💻 NOTABLE CYBER-ATTACKS 💻

One of the most devastating ransomware attacks in history in terms of loss volume was caused by WannaCry, launched in May 2017. This ransomware attack hit around 230,000 computers globally. It spread through computers operating Microsoft Windows. User's files were held hostage, and a Bitcoin ransom was demanded for their return. The attackers demanded $300 worth of bitcoins and then later increased the ransom demand to $600 worth of bitcoins. If victims did not pay the ransom within three days, victims were told that their files would be permanently deleted.
Why did it happen?
Computer users became victims of the WannaCry attack because they had not updated their Microsoft Windows operating system. Had they updated their operating systems regularly, they would have benefited from the security patch that Microsoft released before the attack.
Be sure to keep your software and operating system updated. This is an essential ransomware protection step!!!

Robinhood is a USA-based stock trading app. On November 3rd 2021, data of 7 million users was stolen and held to ransom by cyber criminals.The hackers accessed this data through social engineering, divulging employee login details to access the network without using brute force. This led to 5 million users having their email addresses compromised, with a further 2 million having their full names exposed. 310 victims had more personal information stolen, including dates of birth and US zip codes.The hackers demanded a ransom to prevent this data from being leaked. Robinhood refused, hiring a cyber security firm to investigate the breach.

JBS is the largest meat processing company in the world. On May 30th 2021, cyber criminals breached the JBS network with ransomware, disrupting plants in the USA, Canada and Australia. All JBS-owned beef processing plants in the USA were temporarily inoperative. Impacts included the US Department of Agriculture being temporarily unable to offer wholesale prices for beef and pork, and highlighted vulnerabilities in the meat processing supply chain. On June 9th, JBS paid an $11 million ransom to the cyber criminals, preventing further disruption and the potential leaking of sensitive data. JBS stated that it spends over $200 million annually on IT and employs more than 850 IT professionals worldwide.

On 23rd February, Nvidia, a major microchip producer suffered a data breach which saw source code fall into the hands of cyber criminals.The hacking group Lapsu$ claimed responsibility for the attack, claiming it had stolen around 1TB of data. This included employee information, such as account passwords, and source code for graphics card drivers. No ransomware was detected in the security breaches, with the crime group instead demanding Nvidia make their drivers open-source. Nvidia responded by changing all staff members' passwords, ensuring any leaked information would be useless. Lapsu$ also claimed that Nvidia launched a ransomware attack against them, encrypting the stolen data so it couldn't be leaked.

On 16th September 2022, Uber's AWS cloud account and corporate Slack account were breached. It is likely that the hacker purchased an Uber corporate password used by a contractor, whose credentials had been exposed after their personal device was infected with malware. The hacker used these credentials to repeatedly log in to the contractor's Uber account, which triggered MFA approval requests. Repeated MFA requests caused 'MFA fatigue' where the contractor became fed up with receiving notifications. When the contractor eventually accepted a request, the hacker gained access to the account and escalated the attack.
Uber responded by identifying potentially compromised accounts, either blocking them or resetting their passwords. They also reset access to internal tools and locked down the codebase to prevent any new code changes. No public-facing applications were accessed, meaning sensitive data such as customer credit card details and bank account information remained secure.