Cybercriminals are evolving quickly, thus masked by internet anonymity; they are constantly unleashing new and improved malware that is a threat to our online safety. Paranoid? You probably should be.
According to Cisco 2018 Annual cybersecurity report, more than half (53 percent) of all malware attacks till now have resulted in financial damages of more than US$500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs.
Let’s have a quick sneak peek on some of the most disastrous malware attacks in history
WannaCry is considered to be the most destructive ransomware to in 2017. It hit over 150 countries and over 100,000 organizations, which included major corporations and government agencies. The WannaCry attack initially introduced ransomware into systems via phishing emails and spread using a known Windows vulnerability.
The four-day WannaCry epidemic knocked out more than 200,000 computers in 150 countries. Also, according to the initial reports, in some hospitals, WannaCry encrypted all devices, which included medical equipment, and some factories were forced to stop production. When compared to other ransomware varieties, WannaCry used a worm to infect other systems, spreading through an entire network.
Stuxnet was one of the famous and complex malware attacks that disabled uranium-enrichment centrifuges in Iran, resulting in a slowdown of the country’s nuclear program for several years. Back then, nothing could match the complexity of Stuxnet, as the worm was able to spread gradually through USB flash drives, penetrating even computers that were not connected to the Internet or a local network.
The worm spun out of control and quickly multiplied around the world, infecting thousands of computers. However, it could not damage all the computers, as it was created for a very specific task. The worm manifested itself only on computers that were operated by Siemens programmable controllers and software. So what did this worm do? After landing on such a machine, it reprogrammed these controllers. Then, by setting the rotational speed of the uranium-enrichment centrifuges too high, it physically destroyed them.
Botnets had been around for ages already, but the rise of the Internet of Things breathed new life into them. The name of the malware attack Mirai is a Japanese word for “the future”. It scanned the Internet of Things for vulnerable devices and hit them with malware. This increased bandwidth use and reinfected after every reboot. Dyn could not withstand such a massive DDoS attack. The Mirai botnet executed multiple DDoS attacks, hitting DNS service provider Dyn and making websites like Netflix, Twitter, and Reddit inaccessible. Dyn eventually recovered, but the sheer scale of the Mirai attack made the world sit up and think about the security of “smart” things — it was the mother of all wake-up calls.
What makes Mirai particularly “dangerous” is the fact that its source code has been published on hacker forums. Thus, the cybercriminals have been using it to adapt to other malware projects.
The Cryptolocker Trojan—ransomware that first encrypts its victims’ hard drives and then demands payment. This nasty ransomware spread rapidly through email attachments. The victim finds a ransom message in his computer, and he is given a time limit in which he needs to pay to access his files. In this attack, the infected computers presented a request for a decryption key in return for a $400 ransom fee within 72 hours or saw the key to unscrambling their files destroyed.
CryptoLocker’s ringleader was eventually taken down on June 2014, but half of the damage was already done, and the victims almost paid $3 million to the hackers.
The title of most costly epidemic goes to ransomware encryptor (technically a wiper, but that does not alter the bottom line) called ExPetr, also known as NotPetya. It used EternalBlue and EtrernalRomance exploits, the worm moved around the Web, irreversibly encrypting everything in its path.
Although the number of infected machines was less, the NotPetya epidemic targeted mainly businesses, partly because one of the initial propagation vectors was through the financial software MeDoc. The cybercriminals managed to gain control over the MeDoc update server, which caused many clients using the software to receive the malware masked as an update, which then spread across the network.
The damage from the NotPetya cyberattack is estimated at $10 billion, whereas according to various estimates, WannaCry’s damage lies in the $4–$8 billion range. NotPetya is considered as the costliest global cyberattack in history.
Will you be the Next? Protect your business!
While the previous malware attacks are impressive, but many more are taking place every day in different business sectors or by different means. How to protect your business from malware or cyber-attacks? The first step is to update the IT systems, and the best is to continuously detect vulnerabilities and fix them quickly to avoid attacks. Last and but not the least get a robust backup solution which will keep your data secured and backed up even during a malware attack or disaster.