Cybercrime is accelerating at an alarming rate, with $10 trillion thought to have been lost to the global economy in 2024 thanks to hackers, data thieves, phishers and other “bad actors”.
Incidents are increasing in frequency and scale, and the emergence of new and more powerful forms of AI is only likely to make things worse. The largest are staggering in their scope. When large companies are targeted and successfully plundered, it makes global headlines and impacts millions of people.
But though media reports focus on these extreme incidents, the truth is that individuals and smaller businesses are just as vulnerable. As more of our life and work involves technology, attackers hungrily eye the ever-growing number of access points it gives them to our data, our money, or even our identities.
The biggest, headline-grabbing heists involve eye-watering figures that are hard to comprehend—records and dollars are looted in their millions. But they still offer important lessons in cybersecurity and the cultural issues it encompasses, that individuals or organizations of any size can learn from.
So here are what I believe are the most important lessons to be taken from some of the biggest and most devastating incidents.
The Equifax Data Breach
In 2017, hackers exploited vulnerabilities in networking software to steal sensitive data from millions of customers in the U.S. and around the world. This included social security numbers, dates of birth and addresses, all considered sensitive personal identifiable information that can be used to track people or borrow their identity to commit further crimes. There were 150 million victims in the U.S. alone. Fines and court settlements paid out by the company amount to hundreds of millions of dollars, with many proceedings still ongoing.
What can we learn?
The clearest lesson to be taken from the world’s largest ever data theft is the importance of keeping software up to date and always installing the latest security updates. Failure to update an element of the Apache Struts networking software was identified as a key point of failure.
The WannaCry Ransomware Epidemic
Ransomware malware, termed WannaCry, is thought to have spread to over 200,000 computers across 150 countries in 2017. Ransomware works by encrypting data and then extorting payments from the owners in order to have it safely returned, usually with threats that it will be irrecoverably deleted if the money isn’t paid. WannaCry was particularly devastating because it targeted an older but still widely used version of the Microsoft Windows operating system, allowing it to spread with unprecedented speed.
What Can We Learn?
Ransomware often infects organizations through phishing and other methods of social engineering that aim to exploit human behavior, often the weak point in any security system. Understanding how to recognize and react to phishing attempts, as well as building a culture of cybersecurity awareness throughout the workforce, is the first line of defense against these attacks.
The Bitfinex Crypto Exchange Hack
An attack on what was then one of the leading Bitcoin and cryptocurrency exchanges, Bitfinex, saw hackers make off with 119,756 Bitcoins, worth $72 million at the time (2016) and close to $1 billion as of writing. Some of it was recovered when two people were arrested and ultimately convicted of laundering proceeds of the theft in 2023. The fact that the thieves carried out the theft by breaking into exchange wallets that were previously considered relatively secure caused a 20 percent crash in the value of Bitcoin.
What Can We Learn?
An important lesson is that anyone holding Bitcoin or Cryptocurrency as an investment should be very careful about where they keep it. Storing your coins or digital assets offline in a “cold” wallet is usually considered the safest option, as when coins or tokens are on an exchange, they are not in your possession and vulnerable to whatever security flaws are present at their place of custody.
The $25 Million Deepfake CFO Scam
In a sophisticated AI-enabled attack in 2023, deepfaked videos of colleagues and executives at the Hong Kong offices of a multinational company were used to trick an employee into transferring millions into fraudsters’ bank accounts. Deepfakes, AI-generated lifelike dupes of a real person, created in order to deceive, are used in a growing number of scams, but this is thought to be the most successful heist involving their use yet. The worker who made the transaction later learned he had been the only genuine participant on a video call where the instruction to transfer the funds was given. Every other participant, including the company’s CFO, was a deepfake created by the criminals.
What Can We Learn?
Deepfake scams will become a growing problem as the technology becomes increasingly indistinguishable from real life. Having mechanisms in place to check and verify instructions and developing an understanding of how and why deepfake scams work are essential 2020s survival skills for businesses and individuals.
The NotPetya Malware Attack
Businesses in Ukraine hit by a wave of cyber attacks initially thought they were facing ransomware similar to WannaCry. In fact, NotPetya was a highly destructive file shredder only ever intended to destroy data, while masking its true purpose. Businesses and organizations around the world eventually suffered damage valued at around $10 billion thanks to the devastating virus, which forced ports and airports to close and disrupted many government operations. Many security research groups now believe NotPetya was a state-sponsored attack originating in Russia.
What Can We Learn?
Not all cyber attacks are about stealing money or data. State-sponsored attacks are growing and are increasingly being targeted at businesses as well as infrastructure. Often, they are intended solely to cause maximum chaos and disruption.
The Road Ahead
While everyone hopes they won’t be targeted by cybercrime, the odds aren’t good. One recent report found that 87 percent of businesses faced the threat in the previous year.
Lessons learned from the incidents covered here can form the skeleton of a defense. Keeping software up-to-date, storing sensitive data and cryptocurrency securely, encouraging a culture of cyber-awareness, and implementing trustless verification systems are all key parts of the puzzle.
Individuals and institutions alike should learn from these “worst-case scenarios” in order to build resilience against the ever-shifting nature of the cyberthreat landscape.
