How did we get to this state? It's been largely incremental. The largely independent "hackers" or "crackers" of the 1990s and 00s have given way to highly organized groups, often with connection to traditional organized crime or even rogue governments, capable of large-scale action. Likewise, as the number of Internet-connected computers and other devices grows, so too has the opportunity for malicious action.
So, let's take a look back at a few of the most impactful cybercrimes of the 2010s.
While it can be difficult to objectively evaluate damage done by a cyberattack in an apples-to-apples fashion, it's hard to argue against claims that WannaCry was the worst attack yet seen. This was the attack that put ransomware on the map, famously crippling the United Kingdom's National Health Service and genuinely endangering the lives of many British people who rely on the NHS.
It also hit several state governments in India, the Chinese public security bureau, multiple Russian governmental offices, Boeing, FedEx, and a long list of others.
All in all, it's estimated to have impacted up to 300,000 individual computers in 150 different countries. Estimates of the damages done are well into the billions, although we will likely never know the full extent.
In terms of sheer numbers of people affected, the largest single data breach of all time probably was the attack on online search engine Yahoo which occurred in 2013, but the company did not fully admit to until 2016. Over one billion people had their personal information stolen, including full names and dates of birth, effectively representing every user Yahoo had ever signed up.
There is simply no way of knowing how much actual damage was done by the breach, but when literally one in seven human beings on planet Earth were part of it, the after-effects must have been immense.
In consecutive years, mega-retailers Target and Home Depot were both
Previously, most data-grabbing hacks had targeted servers. These two attacks were unique in that they attacked point-of-sale devices directly, a vector which caught security researchers at the time completely off guard. Also, rather than attacking at night, they had their malware running "in plain sight," during the busiest hours, assuming that it wouldn't be spotted amongst all the other traffic.
Since then, other retailers have learned how to better secure their POSes, thankfully.
Most of the major hacks of the decade targeted either consumer data or attempted direct theft of funds. When Sony Pictures was hit by a major hack in 2014, the target was their own virtual merchandise. Over 100 terabytes of movies were stolen by a hacker group calling itself Guardians Of Peace, including several films which had not yet been released to theaters. They were all released to pirate movie sites, causing enormous financial loss.
This wasn't even the only time Sony had suffered from high profile attacks. In 2011, their Playstation Network gaming service was entirely taken over by hackers for over three weeks, stealing 77+ million user accounts in the process, followed by 21 other smaller attacks in the following years - capped off by the movie heist.
This would easily qualify for "most embarrassing" hacks on the list... except for our next entry.
Tales of teenage cyber-criminals were commonplace in the 90s and especially the 00s, but their involvement in high-level hacking largely dropped off as "professionals" took over. Until, that is, a 15-year-old British boy hacked the CIA. He gained access to highly-confidential mission planning, data on hundreds of spies, and much more.
The most astounding part is that he did this using almost nothing but
At least it's relatively easy to train your own employees to recognize and overcome social engineering scams with Hummingbird Networks!