Everything is online. Hospitals store billions of patient records in online databases. The control rooms of national power stations are online, and a safe flight depends on hundreds of online systems. Any breach of these networks could incapacitate entire cities and wreak havoc. Yes, hackers are planning attacks that can affect much more than our Netflix passwords. We’re talking about cyberterrorism — high-stakes cybercrime that can take lives and make planes drop from the sky.
These five high-stakes hacks will shock you to the core and serve as a stark reminder of just how important cybersecurity is.
This could be the first murder by hacking. Hospitals have been on the front line in a virus-riddled 2020, and only three months ago hackers took a swipe at a hospital in Dusseldorf, freezing their servers, demanding a ransom, and killing a patient in the process.
Amidst the terror attack, hospital staff were forced to redirect emergency patients to other facilities, causing one woman to die before she could get treatment. Luckily, attempts to appeal to the hackers' humanity were successful, and they handed over the decryption key to the police before more lives were lost.
Attacks on this scale could threaten the security of entire governments and risk escalating international tensions. In what has been called a sophisticated espionage operation, hackers broke into half a dozen federal agencies, including the FERC, DOE, and National Nuclear Security Administration, which manages US nuclear weapons.
Refusing to elaborate further, spokespersons have confirmed evidence of highly malicious activity. Frighteningly, hackers were able to break into a core part of the US national security enterprise, but officials still can’t see what they’ve taken. It's suspected that atomic weapons research has been stolen, since the Sandia and Los Alamos National Labs were also hacked. The investigation is ongoing, and the full extent of the damage won’t be known for weeks.
How did hackers manage to breach government level security? Well, the attackers found their way into the federal agencies by hacking into SolarWinds, a software company that sells IT products to hundreds of clients in the government sector. The attack on the FERC (Federal Energy Regulatory Commission) was particularly alarming for two reasons: hackers wanted to either meddle with the nation’s electric grid or access the sensitive data on the grid, which they could use to pinpoint the most lethal locations for future attacks. The full impact of this hack may not be known for years to come.
Five years ago, hackers took down a power grid in Western Ukraine and left 230,000 residents without electricity. Suspicions that this could be a test-run for something bigger were confirmed in 2017, when hackers targeted a major US electricity grid.
After tricking an employee with a phishing attack, hackers gained remote access to the network and stole information about the grid’s control systems. Analysts have said that the criminals could have easily thrown switches and disrupted power flows all over the region — and all they needed was a single phishing attack.
The Federal Aviation Administration network had a big wake-up call after a phishing email spread a virus through their network. Hackers managed to infiltrate the admin computer systems with plans to shut down radars and send false information to aircrafts.
Systems that control air traffic are incredibly vulnerable to attacks because of how interconnected they are with the National Airspace System and non-NAS environments. A single weak point in any part of this delicate web of networks could quite literally make planes drop from the sky.
In this case, the virus was allowed to spread due to an employee’s simple human error and, perhaps, their unfamiliarity with phishing emails. A rat doesn’t walk in through the front door — it finds tiny entry points to invade.
“Why is it getting so hot in here?” complained one worker to another, just as the steel plant they worked in was taken over by hackers. Temperatures rose alarmingly when criminals hacked the furnace controls of the plant. The company couldn’t do anything to stop them.
Hackers used an email scam to ultimately take control of the plant’s core systems. Thankfully, nobody died during the attack, but massive damage was caused to the steel plant.
The German Federal Office for Information Security confirmed that the attack took place, though they did not specify the exact date or location. Still, it remains a shocking example of the power hackers possess.
If there’s a common message connecting all of these stories, it’s that you shouldn’t get sloppy with your security. Hackers will find the smallest chink in your armour and exploit it: their points of entry are never obvious, and a little human error is all they need.
For example, The FERC doesn’t directly manage any power flows, but it contains sensitive data useful for plotting future attacks. The Federal Aviation Network probably spent millions on cybersecurity to be let down by an innocent employee’s misjudgment. And simple login details handed over in an email scam almost destroyed an entire steel plant.
So, it’s no longer enough to lock the front door — you need to protect yourself at every level. Secure all your online accounts with passwords that are unique and complex. Use a VPN whenever you're online; your data will be encrypted and your devices shielded from malicious network creepers on public Wi-fi. Hackers only need to find one weakness. For your own peace of mind, take action before they do.