Cyberattacks have unfortunately become a part of everyday life for many companies, with thousands of attacks carried out every day. Luckily few are big enough to make the news, but every now and then an attack will cause such damage as to gain worldwide attention. So here are ten of the biggest crimes in Internet history.
Target
One of the most widespread attacks of recent times, in January this year US retailer Target revealed it had been hit in a major data breach the previous month. The company revealed that details from over 70 million customer credit and debit cards were stolen in the attack by Russian malware author Rinat Shabayev, and the news led to the resignation of Target’s CEO and chairman, Gregg Steinhafel.
Stuxnet
Rumoured to be the work of US and Israeli special agents, the Stuxnet worm exploits a vulnerability in Windows to attack industrial systems such as those used in nuclear power plants. Discovered in June 2010, systems in several countries, including the United States, were affected, with Iran the worst hit, with over 16,000 computers infected. The Israeli government has neither confirmed nor denied involvement, but a 2011 New York Times investigation concluded that the worm had been developed and tested in Israel.
Sony/PlayStation Network
Approximately 77 million PlayStation Network (PSN) and other Sony Online Entertainment accounts were hacked in 2011, with credit and debit card information being stolen from users. The attack, which went on for 24 days, also allowed hackers to log into affected accounts, even when Sony said it was fixing the breach. Overall, the damage was estimated at around $2bn in compensation and repairs.
Spamhaus Project
Considered by many in the security industry as one of the worst cyberattacks in history, the Spamhaus Project was a reaction against the titular company, which provides email filter services to block spam mail, blacklisting the Cyberbunker website. Cyberbunker retaliated by hiring hackers to target Spamhaus, exploiting home and broadband routers to shut down the company’s systems.
Ghostnet
In 2009, Canadian researchers acting on behalf of the Dalai Lama, who believed he was under surveillance by the Chinese authorities, uncovered a huge electronic spying network which had infiltrated computers in over a hundred countries. The researchers also found that ministries of foreign affairs and embassies in Iran, Bangladesh, Indonesia, India, South Korea, Thailand, Germany, and Pakistan were also affected.
Operation Shady Rat
Beginning in mid-2006, Operation Shady Rat was an ongoing series of cyber attacks that hit at least 72 major organisations worldwide including the International Olympic Committee and the United Nations. Discovered by McAfee researchers in 2011, it was assumed to be of Chinese origin, although this was never proved.
The Estonia Attacks
One of the most serious attacks ever unleashed on a single country, the Estonia attack followed the controversial decision to remove a Soviet war memorial in its capital, Tallinn. The assault, thought to have been supported by the Russian government, was a denial-of-service (DDOS) attack which targeted servers across the country, including Estonia’s banking systems and mobile networks, rendering them inoperable.
LulzSec
Associated with online activists Anonymous, LulzSec caused havoc across the internet during the first half of 2011. Its attacks were distinct for not being motivated by profit or a particular ideology, but instead were done just for the sake of it (or for the ‘lulz’). However, this was a serious attack, which targeted the likes of the CIA, Sony, and AT&T, before it announced its disbandment following the arrest of "Topiary", one of its leaders, in July 2011.
Titan Rain
Discovered in 2004 by one Shawn Carpenter, Titan Rain took the form of a series of coordinated ‘cyber raids’ to access classified US government files. Suspected by the FBI of originating in China, the hackers were able to infiltrate networks at organisations including NASA and Lockheed Martin, making off with military intelligence and classified data.
Epsilon
One of the costliest cyber attacks in history, the 2011 data breach at Epsilon, the world’s largest provider of marketing and handling services to major financial services, retailers and other major companies had an estimated damage cost of between $225m to $4bn dollars. The attack targeted company email addresses which were then used for criminal activities, meaning its lifespan was far longer than other similar breaches.