• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » The 5 worst ransomware attacks to date

The 5 worst ransomware attacks to date

by Jonathan Rolland
22 November 2019
in Security
0
The 5 worst ransomware attacks to date
0
SHARES

In the Wild West, moving valuables from town to town was a dangerous business. At any moment, stagecoaches could be ambushed by bandits, causing the victims to lose months of wages in one swift attack. In the 21st century, the outlaws are played by online ransomware attackers, and the victims are multinational corporations.

Unfortunately, not only Fortune 500 companies are being targeted. Therefore, it’s vital to learn more about this type of online threat. To help you out, we’ve made a list of the top 5 examples of ransomware attacks. Like the Wild West bandits, these attackers have strained cybersecurity systems to the breaking point, showing no signs of stopping anytime soon.

1. The 2016 Petya ransomware attack

Until 2016, Petya was just a traditional Bulgarian baby name. But when security analysts baptized the year’s most severe ransomware attack, the name quickly lost its cuteness element.

The Petya attack easily could have cost $10 billion or more globally as it targeted the largest organizations. For example, some of the victims included the shipping giant Maersk, British industrial group Reckitt Benckiser, law firm DLA Piper, and – most worryingly of all – the systems monitoring the Chernobyl nuclear site.

The attack focused on the Microsoft Windows booter, which provided access to the target system’s master bootloader. By triggering a reboot, it could launch directly into ransomware software. This software then encrypted user files and demanded payment in Bitcoin to release them.

In a stunning twist, the original attack was followed in 2017 by the “NotPetya” attack. A close cousin of Petya, this follow-up used a Windows backdoor called EternalBlue, which was created by the NSA – a case of blowback from the ever-expanding security state.

2. The Wanna Cry ransomware attack

The Wanna Cry ransomware attack overshadowed Petya when it appeared out of nowhere in May 2017. WannaCry spread using the same EternalBlue exploit, which allowed hackers to propagate “cyberworms” across unpatched Windows systems.

This ended in a slaughter. In the UK, hospitals were denied access to their IT systems, putting the lives of patients at risk. Major corporations like Nissan, Telfonica, FedEx, and Deutsche Bahn were also targeted. In all instances, core IT services were knocked out of action, as hackers demanded huge Bitcoin payments to restore functionality.

It’s estimated that Wanna Cry caused around $5 billion in damage. The worst part is that we still cannot say who started it. While the blame was initially directed at North Korea, it was the NSA that developed the EternalBlue exploit that Wanna Cry used to spread itself.

It could actually have been even worse if not for one researcher. He discovered a “kill switch” in the cyberworm’s code, which allowed targeted organizations to restore their systems. But at that point, Wanna Cry had already caused a significant amount of damage both in the online and real world.

3. The Atlanta (SamSam) ransomware attack

Some of the most mind-blowing ransomware attacks have exposed the vulnerability of entire cities. In March 2018, Atlanta, the Capitol of Georgia, had its systems fall into the hands of hackers.

With security experts struggling to solve the issue, city clerks were forced to revert to paper and pens when handling vehicle licenses or taxes. Footage from Police dash cams was deleted, while a third of the council’s software was taken offline.

The Atlanta threat, named SamSam ransomware, is still known for its uncommon form of attack. Instead of waiting for the staff members to open phishing emails, SamSam used “brute force” to access Atlanta’s IT infrastructure.

In the run-up to the attack, the city government had been bashed for using outdated IT technology, and SamSam ransomware attack proved the point. Old security systems left accounts across the government wide open, and the hackers didn’t hesitate to accept such an invitation.

For individuals and SMBs, this is a textbook example of why they should update their software on a regular basis. Failing to do so will put you at risk of a similar brute force attack similar to that of Atlanta.

4. The 2017 Bad Rabbit ransomware attack

In September 2017, security analysts noticed a new type of ransomware attack. Named as Bad Rabbit ransomware, it disguised itself as a Macromedia Flash update.

Most of us have encountered these updates when clicking on embedded videos on websites. Over the years, Flash has continued to be known for security weaknesses, and Bad Rabbit wasn’t the first instance when users got more than they bargained for after watching a video.

Instead of launching a legitimate Flash update process, Bad Rabbit almost instantly locked up targeted computers, demanded a $280 payment in Bitcoin, and gave users 40 hours to comply. If not, victims could bid farewell to the content of their hard disk drives.

Luckily, the Bad Rabbit ransomware attack didn’t spread wide. Instead, the attack was mostly confined to Russia and Ukraine, where it presumably originated. Microsoft was quick to release patches for the affected systems and infected Flash files were in most cases removed.

Bad Rabbit stands as an example of how cautious we need to be when dealing with .exe downloads. Anyone could click on these links, and without proper protection, this can have devastating results.

5. The 2016 Locky ransomware attack

The 2016 Locky ransomware attack provides us with another angle on the problem. This time, hackers used fake invoices that were emailed together with a Word file attachment.

Just like the owls, this attachment wasn’t what it seemed. When opened, it looked like a stream of nonsensical text. But this apparent nonsense was prefaced with the instruction “Enable macro if data encoding is incorrect.”

You don’t need to guess what happened when users enabled Word macros. Instead of decoding the invoice, enabling macros triggered the Locky ransomware download.

That was followed by the usual demands – requiring victims to download the Tor browser and transfer 1 Bitcoin, which was worth thousands of dollars back in 2016. Many complied. For example, Hollywood Presbyterian Hospital in California sent $17,000 to hackers. And, as it’s become a norm in case of a major ransomware attack, most victims decided to wash their dirty laundry in private.

Protect yourself against a serious ransomware attack

Everyone should be concerned about falling victim to a ransomware attack. As these examples show, since 2016, the world has been rocked by successive attacks, and law enforcement bodies have very few answers about how to prevent them.

As individuals and businesses, there are things we can do. For example, installing a Virtual Private Network (VPN) is an excellent idea. This can encrypt your data and anonymize your online identity, making you less vulnerable to phishers.

But common sense and vigilance are just as important. Be cautious about email attachments and .exe downloads. And install the latest OS patches. It’s easy to put off updating due to time constraints or costs, but those updates can make all the difference. And when you factor in the cost of losing your data and systems, it’s a no-brainer.

ShareTweetShareShare

Related Posts

Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

14 January 2021
Email icon on laptop screen

How phishing attacks are evolving and why you should care

14 January 2021
Ransom message on laptop screen

Why ransomware attacks will explode in 2021

12 January 2021
Next Post
Twitter logo China

Twitter in China: the battle of government and corporate power

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    81962 shares
    Share 81952 Tweet 0
  • Tutanota vs. ProtonMail: which is the better secure email service?

    0 shares
    Share 0 Tweet 0
  • 1 million highly sensitive NSFW pictures leaked by Korean teen dating app

    59 shares
    Share 59 Tweet 0
  • Bitwarden Review

    0 shares
    Share 0 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
NSFW: tech support workers share their oddest job experiences

NSFW: tech support workers share their oddest job experiences

15 January 2021
This fake TikTok service promises free followers but gives you free malware instead

This fake TikTok service promises free followers but gives you free malware instead

15 January 2021

These researchers create mouth-watering (but fake) pizza images. Why?

15 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Samsung launches new flagship Galaxy S smartphone early, targets remote workers, gamers

Samsung launches new flagship Galaxy S smartphone early, targets remote workers, gamers

15 January 2021
An unintended consequence: can deepfakes kill video evidence?

An unintended consequence: can deepfakes kill video evidence?

14 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!