Whether they’re financially or politically motivated, cyberattacks can have enormously far-reaching effects. In the 21st century, cybersecurity has become an increasingly vital geopolitical consideration. When breached, the results can be catastrophic.
In 2017, for example, the Russian cyber military unit Sandworm orchestrated a malware attack that cost global businesses an estimated $1 billion. A few years later, on the other hand, in 2021, hackers breached the system of a water treatment facility in Florida, nearly poisoning a regional water supply by programming a dangerous increase in sodium hydroxide.
Read on to find out about some of the most impactful cyberattacks in history.
1. Cyberattacks on Estonia (2007)
Cyberwarfare is an increasingly common element of the hybrid warfare ‘mix’ but it was still fairly novel in 2007 when Estonia was bombarded by a massive cyberattack. The attack, which massively destabilised the Baltic state’s infrastructure and economy, causing nationwide communication breakdowns, banking failures and media blackouts, came after Estonian authorities decided to move a bronze memorial of a Soviet soldier from the centre of Tallinn to a military cemetery on the outskirts of the city.
The move was hugely controversial, angering large sections of Estonia’s Russian-speaking population and sparking two nights of riots and looting. The cyberattack followed, plunging Estonia into chaos.
2. SolarWinds cyberattack (2020)
A cyberattack on an unprecedented scale, the Sunburst attack on SolarWinds, a major software company based in Tulsa, Oklahoma, sent shockwaves through America in 2020. The attack entailed a supply chain breach involving SolarWinds’ Orion software, which is used by many multinational companies and government agencies.By sneaking malware code (that came to be known as Sunburst) onto a routine Orion update, the hackers, thought to be directed by a Russian espionage operation, gained unfettered access to thousands of organisations, including the US government, for up to 14 months.
3. Ukraine power grid attack (2015)
This cyberattack on the Ukrainian power grid gave the world an early taste of Russia’s capacity to engage in far-reaching cyberwarfare as part of its ongoing effort to destabilise its neighbour. Carried out a year after the annexation of Crimea – widely regarded as the moment when Russia’s war with Ukraine effectively began – this complex attack is notable for being the first successful cyberattack on a power grid.
The attack, which is attributed to the Russian cyber military unit Sandworm, began when the Prykarpattyaoblenergo control centre fell victim to a cyber breach. The infiltration enabled hackers to seize control of a substation’s computer systems and take it offline. Attacks on further substations quickly followed. Ultimately 200,000-230,000 Ukrainian citizens are estimated to have been impacted by the attack.
4. NotPetya malware attack (2017)
Two years after the Ukraine power grid attack, Sandworm struck again, this time with a malware attack that, while almost certainly focused on Ukraine, inflicted enormous collateral damage across the globe. It’s estimated that organisations collectively lost $1 billion as a result of the attack.
NotPetya was so named because it initially resembled a ransomware attack called Petya, which was named after a weapons system in the James Bond film GoldenEye. But NotPetya proved to be a more significant and virulent threat. Like the WannaCry ransomware that also caused global havoc in 2017, it utilised a Windows Server Message Block (SMB) exploit to spread more rapidly.
Interestingly, although NotPetya gave the impression of being a ransomware attack, clues quickly began to suggest that the motives of its creators were more political than financial and that Ukraine was their main target. One such clue was the software used to initiate the infection was the Ukrainian tax software, M.E.Doc, which is used throughout the country. As a result, 80% of NotPetya infections were estimated to have occurred in Ukraine.