© 2023 PDN Cyber Security Consultant. All rights reserved.
Over the past decade, the IT threat landscape has changed radically, marked by spectacular cyberattacks that have shaken businesses, governments, and individuals alike. In our April issue, we take a look back at some of the most high-profile cases that demonstrate the critical need to continually strengthen cybersecurity, whether for businesses or individuals.
In May 2017, WannaCry, a ransomware that exploited a vulnerability in Windows spread at lightning speed. It affected more than 230,000 computers in 150 countries, crippling hospital systems in the United Kingdom, disrupting companies like Renault in France, and causing billions of dollars in financial damage. The malware exploited a vulnerability revealed by a hacker group called Shadow Brokers, and was derived from features developed by the NSA. These very powerful tools, originally developed for international espionage, have greatly increased the destructive capacity of ordinary cybercriminals.
The WannaCry attack was stopped almost by accident by a British researcher who discovered a “kill switch” built into the malware. Nevertheless, the incident revealed the extent of existing vulnerabilities and showed the critical importance of regular updates, security backups, and constant vigilance against emerging threats. In the wake of this attack, many organizations have significantly strengthened their patch management and system update policies, as well as increased internal training to raise cybersecurity awareness among employees.
Barely a month after WannaCry, in June 2017, NotPetya struck back with unrivaled destructive power. Initially perceived as a ransomware, NotPetya finally turned out to be a masked cyberattack primarily targeting Ukraine in the particularly tense geopolitical context between Russia and Ukraine. The attack affected international companies such as Maersk, Merck, FedEx, and Saint-Gobain, causing financial losses estimated at more than $10 billion.
Unlike WannaCry, NotPetya didn’t have a data recovery mechanism, clearly indicating a destructive intent rather than extorsion. This event highlighted the growing political and strategic dimension of cyber-attacks, prompting organizations to rethink their IT defense strategies by now integrating cyber risk as a major systemic risk.
As a result, cybersecurity awareness and investment in protection systems have increased greatly, with a particular focus on rapid threat identification and organizational resilience.
In September 2017, Equifax, one of America’s largest credit reporting agencies, announced that it had suffered a massive data breach affecting nearly 147 million Americans. Cybercriminals exploited an unpatched vulnerability in Apache Struts that had been known about for months prior to the attack, highlighting lapses in IT risk management and the neglect of critical updates.
The exposure of sensitive information such as Social Security numbers, birth dates, addresses, and driver’s license numbers created a significant risk of identity theft and large-scale fraud. The total cost of this attack, including fines, restitution, and remediation, is well over a billion dollars. Not only did this case highlight the devastating consequences of poor vulnerability management, it also led to significant changes in data protection legislation. In Europe, the General Data Protection Regulation (GDPR) has become a model for the protection of personal data, while in the US, regulations have been tightened, forcing companies to report incidents more quickly and strengthen their cybersecurity management.
In December 2020, an extremely sophisticated attack against SolarWinds, a US company specializing in computer network management software, was revealed. Hackers, most likely linked to a foreign state, inserted a piece of malware called “Sunburst” into the official update of SolarWinds’ Orion software, which is widely used by government and corporate customers.
This supply chain attack allowed the hackers to discreetly infiltrate the networks of critical organizations, including the U.S. Treasury Department, State Department, Department of Homeland Security, and several major tech companies.
The high level of stealth, combined with the use of advanced obfuscation techniques, allowed the hackers to remain invisible for several months and harvest sensitive information undetected.
SolarWinds represents a major turning point in the understanding of cyber risks associated with third-party vendors and supply chains, prompting companies and governments to rethink their risk management practices and vendor control processes. In particular, the attack has accelerated the adoption of stronger cybersecurity practices, advanced monitoring tools for early detection of anomalies, and the need for greater international cooperation to combat these complex and sophisticated threats.
These major cyber attacks illustrate the growing complexity and severity of cyber threats. They highlight existing structural vulnerabilities and the critical need for a proactive cybersecurity strategy that includes prevention, detection, and rapid incident response.
In the second part of our article, we’ll look at other iconic attacks such as Colonial Pipeline, Uber, and attacks against the Irish healthcare system to draw further lessons on the need for constant cyber vigilance. In the meantime, if you have a movie, series, software, or e-book to protect, don’t hesitate to enlist our services by contacting one of our account managers; PDN has been a pioneer in cybersecurity and anti-piracy for over a decade, and we’re sure to have a solution to help you. Enjoy reading and see you soon!
Share this article
© 2023 PDN Cyber Security Consultant. All rights reserved.