tl:dr
Most of my posts have talked about increasing your personal cybersecurity or general tips on protecting yourself while connected to the Internet. I've given you the "how," but I haven't focused on the "why" to do the things I've talked about. This post will talk about the history of cyberattacks, looking at some of the worst attacks in history.What is a Cyberattack?
A cyberattack is a computer, or network of computers, used to deny, degrade, disrupt, destroy, or manipulate services or data on a target computer or network of computers. In the military cyber community, these methods are also referred to as D4M. However, these types of effects equate to similar outcomes in the civilian world as well. Cyberattacks can have specific targets or be indiscriminate. They can be designed to steal information or cause physical destruction of systems.Indiscriminate Attacks
Targeted Attacks
These types of attacks tend to be a little more "newsworthy" because of the targets, which have included Target (2013), Home Depot (2014), and Sony's PlayStation Network (2011). Most recently, the World Health Organization (WHO) was breached in March 2020, and WHO staff member credentials were leaked. You can read more about any of these just by using our friend Google, but info on the WHO attack can be found here: https://www.bbc.com/news/technology-52381356.Destructive Attacks
The first time I remember reading about a destructive attack was the 2007 cyberattack against Estonia. This attack targeted government sites, news sites, major banks, Internet service providers, and small businesses. It essentially shut the Internet in the country down with a distributed denial of service. More information can be found here: https://www.wired.com/2007/08/ff-estonia/.
One of the most destructive attacks was the Shamoon virus, in 2012. The Shamoon virus was designed to wipe infected systems, overwriting the information with garbage data. The target of the Shamoon virus was workstations within the Saudi Aramco infrastructure; 30-35,000 of them, and it worked. In only a few hours, all of these workstations were either partially or completely destroyed.
Think about that for one minute...30,000 computers, all wiped and their hard drives unusable, destroyed. All of these computers needed replacement hard drives. Even at $50 per hard drive, the cost is $1.5 million, PLUS the cost to pay people to reinstall all of the software. What about the time investment? This was an extremely expensive attack and you can read more about it here: https://money.cnn.com/2015/08/05/technology/aramco-hack/, and here: https://www.zdnet.com/article/shamoons-data-wiping-malware-believed-to-be-the-work-of-iranian-hackers/.
The Future?
Why am I telling you about the past? Partially because we can learn from it and defend our networks better in the future. The other reason is directly related to the situation we are in right now, a COVID-19 world. In a May 14, 2020 article, Stephen McBride predicted the largest cyberattack in history will occur within the next 6 months. I won't repeat everything he said, but here is the basic break down. Organizations have had to adjust their infrastructure to allow their workforce to work from home. These adjustments were done quickly and maybe not in the most secure manner. Regardless of the quality of security, the attack surface of many organizations has increased exponentially. You can Mr. McBrides article here: https://www.forbes.com/sites/stephenmcbride1/2020/05/14/why-the-largest-cyberattack-in-history-will-happen-within-six-months/#5aa7c2be577c
Finally, you need to secure your system to protect yourself. If you work from home, you need to secure your system to protect your organization as well.