The 2010s: Real Cybersecurity Threats vs. False Alarms

determining real Cybersecurity Threats vs. False Alarms

With the close of the 2010s, we can look back on what was unquestionably a rollercoaster of a decade for cybersecurity. While it has undeniably been a boom for the industry, there has been a rise of potent new threats on a scale that has never been seen before.

The 2010s were home to every type of cybercrime and hacking imaginable. There were enormous data breaches, nation against nation hacking and espionage, relentless financial cybercrime, growing hacktivism, and apocalyptic levels of malware that wiped out entire business systems.

Below is a collection of the most staggering attacks of the decade, both for their sheer criminality, and the way they shaped cybersecurity and culture moving forward. While it’s easy to hope the coming decade won’t be home to such potent threats, it’s highly likely we’ll have to learn from these threats of yesteryear and prepare ourselves for the new ones to come.

A Decade of False Positives

It’s important to address the fact that, although the decade was filled with enormous, widespread attacks, it was also a decade filled with false alarms. As Bitdefender noted,

“As much as 25% of a security analyst’s time is spent chasing false positives—sifting through erroneous security alerts or false indicators of confidence—before being able to tackle real findings.”

This is a staggering statistic, and one that the industry is still far from effectively addressing. Enormous attacks may have received all the attention but it’s equally important to remember that almost a quarter of the decade was spent hunting down threats that never even existed.

The Biggest Threats of the 2010s

From the 2010 Stuxnet attacks to 2014’s unprecedented humiliation of an entire movie studio by a foreign nation, here is our list of the biggest cybersecurity threats of the 2010s:

Stuxnet (2010)

Kicking off our list of the biggest threats of the 2010s is none other than Stuxnet.

A computer worm attack co-developed by Israeli and US intelligence agencies, Stuxnet was used as a cyber-weapon to take down or cripple the Iranian nuclear weapons program. As this program was hitting its stride in 2009, this attack was of crucial importance to the two countries.

Intricately designed, the attack sought out SCADA equipment used in the nuclear enrichment processes. Once found, it destroyed it.

Far from the first nation against nation cyberattack, Stuxnet is perhaps notable for being the first to grab worldwide attention. Bringing awareness to a realm of warfare few knew existed.

Shamoon (2012)

Developed in response to the Stuxnet attacks years earlier, Shammon (or DistTrack) was an Iranian malware “cyber-weapon” designed to wipe data.

And wipe data it did.

Destroying nearly 35,000 Saudi Armco workstations, the attack brought the company to its knees, leaving the business scrambling to buy old-school hard drives in response. This was a move that saw prices skyrocket afterwards.

The Target Hack (2013)

While 2013 may have been most notable for Edward Snowden’s leaks, it was also notable for the world’s unhappy introduction to POS malware.

In December that year, Target admitted that payment details for 40 million users had been stolen from its stores’ systems. This generated significant negative media coverage for Target and severely damaged their reputation. In many ways it was a miracle that Target was able to recover as much as they have, as negative coverage of such scale is often enough to cause big international brands to close down.

Attacks like this had happened before, but never on a retailer of this size. The results were many cloned cards and many emptied bank accounts.

The North Korea vs. Sony affair (2014)

North Korea had a huge introduction into the hacking world when they hacked Sony Pictures and leaked studio data and humiliating private emails.

This was to prevent the release of ‘The Interview’, a comedy film that satirized North Korea. But while the attack was more present in the press for the humiliating damage to Sony, the attack itself introduced the reality of North Korea’s hacking ability and cemented its position as one of the leading cybercrime players in the world, with the ramifications of the hack still being felt years later.

DD4BC and DDoS extortion (2015)

2015 introduced the world to DDoS extortion. Pioneered by a company called DD4BC, the hacker group would demand a BitCoin payment in order to prevent a DDoS attack that would take down the company’s most vital services.

This type of attack is still widely used today, with the tactics of DD4BC being actively copied.

The DNC hack (2016)

The DNC hack is, at least in the United States, the most well-known and still-being-talked-about hack in recent history. Regardless of what side of the election you stood on, everyone has heard something along the lines of: “Well, he only got elected because Russia hacked us.”

In short, the DNC hack was an attack on the Democratic National Committee that led to the publication of unreleased emails and documents. This information was then strategically released during the 2016 US election that saw Donald Trump sworn into office.

Eventually traced to Russia, the attack has dominated the news ever since and is still making headlines all these years later.

Ransomware Triple Threat (2017)

There were three significant ransomware outbreaks in 2017: Wannacry, NotPetya, and BadRabbit. Each ransomware was designed by government-sponsored hackers, designed to weaken businesses in enemy nations or extort money.

They achieved this and more. Because these attacks relied on the ExternalBlue exploit that wasn’t fully understood, the ransomware strains ended up spreading far further than their creators had intended. Ironically, this ended up doing damage to some of the ransomware’s designer nations, namely Russia.

Although ransomware exists in varying sizes, with some specifically targeting much smaller sites and businesses, these attacks still remain notable for their size and audacity today.

Magecart (2018)

After attacks on British Airways and others, 2018 saw Magecart attacks go mainstream. By hacking into an online store and leaving malicious code, hackers began stealing thousands of customers’ payment information.

Far from being a thing of the past, these attacks are still taking place today – standing alongside POS malware as some of the chief modes of financial cybercrime. Protecting against this sort of financial hacking has forced online business owners to increasingly turn to preventative measures such as multi factor authentication, data encryption, and VPN services to keep business and customer information safe.

A New Decade

And that’s the decade. While there are other attacks worth looking at such as big game hunting, Gnostic players, Phineas Phisher, and Carbanak, the list above was arguably the most influential. The results left us with huge advances in security, but also far more work to do in order to move past false alarms and start tackling the real threats.

However, if nothing else, it gave us what may be the cyber-security phrase of the decade:

“We take your privacy and security seriously.”

Leave a Reply

Your email address will not be published. Required fields are marked *