We recently discussed the five biggest data breaches from last year, but 2016 wasn’t just about leaked or stolen data, it also saw some of the most impactful cyberattacks in history. These events didn’t just result in personal data going public, they also shaped an evolving era of cybersecurity and outlined a clearer picture of what hackers of the 21st century are truly capable of.
Below is a look at the five worst cyberattacks and an exploration of the impact they had on the world.
5. Former NSA Staffer Steals 50TB of Data
Over the last two decades, Harold Martin worked as a contractor for the U.S. National Security Agency. However, in August of 2016, it was discovered that he had also been stealing more than 50 terabytes of data from the agency, a leak even bigger than the one performed by Edward Snowden. What’s most impressive is that Martin stole the data simply by walking out the front doors of the agency with it.
Other former employees of the agency said that Martin likely simply downloaded the data to USB drives and then slipped them into his pockets to take home. While bags and purses are checked by security, NSA employees aren’t subjected to further scrutiny when entering and exiting facilities. The data that Martin stole was all classified, so it is unknown the full impact the leak has had.
4. SWIFT Banking System Hacked
In early 2016, a typo in funds transfer requests was flagged at Federal Reserve Bank in New York. Queries regarding the requests, which totaled nearly $1 billion, were sent to the originating organization, Bangladesh Bank, but there was no response. The Federal Reserve halted the funds, and as a result stopped hackers from reaching their goal of siphoning off $1 billion dollars, an act made possible by a flaw in the SWIFT Banking System.
Ultimately, what occurred was that hackers had leveraged banking credentials, stolen using malware in the system, to conduct seemingly legitimate money transfers. An initial $81 million was successfully stolen from Bangladesh Bank in a matter of hours, though the bank ended up recovering $20 million. If the hackers hadn’t misspelled “foundation” as “fandation,” they may have gotten away with the heist.
3. Dyn DDoS Attack
The Dyn Internet infrastructure company hosts core services for a number of insanely popular websites, from Spotify to Twitter, but in October 2016 the botnet Mirai successfully leveraged the largest DDoS attack in history to take the service provider down, effectively causing a blackout to a massive portion of the Internet.
The botnet, which uses malware-infected Internet of Things devices, bombarded Dyn with more than 1 terabit-per-second, making it the largest DDoS attack in history. It is believed that more than three million Internet-connected devices could be infected with Mirai, an astonishing number of consumer routers and other smart-devices.
2. Yahoo! Data Breaches
We’ve already discussed the severity of the two Yahoo! Data breaches earlier this month, but it is worth revisiting why this is such an important cyberattack. The attacks on Yahoo! discovered in 2016 broke the world record for largest data breach not once, not twice, but three times. 500 million accounts, then another one billion, and then all 3 billion of its users’ accounts were discovered to be compromised. Both breaches are still being investigated, but we know that the data supports numerous other attacks against users who reuse passwords and fail to follow proper security procedures to protect their online accounts.
1. DNC & 2016 United States Presidential Election Hack
Following numerous investigations into attacks on the Democratic National Committee, the Democratic Congressional Campaign Committee, and Clinton Campaign manager John Podesta, the FBI and CIA have confirmed that the 2016 United States Presidential Election was in fact targeted by nation-state sponsored hackers, with the intention of swaying the American public and election results.
Tens of thousands of leaked emails and targeted publicity stunts resulted in police protection for Democratic leaders and the acknowledgment that the DNC intentionally promoted Hillary Clinton over Senator Bernie Sanders as the Democratic nominee for President. Ultimately, it is believed that the Russian government was behind the attack, in an effort to weaken public opinion of the Democrats and hurt Clinton’s ability to win the election.
This particular event may not have led to terabytes of data or millions of user accounts leaking online, but the ultimate impact – the intentional swaying of one of the largest nations in the world’s public election – makes it the most significant, and perhaps frightening, cyberattack in history.
UPDATE: In October 2017, news sources revealed that Yahoo’s 2013 breach actually affected all 3 billion of its users. This post has been updated to reflect this new information.