Most Important Cyber Attacks

History of Cyber Incidents From Barrotes (1993) to Ryuk (2019)

Like any innovation, the spread of the Internet and connection networks has brought enormous benefits to society and the business world, but has also entailed serious risks. Cyber ​​attacks have become frequent episodes and common methods for committing fraudulent activities. According to a report by the World Economic Forum, in fact, 76.1% of experts expect an increase in the number of attacks against infrastructures in 2020, while 75% believe that cybercriminals looking for money will increase. or data.

To develop the best strategies, tools or services to stop these crimes or minimize their impact, it is essential to use cutting-edge technology and economic resources to track the hacking phenomenon. Not only that, it is also essential to learn from history and understand what it can teach to take advantage of it in the way of acting.

Barrotes (1993)

Known as the first Spanish virus, this malware was a small program that, once it entered systems, wrote its malicious code to executable files (.com and.exe on MS-DOS), only manifesting itself on January 5th, the day in which filled the screen of infected PCs with vertical bars, making it impossible to use.

CIH / Chernobyl (1998)

Originally from Taiwan, his modus operandi was lethal: once installed on a computer, it wiped out all information, even corrupting the Basic Input-Output System (BIOS) so that the system could not boot. It is estimated to have affected over 60 million Windows 95, 98 and ME users.

Melissa (1999)

It is one of the first cyber attacks made with social engineering techniques. The victims received an email with an attachment allegedly containing logins to access pornographic websites. However, once the document was opened, the virus entered the user’s Microsoft Outlook agenda by forwarding the same email to the first 50 contacts in the address book.

Iloveyou (2000)

This notorious worm used social engineering and email to infect devices. The user received an email with the subject “I love you” and an attachment. When this document was downloaded and opened, it replaced a multitude of files (.jpeg,.css,.jpg,.mp3,.mp3,.mp2 and others) with a trojan that aimed to obtain sensitive information.

Mydoom (2004)

Worm that used most of Windows security tools and options to spread throughout the operating system and every file. The consequences were dramatic: it reduced world Internet traffic by 10% and caused losses of approximately $ 40 billion.

Stuxnet (2010)

This is the earliest known example of cyberwarfare; it was designed to attack Iran’s critical infrastructure. This worm, spread through removable USB devices, carried out a targeted attack against companies equipped with SCADA systems, in order to gather information and then order the system to self-destruct.

Mirai (2016)

Mirai is the botnet behind one of the largest Distributed Denial of Service (DDoS) attacks to date. It has hit big companies like Twitter, Netflix, Spotify, and PayPal. This malware has infected thousands of IoT devices, remaining inactive within them.

WannaCry (2007)

WannaCry was a ransomware attack that started with a cryptoworm of the same name. By targeting Windows computers, it encrypted their data and demanded a $ 300 ransom in bitcoin. The ransomware is estimated to have affected over 200,000 computers in around 150 countries, including devices from the National Health Service (NHS) in the UK and the car company Renault.

Petya / NotPetya (2016-2017)

The Petya ransomware, discovered in 2016, ran on computers, encrypting some files, locking the boot sector of the compromised system and demanding a ransom in exchange for restoring these files. The NotPetya variant, which appeared in 2017, was mainly aimed at the commercial sector. One aspect that made it particularly well known is the fact that often, even when the ransom was paid, the victim’s files were not recovered. Researchers suspect that he actually intended to hide a cyber attack targeting Ukrainian institutions.

Ryuk (2019)

This ransomware, whose origins are attributed to the Russian group Grim Spider, endangered critical infrastructures and large national and international companies in the last quarter of 2019. It takes action by encrypting files on infected devices and allowing the victim to recover their own file only by paying a ransom in bitcoins.