The 5 Worst Cybersecurity Disasters of 2017

December 20, 2017 11:50 am

Perhaps we’ll remember 2017 as the year Malware went global. 2017 has ushered in a new era, where the dangers of cyber-warfare are more present in our lives than ever before. There has been no other year on record where the consequences of cybersecurity mess-ups have been so keenly felt by the public.

In the UK and Ukraine, people who lived their lives oblivious to the dangers of a Malware attack were suddenly made aware. In the UK, the country’s health service was brought to its knees. In Ukraine, whole stretches of their essential infrastructure stopped functioning because of a brutal malware attack.

Here we present to you our ranking of the worst cybersecurity disasters of 2017… and if this year is anything to go by, 2018 is a guaranteed wild-ride for those of us in tech.

  1. The Shadow Brokers – April 2017

We really have the National Security Agency to thank for two of the world’s worst malware attacks so far.

Like millions of shady government departments world-over, the NSA’s mysterious tech department, the Equation Group, have been working on developing cyber weaponry. That’s one thing – but leaving your weapons vulnerable to theft is something else entirely.

Hackers, the Shadow Brokers, stole a load of data from the Equation Group, and since August 2016, have been attempting to auction the info. With each failure to auction it, they’ve leaked the info online.

April this year saw their biggest data-dump yet. The Shadow Brokers released details on the NSA-developed exploit ETERNALBLUE… and the leak lead to two of the biggest malware attacks the world has ever seen.

  1. WannaCry – May 12th, 2017

If you knew something had been stolen from you that could bring half the world to its knees, would you tell anyone? The NSA certainly didn’t think so.

On May 12th, WannaCry ransomware spread around the globe, and its success depended on the ETERNALBLUE exploit being open. During peak WannaCry chaos, the malware was on 57,000 computers in over 70 countries.

Truly the worst consequences of WannaCry were felt in hospitals, where WannaCry took down whole systems – endangering lives.

The UK bore the worst of it, and nearly the whole National Health Service had to switch to pen and paper during the outbreak. Lives were jeopardized, and crucial treatments delayed.

The NHS were ultimately blamed for not plugging patches in their system, because instead of doing something like get online malware removal, they left themselves open. But there’s a lot of organizations who have blood on their hands for WannaCry – not least the US government, for keeping schtum about the exploit, after the data was stolen.

Ultimately, both the UK and the US government blamed WannaCry on North Korea – but some in tech are dubious.

  1. NotPeyta- 27th June, 2017

This ransomware ended up being dubbed ‘NotPeyta’ because it masqueraded as Peyta ransomware – but was something else entirely.

The ransomware began in Ukraine and spread across the world, and it took out a range of businesses, including U.S. pharmaceutical company Merck, and Danish shipping giant Maersk. Once it got inside a companies’ network it quickly spread from device to device, demanding $300 in bitcoin to unscramble each device.

However, it seemed NotPeyta only had the guise of ransomware, and was built purely to destroy, not to extort money. Like WannaCry before it, NotPeyta succeeded because of the leak of NSA exploits.

NotPeyta seemed to specifically target Ukrainian infrastructure, and took down systems related to public transport, power companies, airports and their central bank.

Because of this, NotPeyta is now commonly suspected to be an act of Russian cyberwarfare which specifically targeted Ukraine. Its spread outside Ukraine could be an accident – or an effort to disguise an act of targeted cyberwarfare.

  1. Wikileaks’ Vault 7- March 2017

Also known as the ‘spies keep spying’ data-dump. Wikileaks published a ginormous trove of documents stolen from the CIA – over 8,000 in total- detailing how the CIA spy on individuals.

The files were fairly unremarkable to anyone with a cursory knowledge of how intelligence agencies operate, because they are obviously developing method to spy on targets.

The more paranoid among us were relieved the CIA, unlike the NSA, don’t practice blanket mass-surveillance. Many were pleased the CIA often need to physically install spyware on devices, because end-to-end encryption is so effective at blocking prying eyes.

However, users of Windows, OS X and iOs were all found to be vulnerable to remote CIA hacks, some of which were developed by the NSA, and others by Britain’s GCHQ.

The leaks haven’t been confirmed or denied, but if they are legit – and they most likely are – CIA operations have most likely been badly compromised.

  1. Macron Campaign Leak, May 2017

Just two days before the French Election, during the time the French press and French candidates typically observe a media blackout on election coverage, emails from the Macron campaign were leaked on pastebin.

The Macron leaks came too late to influence the French election – Macron won fairly comfortably – but they are seen as an attempt to sow discord and doubt across the electoral system. The documents have been deemed ‘utterly banal’ – quite unlike the DNC leak that so influenced the American election.

Many cybersecurity experts have attributed the leaks to APT 28, a Russian hacking group that are believed to be state-sponsored. Also known as ‘Fancy Bear’, they are considered to behind the leaks of the US Democratic Party.

%d bloggers like this: