em360tech image

Cyber attacks aren't new. Since the birth of the internet, organizations big and small and from all sectors have been targetted by cyber threats of all shapes and sizes. 

But as business technology evolves, so do the hackers trying to attack it, resulting in more complex and more dangerous attacks than ever before. 

Cybercrime is on the rise too. Over 2.3 million cyber attacks were reported in the UK in 2023 alone, with the average attack costing businesses £3,230 each.

Whether it’s malware, ransomware or phishing, these attacks can range from small-scale disruptions to large-scale disasters, and they can have a significant impact on individuals, businesses, and governments.

What is a cyber attack?

A cyber attack is any attempt to disable, manipulate, or gain unauthorized access to a computer system, network, or device. Cyber attacks can be launched by individuals, cyber groups, or even nation-states, and can target individuals, businesses, governments, and critical infrastructure.

There are many reasons why someone might launch a cyber attack. Some attackers might be motivated by financial gain, stealing information like credit card numbers or holding data hostage for ransom. 

Others might be looking to disrupt operations or cause damage, such as by launching a denial-of-service attack that floods a system with traffic and takes it offline.

biggest cyber attacks in history what is a cyber attack

In some cases, cyber attacks can even be state-sponsored, where one nation attacks the computer systems of another to disrupt their infrastructure or telecommunications systems. 

Cyber attacks are a serious threat to individuals and businesses alike. It's important for both businesses and individuals to be aware of the risks and to take steps to protect themselves, whether it be through using strong passwords, multi-factor authentification (MFA), or keeping software up to date.

Types of cyber attacks 

1. Malware

Malware is a broad term for any malicious software designed to harm a system. It encompasses a wide range of threats like ransomware, trojans, spyware, viruses, and worms. Malware can steal data, encrypt files, disrupt operations, or even take control of your device.

2. Phishing

Phishing is a type of social engineering attack that attempts to trick users into revealing sensitive information, such as passwords or credit card numbers. Phishing emails or messages often appear legitimate, impersonating banks, social media platforms, or other trusted sources.

3. Distributed Denial-of-service (DDoS) attacks

DDoS attacks aim to flood a system with overwhelming traffic, making it unavailable to legitimate users. This can prevent people from accessing websites, online services, or even critical infrastructure.

4. Man-in-the-middle (MitM) attacks

MitM attacks occur when an attacker intercepts communication between two parties, allowing them to eavesdrop on the conversation or even modify the data being exchanged.

5. Zero-day attacks 

Zero-day attacks are attacks that exploit vulnerabilities in software that the software vendor is not aware of. Zero-day attacks are particularly dangerous because there is no patch available to fix the vulnerability.

Biggest cyber attacks in history

Some cyber attacks are worse than others. While some only cause short-term problems and outages, other, bigger cyber attacks can be devastating – leaving companies with their reputation in tatters and a massive hole in their wallet. 

In this list, we’re counting down ten of the biggest cyber attacks in history, exploring each attack's impact and the lessons we can learn from it

Marriott Hotel Data Breach

In 2018, the Marriot hotel group revealed that it had been hit by a massive data breach that revealed the personally identifiable information of around 500 million guests. The issue was lurking in the background of the company’s technology for several years and didn’t come to light until 2018. The attack compromised a massive amount of guest data, including names, addresses, passport numbers, and potentially some encrypted credit card information. Estimates range up to 339 million guest records being affected globally. Only two years later, another data breach exposed the data of 5.2 million guests.

The Marriott hotel chain has also been a victim of other attacks since. In 2022, for instance, the chain confirmed it had been hit by another data issue in which hackers stole around 20GB of data, which included customer payment information and business documents held by the brand.

WannaCry Ransomware

One of the most infamous cyber attacks involving ransomware, the WannaCry Ransomware attack was a massive cyberattack that wreaked havoc on Windows computer systems worldwide. The attack exploited a vulnerability in Windows called EternalBlue, which had been leaked by a hacker group a month prior. Microsoft had already released a security patch to address this vulnerability, but many users hadn't installed it. The attack infected an estimated 230,000 computers across over 150 countries. It disrupted the operations of hospitals, businesses, and government agencies worldwide.

