X

The worst cyberattacks undertaken by nation-state hackers

These are the worst known cyberattacks which are believed to be the work of hackers backed by governments and ruling parties worldwide.
By Charlie Osborne, Contributing Writer
screen-shot-2018-09-06-at-17-14-08.png
1 of 12 Charlie Osborne/ZDNET

WannaCry

The WannaCry ransomware campaign hit hundreds of thousands of computer systems worldwide in one fell swoop, causing disruption to countless organizations including the UK's National Health Service (NHS), US hospitals, Nissan, and Russian banks.


The ransomware spread, made possible through a leaked NSA hacking tool and Windows exploit Eternal Blue, is believed to be the work ofNorth Korea.

screen-shot-2018-09-06-at-17-22-28.png
2 of 12 Charlie Osborne/ZDNET

NotPetya

NotPetya, another global malware campaign which claimed victims in Ukraine, Russia, Denmark, the UK, and the United States in 2017, caused chaos at everything from banks to shipping companies and nuclear facilities.

Originally, NotPetya was believed to be a kind of ransomware, but further analysis revealed the malware's true destructive purposes.

UK officials have blamed the Russian militaryfor the cyberattack.

See also: Cybersecurity: Nation-state cyber attacks threaten everyone, warns ex-GCHQ boss

screen-shot-2018-09-06-at-17-29-01.png
3 of 12 Charlie Osborne/ZDNET

Turla

An advanced persistent threat (APT) group believed to be backed by the Russian government, Turla has been quietly attacking political targets for many years.

Turla, active for at least a decade, has been connected to cyberattacks launched against European government organizations, including consulates and embassies.

The group uses the Gazer malware family, watering hole attacks, and phishing campaigns.

screen-shot-2018-09-06-at-17-37-40.png
4 of 12 Charlie Osborne/ZDNET

Stuxnet

Back in 2010, the Stuxnet worm infiltrated an Iranian nuclear power facility, inserting itself into SCADA systems and affecting uranium centrifuges. While never admitted, the worm is generally believed to be the work of the US government's National Security Agency (NSA) with the assistance of Israel.

screen-shot-2018-09-06-at-17-43-11.png
5 of 12 Charlie Osborne/ZDNET

Skulls in South Korea

In 2013, a number of major South Korean banks and a local broadcaster were faced with files vanishing before their eyes and images of leering skulls posted on computer screens.

The coordinated attack crashed systems for the best part of a day, causing widespread disruption. It is believed the outage was due to North Korean state-sponsored hackers.

screen-shot-2018-09-07-at-08-36-27.png
6 of 12 Charlie Osborne/ZDNET

A string of attacks

China has been blamed as the suspected source of a cyberattack launched against the US Office of Personnel Management (OPM) which led to the leak of sensitive information belonging to nearly four million government workers.

screen-shot-2018-09-06-at-17-49-20.png
7 of 12 Charlie Osborne/ZDNET

Sony's suffering

A devastating attack launched against Sony Pictures in 2014 resulted in internal systems being crippled, terabytes of data being leaked online, and the sensitive information of celebrities and staff being compromised.

While attribution was difficult beyond a message which suggested the hack was the work of "Guardians of the Peace," the cyberattack has now been formally laid at North Korea's door in the form of Pak Jin Hyok, who was reportedly an intelligence officer for the Reconnaissance General Bureau, North Korea's military intelligence agency.

screen-shot-2018-09-06-at-18-03-46.png
8 of 12 Charlie Osborne/ZDNET

The bank heist of the century

The Bangladesh Bank was the victim of an insidious cyberattack which relieved the organization of $80 million in funds. Malware was used to infiltrate the bank's networks in order for threat actors to learn how the institution used the SWIFT financial messaging system, and this knowledge was then used to make a series of rapid, fraudulent transactions.

North Korea was later linked to the bold bank heist due to similarities which connected the threat actors to the 2014 Sony cyberattack.

screen-shot-2018-09-06-at-18-11-58.png
9 of 12 Charlie Osborne/ZDNET

Routers worldwide

Earlier this year, US and UK law enforcement warned of a mass cybercampaign against home routers, ISPs, and firewall systems. Authorities say the compromised systems were not only offering valuable information to state-sponsored groups but could also pave the way for attacks in the future.

The coordinated attack used Man-in-The-Middle (MiTM) attacks to conduct covert surveillance using the VPNFilter malware.

It is believed Russian, Kremlin-based hackers are behind the campaign.

screen-shot-2018-09-06-at-18-26-52.png
10 of 12 Charlie Osborne/ZDNET

Elections

In 2018, the US Department of Justice (DoJ) indicted 12 Russians, accused of interfering with the US general election due to the Russian government's wishes.

The hackers launched a spearphishing campaign against senior officials for the Hillary Clinton campaign and later leaked close to 20,000 confidential emails and files relating to the Democratic National Committee (DNC).

See also: Russia 'front of the queue' when it comes to hacking, says security minister

screen-shot-2018-09-06-at-18-33-26.png
11 of 12 Charlie Osborne/ZDNET

Power plants in turmoil

Iran is suspected to be behind the deployment of Triton malware in Saudi Arabia. The malware, which displayed a "Stuxnet level of sophistication," was launched against power plants, and in particular, Schneider Electric devices.

Triton's main focus was to tamper with emergency shutdown systems.

screen-shot-2018-09-07-at-08-40-19.png
12 of 12 Charlie Osborne/ZDNET

Industroyer

In 2016, the city of Kiev in Ukraine suddenly found itself without power. While energy was restored an hour later, but it emerged the reason for the unexpected blackout was not due to a glitch in the system, but rather, malware.

Dubbed Industroyer, the malware -- considered the "biggest threat to industrial control systems since Stuxnet" -- was able to wipe systems and cause industrial services to crash.

Ukrainian officials have blamed Russian state-sponsored hackers for the attack as part of an ongoing "cyberwar" against the country.

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes
Holiday lights in Central Park background

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes

21 Photos
Winter backgrounds for your next virtual meeting
Wooden lodge in pine forest with heavy snow reflection on Lake O'hara at Yoho national park

Related Galleries

Winter backgrounds for your next virtual meeting

21 Photos
Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes
3D Rendering Christmas interior

Related Galleries

Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes

21 Photos
Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza
img-8825

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos