, including MRI scanners, theatre equipment, and blood-storage fridges, which resulted in over 19,000 appointment cancellations immediately costing around £20 million, and an additional £72 million in subsequent repairs and upgrades.
What is ransomware?
Ransomware is harmful software, usually spread through infected websites or phishing links. Once infected, files stored on a PC become encrypted. A digital ransom letter then appears on the desktop, demanding a payment in Bitcoin to unlock the files.
7. You've got mail...actually everyone has
One of the farthest-reaching data breaches of all time happened in 2011, when Epsilon, an email marketing company, had its database of client email addresses stolen by hackers. This might not sound too catastrophic until you realise that Epsilon had around 2,200 corporate clients at the time and was ultimately responsible for sending out more than 40 billion emails per year!
Since the breach compromised an astronomical number of individual email addresses, the chances of spear-phishing attacks (a more focused version of phishing scams) dramatically increased. It is tricky to estimate the full extent of the damage caused by the Epsilon hack, but experts place the figure anywhere between $200 million and $4 billion!
What is a spear-phishing attack?
Spear-phishing is an email scam where an attacker tricks the recipient into downloading malware or giving up sensitive information. Since these attacks are tailor-made for specific targets, they are far more dangerous and effective than traditional mass phishing scams.
8. The ultimate in bad reviews for Sony Pictures
Sony Pictures was subjected to a nightmare of a hack in late 2014 when hackers calling themselves the 'Guardians of Peace' leaked confidential data stolen from their company. This data included internal emails, plans for future films, copies of unreleased films, specific details of executives' salaries, and personal information about employees and their family members.
If that wasn't bad enough, the hackers then erased key parts of Sony's network. Still not fully satisfied, the 'Guardians of Peace' also demanded the withdrawal of Sony's then-upcoming film, The Interview. Since the plot of the film in question is about an assassination attempt on Kim Jong-un, many speculated that North Korea was behind the hack, a claim which was confirmed by the official US investigation.
9. MafiaBoy's teenage crimes
Another child hacker is Michael Calce, known online as MafiaBoy, who was only 15-years old when he took the world by storm with a series of nasty DDoS attacks. Focusing mainly on large corporations, MafiaBoy managed to take down CNN, eBay, Amazon, and Yahoo, the world's largest search engine. Why go to all this trouble? To assert his dominance in cyberspace as one of the world's greatest hackers, of course!
The attacks were a much-needed wake-up call for the US government, causing President Clinton to convene a cybersecurity task force. The highest estimate for the damage caused by MafiaBoy comes to $1.2 billion. However, he only suffered a relatively minor punishment due to his young age – eight months of open custody, a small fine, and a year of probation.
10. Yahoo exposes all 3bn user's data, twice...
Of all the data breaches suffered in internet history, none come close to those suffered by Yahoo. The Internet service company was hacked twice in 2013 and 2014, respectively, exposing every single user account its databases contained - all 3 billion of them!
Endless lists of stolen data were put up for sale on the dark web and contained full names, email addresses, dates of birth, phone numbers, hashed passwords, and security questions and answers. To add insult to injury, Yahoo claimed that the second attack was probably carried out via manufactured web cookies, which practically gave hackers access to any account without requiring a single password!
What are malicious web cookies?
Cookies are text files stored on your PC to help customise and improve your experience when browsing certain websites. While the vast majority are harmless, some can be used to monitor online activity, falsify user credentials, or even steal a user's identity.
Want to learn more about Information Security?
To help you plan and execute compliance in your organisation, we have created a comprehensive GDPR roadmap.
We also have 80+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
If you'd like to stay up to date with information security best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.
Last but not least, you can interact in person with thought leaders and your peers at one of our popular live webinars and face-to-face events.
If you've any questions or concerns about compliance or e-learning, please get in touch.
We're happy to help!