A security researcher discovered a "kill switch" that helped stop the initial spread of the worm, but victims had already paid ransoms to restore their systems before the killswitch was found. and the total damages are estimated to reach anywhere from hundreds of millions to potentially billions of dollars. A new version of the WannaCry ransomware attack also appeared again in 2018.

Ukraine Power Grid Attack

The Ukraine Power Grid Attack is considered the first successful cyberattack to cause a power outage on a national grid. It occurred in December 2015 and targeted western areas of Ukraine, resulting in power outages for around 230,000 customers across Ukraine and plunging pone-fifth of Kyiv's citizens into darkness as attackers used malware to target the capital city's power grid. The issue was attributed to an advanced persistent threat group known as “Sandworm”, who used BlackEnergy 3 malware to remotely compromise the computer systems of Ukrainian power distribution companies.

Since the ongoing Russo-Ukrainian War began in 2022, there have been multiple cyberattacks and physical strikes targeting Ukraine's national infrastructure. One of the most notorious of these attacks was the recent attack on the country’s Kyyivstar network, which knocked the network offline for days and left hundreds of thousands of Ukrainians unable to communicate. The attack is considered one of the most significant threats implemented by a cyber-criminal to an entire community or country of people.

The 2014 Yahoo Attack

In 2014, Yahoo became the victim of one of the biggest data breaches in history when approximately 500 million accounts were hacked by a state-sponsored actor. Hackers infiltrated Yahoo's systems and stole data including names, email addresses, birth dates, some phone numbers, and even security questions and answers. The exact method is unknown, but some speculate it involved a phishing scheme that tricked a Yahoo employee into clicking a malicious link.

Read: Why Did Yahoo Fail? The Rise and Fall of a Dot-com Tech Giant 

While Yahoo was aware of the intrusion in late 2014, the company didn't disclose the breach to the public until September 2016. This delay and the vast amount of stolen data exposed users to large amounts of identity theft and phishing attacks. Yahoo eventually invalidated unencrypted security questions and urged users to change their passwords. The company also faced investigations and a lawsuit that resulted in a fine of $117.5 million during its acquisition by Verizon for failing to disclose the attack to its customers and the relevant authorities. 

Adobe Cyber Attack

In 2013, Adobe, one of the world’s leading software developers, confirmed a cyber attack had compromised huge amounts of user data. Over 38 million customer accounts were compromised, including encrypted passwords, some credit card details, and email addresses. Beyond user information, the attackers also managed to steal source code for some of Adobe's popular software products like Photoshop and Acrobat. The attackers exploited weaknesses in Adobe's security measures, allowing them to infiltrate the network and steal data. Spear phishing emails, a tactic where attackers target individuals with emails that appear legitimate, are believed to have been part of the attack.

Following news about the attack, a spokeswoman for Adobe revealed the initial statement made by the brand did not reveal the full scale of the problem. Adobe was fined over $1 million in a multi-state suit over the breach, and the reputation of the company was damaged for years after the attack.

The PlayStation Network Attack

The 2011 PlayStation Network Attack, also known as the PSN Hack, stands as one of the most infamous cyber breaches in history. Hackers infiltrated Sony's PlayStation Network (PSN) and Qriocity services between April 17th and 19th, 2011, resulting in the theft of personal information from a staggering 77 million user accounts. While credit card data was encrypted, other sensitive information like names, addresses, emails, and even birth dates were not. With so much personal data at risk, Sony was forced to shut down the PSN servers for 23 days, and users lost access to online features on their PlayStation 3 and Portable consoles for nearly a month.

Sony admitted that personally identifiable information from all of the accounts had been exposed in May 2011. At the time, it was one of the largest cyberattacks of all time and the longest PlayStation outage in history, leading to around $1781 million in costs for Sony and led to multiple lawsuits against them. While Sony has recovered and continues to be a major player in the gaming industry, the PSN breach is still a crucial event in Sony’s history.

Estonia Cyber Attack

The Estonia Cyber Attack, which occurred in 2007, is significant for being one of the first large-scale cyber attacks targeting a nation's critical infrastructure. he attacks began on April 27th, 2007, following a political disagreement between Estonia and Russia regarding the relocation of a Soviet war memorial in Tallinn. The primary attack type was Distributed Denial-of-Service (DDoS), aimed at overloading the Estonian government, banking, media, and other critical websites with ‘zombie computers’, making them inaccessible to legitimate users. While the attacks primarily targeted websites, they caused significant disruption to essential services like online banking, media communication, and even some government functions.

During the attack, around 58 Estonian websites were taken offline, which included the websites of government official groups, media outlets, and banks. The attack pushed Estonia to become a global leader in cybersecurity. They were forced to strengthen their defences to prevent future state-sponsored attacks and established a strong Computer Emergency Response Team (CERT). According to some studies into the major digital event, the attack followed a political argument in retaliation to the relocation of a specific group into the outskirts of the city. The event is said to have resulted in around $1 million in costs.

The NASA Cyber Attack

Though not as large-scale as some later breaches, The 1999 NASA cyber attack has become known as one of the most infamous cyber attacks of all time. In 1999, a 15-year-old computer hacker called Jonathon James caused a 21-day shutdown of NASA computers that support the International Space Station and invaded a Pentagon weapons computer system to intercept e-mails, steal passwords and access like an employee. This reportedly allowed him to download the source code of over 1.7 million applications for the International Space Station and view over 3,300 confidential emails from NASA employees.

Though not a massive attack in terms of scale, the NASA cyber attack happened at a time when cyber threats had only just come to reach the headlines. It foreshadowed how dangerous cyber attacks could be and the sophisticated cybercrime that would emerge as the world entered the 21st century. It also served as a wake-up call for the importance of stronger cybersecurity measures, especially for government agencies. James was eventually arrested and sentenced to 9 months of house arrest and probation. As part of his sentence, he was required to write letters of apology to both the NASA administrators and the secretary of defence.

MOVEit

In May 2023, Progress Software disclosed a zero-day vulnerability in its MOVEit Transfer file transfer software that allowed attackers to gain access to MOVEit servers and steal customer data. In the months that followed, the vulnerability was exploited by several hacker groups, including the notorious Cl0p ransomware gang. The Clop gang targeted a wide range of organizations, including multiple government agencies, healthcare providers and businesses including British Airways, Boots and the BBC

By September, the MOVEit cyber attack had affected over 2000 organisations and exposed the data of 60 million people – andthis number keeps growing. The breach is considered to be one of the largest and most damaging cyber attacks in history, not only due to the number of individuals impacted but also its financial damages and long-lasting impact.

The Melissa Virus

The 1999 Melissa Virus holds a notorious spot in cyberattack history due to ts rapid spread and the chaos it caused in the early days of the internet. The Melissa virus, which has since become the fastest-spreading computer virus of its time, exploited Microsoft Word macro functionality and tricks in email subject lines to dupe users into opening an infected document. The virus then replicated itself by sending out emails with a malicious attachment disguised as a list of "important passwords." Melissa's rapid spread through email clogged servers and inboxes, disrupting operations at major companies like Microsoft, Intel, and even the US Marine Corps. Estimates suggest millions of email accounts were affected.

The Melissa Virus was launched by a programmer called David L Smith, who would become known as one of the most notorious hackers of all time due to his role in the attack. Smith used a hijacked America Online (AOL) account to post the virus disguised as a document on an internet newsgroup known for adult content, "alt.". This tactic lured users into downloading the infected Melissa file. Authorities were able to track the virus back to Smith and he was arrested in 1999. He pleaded guilty and was sentenced to prison time and a fine. While the virus didn't steal financial information or permanently damage systems, the cleanup and restoration functionality cost an estimated $80 million. This economic impact, paired with the widespread disruption, made it one of the biggest and most notorious cyber attacks in history.