Technology has been a huge facilitator in recent times. But the digital paradox here is that it can be a disruptor too if used by people with ulterior intentions. The digital technology wave continues to transform and disrupt the business world, exposing them to both opportunities and threats. This is evident from a recent survey that shows how cyber crime has escalated to the second position in the list of most reported economic crimes in 2016. So let us have a look at the 10 most outrageous attacks in the history of cyber crimes that shook the entire world!

1. Yahoo Data Breach

The Yahoo data breach broke all records of data theft in the history of cyber crimes. Yahoo found itself at the target point of hackers not once but twice as it came to terms with more than 3 billion user accounts being stolen! This incident put personal information such as name, phone number, email ID and passwords of 3 billion users out in the open! And the mystery continues till date as Yahoo struggles to find how this data breach was initiated and executed.

2. The Logic Bomb

Considered as one of the most devastating attacks in the history of cyber crimes, the aftermath of this logic bomb was way beyond a monetary tally. It involved the Americans embedding a piece of code to the Russians during the cold war of 1982. Once this code which was used to control a pipeline for transporting natural gas from Siberia was activated, it caused an explosion so strong that it could be seen even through space!

3. Ransomware WannaCry

Midway through 2017, the United Kingdom fell prey to one of the most devious cyber attacks it had ever faced – ransomware WannaCry. Delivered as an email attachment virus, it locked up all files in an MS Windows powered system, eventually demanding a ransom for unlocking them. Having started as an attack on their NHS computer system, the ransomware had slowly brought systems from the UK to the US and from Russia to China to their knees. As many as 300,000 computers over 150 countries were infected by WannaCry.

4. Petya / NotPetya / Nyetya / Goldeneye

The world had barely recovered from the impact of WannaCry when another wave of ransomware infections was unleashed onto networks all around the globe. Called Petya, NotPetya and by a few other names, it hit networks across multiple countries, the notables ones being the US pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosneft. Research has revealed that this ransomware attack was actually intended to mask a targeted cyber attack against Ukraine. It was aimed at Ukrainian infrastructures such as power companies, airports, the central bank and public transit. The attack was able to facilitate payment processing on a large scale for criminals, an illicit bitcoin exchange and money laundering across 75 shell companies and accounts globally.

5. Sony Pictures

In 2011, Sony’s data storage was hacked exposing the records of over 100 million customers using their PlayStation’s online services. What was shocking was that the hackers had access to all the credit card information of users apart from personal details! This data breach cost Sony over 171 million USD.

6. Epsilon

Epsilon – one of the world’s largest email marketing service provider handling more than 40 billion emails and more than 2200 global brands landed up in a soup when hackers stole details belonging to more than 50 of their clients, including some top banks and retail giants! This data breach which was executed as a phishing email cost Epsilon over 4 billion USD.

7. LinkedIn Hacking

Social networking website LinkedIn fell prey to a hack executed by Russian cyber criminals who stole the passwords of nearly 6.5 million user accounts. Soon these stolen passwords were made available in plain text on a Russian password forum! Adversity struck again when LinkedIn discovered in May 2016 that an additional 100 million compromised email addresses and passwords that were claimed to be from the 2012 breach, were released into the hacker forum. Some tech news reports have revealed that hackers were trying to sell this information on a darknet market for around $2200 each!

8. JP and Morgan Chase & Co

 In 2015, the accounts of 76 million households and 7 million small businesses associated with JPMorgan Chase were compromised in what the hackers described as “one of the largest thefts of financial-related data in history”. The hackers then sold these personal data to a larger network of accomplices. Investigations later revealed that apart from personal data, the hackers also stole their business-critical data which enabled them to manipulate the company’s stock prices and make illicit financial profits.

9. Hannaford Bros. 

Hannaford, a supermarket chain with stores located mainly on the east coast of the US, fell prey to a security breach that exposed more than 4 million credit card numbers, leading to about 1800 cases of fraud in the year 2008. Having affected nearly 200 of its stores, the breach cost Hannaford over 250 million USD!

10. Citibank 

The year 1995 saw Citibank in a string of slander when a criminal ringleader, Vladimir Levin, hacked the bank and illicitly transferred about 3.7 million USD into the bank accounts of his criminal organization. He executed this well-planned hack by using a computer that was based in London and a list of customer codes and passwords. He was finally tracked down by the FBI at a London airport.

Let us stay vigilant enough to not let history repeat itself!

Thus, one should always remember that susceptibility of an organization or individual to cyber crimes is not an IT problem. The 2016 global economic crime survey has revealed the disheartening fact that most organizations bluntly leave the first response to a data breach on their IT teams without sufficient support or involvement of the senior management and other significant contributors. Additionally, the composition of these response teams is often not up to the mark, which ultimately affects the organization’s cyber security management.

Incognito Forensic Foundation (IFF Lab) which is headquartered in Chennai, India, has a state-of-the-art digital forensic lab and is replete with forensic experts adept at investigating cases of cyber crimes, data breach, identity theft and the like. They also provide services and solutions for an organization’s cyber and data security analysis and management.