Personalised business insurance
The spookiest time of the year is upon us, so we thought we'd help you get in the spirit (!), with a rundown of some of the scariest cyber-attacks EVER. Just don't read them alone!
The Worm of Doom
As creepy as they sound, worms can be hugely destructive, penetrating vulnerable computers, before replicating and spreading rapidly within a network. One of the scariest worms ever surfaced in 2004, with the very appropriate name Mydoom. It would appear as an innocent email error which once executed would send itself to your whole address book and spread through your network. Its effects were catastrophic, causing an estimated $38.5 billion in damage, and apparently it's still active in some form today. So watch out!
Cyber triggered explosion
We tend to think of cyber-attacks as causing system downtime, the loss of customer details or the release of sensitive information, however an attack on a Turkish oil pipeline in 2008 caused an actual explosion! The hackers, rumoured to be connected to Russia, were able to shut down alarms, cut off communications and then super-pressurise the crude oil in the line, leading to the explosion. The business impact was said to be in the billions of dollars, while it also showed the world just what a cyber-attack is capable of.
Bleeding from the heart
Not so much an attack as a very serious hole in your bullet-proof vest, Heartbleed was a security bug discovered in 2014, affecting anybody using the OpenSSL software library – reportedly around two in three servers on the web. The bug allowed attackers to pull data from any affected server's memory, with the potential to expose a serious amount of sensitive information. And while emergency surgery was rapidly ordered to fix the issue, it was a wake-up call to the vulnerabilities that can exist on the web and the complacency of organisations using 'secure' software.
Skeletons in the closet
Millions of philanderers had the fright of their lives in July 2015, when they discovered that their personal details had been stolen from Ashley Madison, the now infamous hook-up site for the unfaithful. The attack was the work of a group calling itself "The Impact Team", which demanded that the site be taken down within a month or the data would go public. When Ashley Madison refused, the group stayed true to its word, exposing millions of terrified users and immediately plunging thousands of marriages into crisis.
Also in July 2015, the US Office of Personnel Management announced that it had been hit by a data breach, described as one of the largest ever to affect the country's government data. The hack led to the loss of Social Security numbers, as well as names, dates and places of birth, addresses and even fingerprints. It was later discovered that the breach affected as many as 21.5 million people, with 5.6 million fingerprints stolen as part of the hack.
It's many people's worst nightmare. No Twitter, no Spotify, no Airbnb… no Netflix! Well, that's exactly what happened this October when multiple attacks caused widespread disruption to some of the Internet's most popular websites. The culprit was a huge denial of service attack (DDoS) targeted at Dyn, one of the major companies that run the internet's domain name system (DNS). It meant that whenever users tried to reach a domain name serviced by Dyn (and there are lots!), there was simply no way of getting there. Scary stuff indeed!
Worried you might have cyber nightmares this Halloween? Then you might want to think about investing in cyber liability insurance. Covering you for breach of data protection laws (where insurable by law) and your liability for handling data, it can also provide cover for extortion, system rectification costs, plus PR expenses and financial loss due to system downtime. So you can sleep more soundly!
This content has been created for general information purposes and should not be taken as formal advice. Read our full disclaimer.
We've made buying insurance simple. Get started.
- 06 September 20234 minute read
The Securities and Exchange Commission (SEC) recently announced sweeping changes to cybersecurity reporting that will have a profound impact. Are you prepared?