blog-banner-image

The Most Infamous Cybersecurity Hacks in World History: Five Destructive Data Breaches

Search For Schools

1
2
3

The future is here, and it’s hackable. The increasing interconnection between the physical and digital worlds has led to a staggering number of cyberattacks in recent years. These attacks are not only getting more frequent, they’re getting more sophisticated, more severe, and more successful, too. Things have come a long way since 1903 when Nevil Maskelyne hacked a public demonstration of a purportedly secure wireless telegraph technology.

Today’s cybersecurity hacks cost a lot of money: approximately $17,700 is lost every minute due to phishing attacks; ransomware attacks swindled the healthcare industry out of $25 billion in 2019; and the US government has allocated an estimated $18.78 billion for cybersecurity spending in 2021. But the motives and consequences of the most sinister and destructive hacks go far beyond cash.

Below you’ll find five cybersecurity hacks that have truly changed the world, and their destructive influence can still be felt today. To learn more, read on.

Hack the Vote: The 2016 Presidential Elections

In one of history’s most ambitious and multi-pronged cybersecurity hacks, the Russian government interfered with the 2016 elections in the United States in order to help elect President Donald Trump. According to US intelligence agencies, these efforts came directly from Russian President Vladimir Putin but were carried out by a decentralized cyber-army.

During the summer and fall of 2016, Russian hackers forced their way into voter databases and software systems across 39 different states. Officials in the Obama administration were so alarmed that they actually used “the red phone”—a hotline originally established during the Cold War to allow quick, direct communication that could avert potentially world-ending actions. It didn’t help.

Hackers affiliated with Russia’s military intelligence service (GRU) went on to penetrate email servers controlled by the Democratic National Committee (DNC) and other elements of Hilary Clinton’s presidential campaign. And, while they also hacked into the Republican campaign, the Russians only leaked the Democrats’ files.

Perhaps the more impactful side of Russia’s cyber-intervention was through not outright hacking but a programmatic campaign of misinformation. The Internet Research Agency (IRA) in Saint Petersburg would become one of the most widely known troll farms: creating thousands of fake social media accounts that were then used to influence negative sentiment, amplify fabricated news, and divide voting blocs.

The FBI, CIA, NSA, and Senate and House Intelligence Committees all agree: Russia engaged in an extensive campaign to sabotage the election in favor of President Trump, and Putin was explicitly at the head of it. President Trump has said he believes these findings to be part of a hoax; Putin, after years of denial, now acknowledges there was potentially some interference, but claims he himself had nothing to do with it.

While it’s not proven that Russian interference changed the eventual outcome of the 2016 election, it’s had an undeniable effect on the political landscape of America—one that will continue long into the future.

A Tale of Two Hacks: Bitcoin’s Mt. Gox

Launched in 2010, Mt. Gox was the first major cryptocurrency exchange. Its problems set in quickly: an ownership change entitled the original founder to a share of the site’s revenue, along with admin access to audit the site’s earnings. This is widely believed to be the point of failure for what came next: hackers compromised an admin account, and gained access to the private keys (similar to a master password) for the site’s hot wallets (similar to a bank account that’s linked to several ongoing transactions).

Initially, a total of 25,000 bitcoin was stolen and transferred to a single account. At the time of the hack, this was worth between $375,000 and $500,000; today, it’s worth approximately $1.5 billion.

The attack did damage to the wider cryptocurrency community, too: in attempting to quickly transfer the stolen bitcoin into traditional currency, the hacker or hackers inadvertently crashed the market, with the price of bitcoin temporarily dropping from $17.50 to a single cent, and some opportunistic traders were able to accumulate enormous sums of the cryptocurrency at hugely deflated prices. And while Mt. Gox reimbursed the users who had their bitcoin stolen, the damage wasn’t fully known yet.

Mt. Gox survived the 2011 attack, and in 2013 it was still the largest bitcoin exchange, handling over 70 percent of bitcoin transactions worldwide. But the site crashed for good in 2014, when Mt. Gox turned off all withdrawals and filed for bankruptcy, saying that 850,000 bitcoin—worth about $48 billion today—had been potentially stolen.

While a quarter of the stolen sum is believed to have been recovered, the resultant legal process has been drawn out and provided few answers. Investigations revealed that the Mt. Gox private keys were unencrypted, and had potentially been stolen in the 2011 hack. But authorities (and some members of the public) refuse to rule out the possibility of an inside job.

