Forget horror movies and spooky ghost stories; the things that scare us most on Halloween are cybersecurity horror stories about famous cyberattacks. Whether they were data breaches caused by a ransomware attack or human error, we’ll go over cybersecurity horror stories that will scare even your CEO this Halloween.
The Colonial Pipeline Attack
In 2021, hackers halted operations of the Colonial Pipeline with a ransomware attack. The Colonial Pipeline is responsible for transporting over 100 million gallons of fuel daily. The attack disrupted fuel supplies along the East Coast and even the president at the time declared a state of emergency. This caused the attack to be one of the more famous cyberattacks on critical infrastructure.
Hackers got into the network through a compromised VPN password. The system had no multifactor authentication in place, making the attack much easier. The password they had gotten was from a separate breach.
The pipeline was shut down for 5 days, with the company opting to pay a ransom of $4.4 million to end the attack. If $4.4 million and 5 days of downtime doesn’t have you on the edge of your seat, there’s more to come.
The Equifax Data Breach
Continuing with the cybersecurity horror stories, we have the Equifax breach that occurred in 2017. With Equifax being one of the three largest credit reporting agencies, they were bound to be a target for hackers.
The personal data of 148 million Americans was compromised, making this one of the largest data breaches ever. The data included names, social security numbers, and driver’s license numbers. Reportedly, around 209,000 consumers also had their credit card numbers breached. Later on, Equifax was required to pay a settlement to affected individuals worth up to $425 million.
The sensitivity of the data and the scale of consumers affected puts the Equifax breach on our list of cybersecurity horror stories.
The WannaCry Outbreak
Another famous cyberattack that happened in 2017 was the WannaCry attack, interesting name, right? WannaCry is a type of malicious worm, a self-replicating malware designed to spread across computers.
It spread to more than 200,000 computers in over 150 countries with notable victims being Honda, Nissan, and FedEx. Some hospitals were forced to divert ambulances to alternative hospitals due to the attack affecting systems. The attack encryption locked files and systems, demanding a ransom payment for them to be released.
Interestingly enough, it was spread using an exploit developed by the NSA. The exploit was stolen and released to the public by the hackers. The scary part is that this exploit only worked on old, unpatched versions of Windows. So, the spread of this virus was in part due to the lack of updates on machines.
Photo by Imperva
The Mydoom Virus
This virus is known as the worst computer virus outbreak in history according to HP. It resulted in estimated damages of $38 billion in 2004 dollars, which would be around $66.47 billion today, adjusted for inflation.
Like the WannaCry virus, this one was a worm that replicated itself and spread through computers. At one point, this virus made up 25% of all emails sent.
It was able to infect computers, making them able to be controlled remotely, known as zombie computers. Those computers were then used for DDoS attacks, which are intended to shut down a website or server. Individuals on infected computers most likely didn’t know what was happening, probably just experiencing slow speeds or glitches.
Are You Scared Yet?
These cybersecurity horror stories remind us that the real fright isn’t in ghost stories or haunted houses, but on the Internet. Data breaches, worms, and ransomware all usually start with a single vulnerability. Sometimes that’s a weak password, an ignored update, or an insider threat.
For CEOs, these aren’t ghost stories; they’re wake-up calls. This Halloween, make sure your company’s defenses are stronger than ever. Even if you’re not a CEO, use what you’ve learned to help educate your team on cyber awareness.
The monsters of the digital world never rest, but with the right cybersecurity strategy you can keep them out of your network and out of your nightmares.
Tom Kirkham brings more than three decades of software design, network administration, and cybersecurity knowledge to organizations around the country. During his career, Tom has received multiple software design awards and founded other acclaimed technology businesses.
