See all news articles
35 years of e92plus - and 35 years of cyber incidents
e92plus
September 2024
by Neil Langridge
As part of our 35th birthday celebrations, let’s take a look back at the history of cyber-attacks – and some of the most significant each year for the past 35 years.
Of course, the number to highlight each year has significantly increased year on year, as the world has gone digital, smart phones are ubiquitous, attacks are more sophisticated than ever, and in 2024 increasingly powered by AI. The world in 1989 was very different, when basic networking was still in it’s infancy in offices, and often it was only a single computer that had email and internet access. Cybersecurity at home was often updated by floppy disks arriving in the post, and the Microsoft vision of a PC on every desk was still viewed as optimistic.
So let’s start back in the 80’s, and see how many you remember!
1989, AIDS (Trojan horse)
A seminal year, as this is often considered the first example of ransomware – created by an evolutionary biologist, and it requested $189 to be sent to a PO Box in Panama. Maybe things haven’t changed that much!
1990, Computer Misuse Act 1990
The introduction of UK legislation, specifically aimed at criminalising attacking computer systems
1991, Anti-Virus
Norton AV was released, one of the first major consumer security solutions
1992, Sneakers
This was a Hollywood film, but we’re including it as a great example of learning from pop culture!
1993, Def Con
The first ever Def Con took place in Las Vegas, now one of the biggest global hacking conferences
1994, Citibank
Russian hackers steal $10 million from Citibank, an early high profile example of the lucrative business of cybercrime
1995, Hackers and the Net
Yes, two more films – but two fantastic films about cybersecurity!
1996, CIA
The CIA, along with other US departments, have their websites altered, as activists find a new method of attack
1997, AOL
The biggest AOL attack ever is released, allowing for free access for thousands of people to the internet (without a free trial CD)
1998, Yahoo
The term Logic Bomb enters popular parlance, around threats calling for the release of Kevin Mitnick
1999, Y2K
Not so much a cybersecurity release, but an example of what major outage fears could do – in the event, extensive planning meant it passed with minimal impact
2000, ILOVEYOU
One of the most damaging worms ever, this is when cybersecurity truly started hitting the mainstream news
2001, Anna Kournikova
Perhaps the first celebrity virus, that used fame to help tempt users to open a malicious attachment
2002, Microsoft
A huge push towards greater security from Microsoft, signalling increased focus on the growing threat
2003, Anonymous
One of the most famous activist groups was founded
2004, North Korea
The isolationary North Korea claims to have trained 500 hackers – the start of a years of high profile appearances in cybersecurity news
2005, The internet is truly global
This was the year that internet users surpassed 1 billion – meaning the market opportunity for criminals was very clearly established
2006, Hactivism
The largest number of website defacements, with over 21,000 hit in one attack.
2007, Estonia
A major milestone as an entire country is hit, with a massive DDoS attack
2008, US Military
One of the most significant breaches of the US military, via an infected USB drive
2009, Conficker
The Conficker worm compromised millions of devices worldwide
2010, Stuxnet
One of the most significant attacks ever, a state-on-state cyber-attack via highly sophisticated malware on Iran’s nuclear facilities
2011, LulzSec
One of the most infamous hacker groups was formed – few major attacks are performed by an individual now
2012, Saudi Aramco
One of the biggest attacks in terms of cost and damage, Saudi Aramco was severely damaged by malware from an Iranian hacking group
2013, Yahoo
3 billion users have their data breached (and not the only time for Yahoo to suffer such damage)
2014, Sony
A regular infosec case study, Sony Pictures feature a broad ranging and humiliating attack from North Korea in response to the film “The Interview”
2015, Ashley Madison
The notorious personal website Ashley Madison suffers a hugely damaging data breach
2016, Bangladesh Bank
An attempted heist of $1 billion by the Lazarus Group of the national bank of Bangladesh
2017, Wannacry
The first global ransomware attack, hitting over 230,000 computers worldwide
2018, Facebook
The high profile attack on Facebook, compromising the personal data over around 30 million users
2019, Public Authorities
A succession of local governments were held to ransom, including Jackson, Augusta, and Baltimore
2020, Ransomware
The first directly attributed death due to ransomware, after a hospital was hit in Germany
2021, CNI
The Colonial Pipeline in the USA was hit by ransomware, with the subsequent service suspension causing havoc
2022, Ukraine
The Russian invasion of Ukraine prompts multiple cyber-attacks on Russian targets, as well as retaliation by groups sympathetic to Russia
2023, MOVEit
A zero day on a software app that then affected thousands of organisations worldwide
2024, Healthcare
IT systems shutdown through a healthcare company, after Change Healthcare was hit by ransomware
Of course, the number to highlight each year has significantly increased year on year, as the world has gone digital, smart phones are ubiquitous, attacks are more sophisticated than ever, and in 2024 increasingly powered by AI. The world in 1989 was very different, when basic networking was still in it’s infancy in offices, and often it was only a single computer that had email and internet access. Cybersecurity at home was often updated by floppy disks arriving in the post, and the Microsoft vision of a PC on every desk was still viewed as optimistic.
