The Top 10 Biggest Cyber-Attacks

Foreign exchange firm Travelex was forced into administration in the summer of 2020, with a cyber-attack in December 2019 cited as a significant factor by the administrators, PwC.

This resulted in over 1300 jobs immediately being cut, but the company has since recovered to continue operating.

A tragic case still making its way through the courts in the US alleges that the death of an infant is the first recorded fatality caused by a ransomware attack.

In this case, a baby was born with her umbilical cord wrapped around her neck, a problem that has purportedly led to brain damage and her death several months later. Although foetal heart monitors would have usually picked up the issue, it was reported that medical staff could not access these from the usual location as a display had been locked by cybercriminals.

The lawsuit contends that if the infant’s mother had been aware of the extent of the technology outage at the hospital, she would have chosen to have her baby elsewhere.

The Fortune 500 healthcare organization was forced to pull the plug on key systems in the US after falling victim to a Ryuk ransomware attack in September 2020. This resulted in acute care and other patient services being impacted, including ambulance traffic being diverted to facilities run by competitors.

The incident reportedly cost United Health Services $67m in losses.

Scores of US hospitals were impacted by an attack on oncology and radiology system provider Elekta in April 2021, with one report claiming 42 hospitals and clinics suffered service disruptions. In addition to sensitive patient data being exposed, the incident caused treatments to be delayed for a number of cancer patients across the US.

Elekta is currently facing a class-action lawsuit for allegedly failing to have adequate cybersecurity controls.

The ransomware attack on Colonial Pipeline, the company running the US’ largest fuel pipeline, in May 2021, led to dramatic scenes of snaking lines of cars at gas stations across the East Coast, along with Americans filling bags with fuel in panic. There was also disruption at some airports, with many airlines experiencing a jet fuel shortage.

The shortages also led to rising fuel prices for several days.

Colonial Pipeline paid $4.4m worth of cryptocurrency to the DarkSide gang to be able to resume operations. However, US authorities were able to seize the majority of the funds paid to the attackers by tracking the Bitcoin transfers to a specific address.

The body responsible for health services in Ireland, HSE Ireland, was hit by a ransomware attack in May 2021, which saw its IT systems taken offline and a number of hospital appointments cancelled. Shortly after, the attackers said they would provide the decryption tool free of charge but still threatened to publish data it claimed to have stolen during the incident unless a ransom payment was given.

The attack had a huge impact on patients, with healthcare services severely disrupted throughout the country, and the private data of thousands of individuals who received the COVID-19 vaccine was exposed. It was reported that delayed diagnosis due to the attack could cut short the lives of some patients.

The attack was believed to have been perpetrated by Russia-based actor Conti.

The world’s largest meat processor, JBS, was forced to pull the plug on its critical servers after an organized cyber-attack on its IT systems, perpetrated by the REvil ransomware gang.

The firm supplies more than a fifth of all beef in the US and was forced to temporarily halt all its operations in the region. The attack reportedly caused a disruption to meat supplies and an uptick in meat prices.

JBS later confirmed it had paid its extorters an $11m ransom to enable it to resume operations.

The attack on US software supplier Kaseya in July 2021 was believed to have impacted 1500 organizations globally. Among the victims were schools, supermarkets and a national railway, resulting in significant real-world impacts for citizens.

The supply chain attack was another perpetrated by REvil. The US justice department announced it had charged a suspect over the attack in November 2021, with the suspect extradited to the country in March 2022.