A Hack of Pandemic Proportions: WannaCry

In matters of sheer scale, there’s never been a cyberattack as big as WannaCry. According to Europol, over 230,000 computers were affected across 150 countries. This was a ransomware attack that used a cryptoworm delivery, replicating and spreading itself as it went along.

The attack began on May 12, 2017, and wasn’t stopped until May 14, when a researcher stumbled across a kill switch hardcoded into the malware. Among the hardest hit was the National Health Service in the United Kingdom, with up to 70,000 devices infected, disrupting health services significantly. If the kill switch hadn’t been discovered so quickly, the impact could have been far worse.

WannaCry was propagated through EternalBlue, an exploit that was discovered and developed by the National Security Agency (NSA). EternalBlue was, itself, stolen and leaked by another hacking group a year prior to the WannaCry attack.

While Microsoft had issued security patches to cover the exploit since it was leaked, many devices still weren’t updated or were past their end-of-life cycle. Fastidious updating of patches remains integral to organizational security, and cyber-proliferation is a growing concern across the globe: EternalBlue was used again, in 2019, in a ransomware attack on the City of Baltimore.

Death in Düsseldorf: The World’s First Cyber Fatality

It started as a relatively modest and routine hack by 21st century standards. In September 2020, cybercriminals hit 30 servers of the University Hospital Düsseldorf with ransomware, encrypting the hospital’s data and holding it hostage until a payment was made. Hospitals are an unfortunately frequent target for this kind of attack, due to their reliance on data and the urgency with which they must access it; as a result, hospitals usually pay the ransom.

But in this case, it turned out to be a bit of a mistake. The ransom note was addressed to the affiliated university, not the hospital itself. When police contacted the attackers via the ransom note to let them know that it was in fact the hospital under attack and that patients were at risk, the attackers actually stopped the attack and unlocked the hospital’s files. Prosecutors are considering adding a manslaughter charge to the list of crimes perpetrated by the hackers.

It wasn’t fast enough. The attack had crashed the hospital’s systems and forced the hospital to divert emergency patients elsewhere. Tragically, this included a woman with a life-threatening condition: she died as a result of treatment delays and is considered the first known death to result from a cyberattack. Unless something changes, she’s unlikely to be the last. In 2019, over 750 American healthcare providers were hit by ransomware, costing them an estimated $7.5 billion.

Click Here For Free Money: Twitter’s Celebrity Hack

On July 15, 2020, celebrities all over the world appeared to be struck by a bolt of extreme generosity. Elon Musk started the trend when he tweeted out a magnanimous offer: anyone who sent bitcoin to the address he provided would receive double that amount of bitcoin in return. More celebrities quickly followed suit, with Bill Gates, Barack Obama, Kanye West, and Warren Buffet being just a few of the many who tweeted similar offers to Musk.

It was, of course, a scam: one that made off with a somewhat underwhelming sum of around $118,000. Two weeks later, three people were charged in the attack, including a 17-year-old from Florida and a 16-year-old from Massachusetts.

Perhaps most worrying was how easy the attack had been: the hackers had used no complex programs and no sophisticated methods. They’d simply tricked Twitter employees into handing over their login credentials. Cybersecurity professionals were left to wonder how damaging the attack could have potentially been. Digital words have tangible power in the 21st century, and if the Musk account had tweeted erroneous information about Tesla’s stock price, or if the Obama account had tweeted fake political statements, there would have been serious physical consequences.

While the attack didn’t net the hackers as much of a financial windfall as they might have hoped, it did shake awake a public that had come to view Twitter as an official mouthpiece of the global elite. The social networking site, which, in its early days, had been something to never take seriously, was now being looked to as an official authority, and one spearheaded by former President Donald Trump (whose account has now been suspended).

This attack proved that the most valuable targets for cybercriminals aren’t necessarily the ones connected to financial institutions, but instead the ones connected to as many eyes as possible.

Matt-Zbrog
Writer

Matt Zbrog

Matt Zbrog is a writer and researcher from Southern California. Since 2018, he’s written extensively about the increasing digitization of investigations, the growing importance of forensic science, and emerging areas of investigative practice like open source intelligence (OSINT) and blockchain forensics. His writing and research are focused on learning from those who know the subject best, including leaders and subject matter specialists from the Association of Certified Fraud Examiners (ACFE) and the American Academy of Forensic Science (AAFS). As part of the Big Employers in Forensics series, Matt has conducted detailed interviews with forensic experts at the ATF, DEA, FBI, and NCIS.