So let’s start back in the 80’s, and see how many you remember!
1989, AIDS (Trojan horse)
A seminal year, as this is often considered the first example of ransomware – created by an evolutionary biologist, and it requested $189 to be sent to a PO Box in Panama. Maybe things haven’t changed that much!
1990, Computer Misuse Act 1990
The introduction of UK legislation, specifically aimed at criminalising attacking computer systems
1991, Anti-Virus
Norton AV was released, one of the first major consumer security solutions
1992, Sneakers
This was a Hollywood film, but we’re including it as a great example of learning from pop culture!
1993, Def Con
The first ever Def Con took place in Las Vegas, now one of the biggest global hacking conferences
1994, Citibank
Russian hackers steal $10 million from Citibank, an early high profile example of the lucrative business of cybercrime
1995, Hackers and the Net
Yes, two more films – but two fantastic films about cybersecurity!
1996, CIA
The CIA, along with other US departments, have their websites altered, as activists find a new method of attack
1997, AOL
The biggest AOL attack ever is released, allowing for free access for thousands of people to the internet (without a free trial CD)
1998, Yahoo
The term Logic Bomb enters popular parlance, around threats calling for the release of Kevin Mitnick
1999, Y2K
Not so much a cybersecurity release, but an example of what major outage fears could do – in the event, extensive planning meant it passed with minimal impact
2000, ILOVEYOU
One of the most damaging worms ever, this is when cybersecurity truly started hitting the mainstream news
2001, Anna Kournikova
Perhaps the first celebrity virus, that used fame to help tempt users to open a malicious attachment
2002, Microsoft
A huge push towards greater security from Microsoft, signalling increased focus on the growing threat
2003, Anonymous
One of the most famous activist groups was founded
2004, North Korea
The isolationary North Korea claims to have trained 500 hackers – the start of a years of high profile appearances in cybersecurity news
2005, The internet is truly global
This was the year that internet users surpassed 1 billion – meaning the market opportunity for criminals was very clearly established
2006, Hactivism
The largest number of website defacements, with over 21,000 hit in one attack.
2007, Estonia
A major milestone as an entire country is hit, with a massive DDoS attack
2008, US Military
One of the most significant breaches of the US military, via an infected USB drive
2009, Conficker
The Conficker worm compromised millions of devices worldwide
2010, Stuxnet
One of the most significant attacks ever, a state-on-state cyber-attack via highly sophisticated malware on Iran’s nuclear facilities
2011, LulzSec
One of the most infamous hacker groups was formed – few major attacks are performed by an individual now
2012, Saudi Aramco
One of the biggest attacks in terms of cost and damage, Saudi Aramco was severely damaged by malware from an Iranian hacking group
2013, Yahoo
3 billion users have their data breached (and not the only time for Yahoo to suffer such damage)
2014, Sony
A regular infosec case study, Sony Pictures feature a broad ranging and humiliating attack from North Korea in response to the film “The Interview”
2015, Ashley Madison
The notorious personal website Ashley Madison suffers a hugely damaging data breach
2016, Bangladesh Bank
An attempted heist of $1 billion by the Lazarus Group of the national bank of Bangladesh
2017, Wannacry
The first global ransomware attack, hitting over 230,000 computers worldwide
2018, Facebook
The high profile attack on Facebook, compromising the personal data over around 30 million users
2019, Public Authorities
A succession of local governments were held to ransom, including Jackson, Augusta, and Baltimore
2020, Ransomware
The first directly attributed death due to ransomware, after a hospital was hit in Germany
2021, CNI
The Colonial Pipeline in the USA was hit by ransomware, with the subsequent service suspension causing havoc
2022, Ukraine
The Russian invasion of Ukraine prompts multiple cyber-attacks on Russian targets, as well as retaliation by groups sympathetic to Russia
2023, MOVEit
A zero day on a software app that then affected thousands of organisations worldwide
2024, Healthcare
IT systems shutdown through a healthcare company, after Change Healthcare was hit by ransomware