Cyberattacks are increasing in frequency, targeting corporate, governmental, school district and private computer systems. Cyberattacks can cause significant financial damage, leak private data and result in lawsuits. Digital security is critical to protect sensitive data from cyberattacks.
What Is a Cyberattack?
A cyberattack is a malicious attempt to steal, disrupt or damage someone else’s data or information system. Inadequate digital security that left private consumer information vulnerable has been the subject of multiple class action lawsuits worth millions of dollars.
There are two types of cyberattacks: Targeted and untargeted. Untargeted cyberattacks are the most common, attacking as many devices as possible. Targeted cyberattacks focus on one specific individual or corporation and often take months to prepare.
Cyberattacks typically follow several stages. Attackers explore a target’s defenses for weaknesses. Then they try to find ways to exploit the target, sometimes using ransomware to hijack systems and extort money. In some cyberattacks information is stolen and sold, but sometimes the goal is simply to cause chaos.
Types of Cyberattacks
There are many different types of data breaches and cyberattacks. Tools perpetrators use range from sophisticated software, new use of artificial intelligence such as ChatGPT and simple scams such as email phishing. Some attacks combine tactics. Distributed denial of service attacks, for example, are sometimes used as a distraction while other more serious attacks occur.
An ATM cash out is a multi-step attack. Banking data is stolen and then used to launch a synchronized withdrawal of money from different ATMs in various regions or one large withdrawal from a single ATM. Cybercriminals override ATM or account cash limits, resulting in large cash withdrawals.
A corporate account takeover attack often begins with malware to breach digital security. Once past security, CATO attackers act as that business to send money transfers to accounts they’ve set up.
Viruses, spyware and ransomware are types of malicious software. An email with an infected link, for example, can spread through an entire network once clicked. Spyware monitors activities to view classified government documents, banking corporate financial data or trade secrets. Ransomware blocks an individual or company’s access to its own files or systems. Attackers then demand a ransom payment to regain access. Malware has been used in a number of famous data breaches.
Ransomware was key to a 2021 DarkSide attack on Colonial Pipeline Company, which operates a 5,500 mile pipeline from Texas to New York. DarkSide took Colonial’s computer systems hostage and Colonial paid a 75 Bitcoin (nearly $5 million) ransom. President Biden officially remarked, “My administration is continuing to safeguard our critical infrastructure, the majority of which is privately owned and managed, like Colonial Pipeline.”
I signed an executive order to improve the nation’s cybersecurity,” President Biden announced. “It calls for federal agencies to work more closely with the private sector to share information, strengthen cybersecurity practices and deploy technologies that increase reliance against cyberattacks.
The U.S. Attorney’s Office announced in February 2023 that a Russian malware developer was arrested in the Republic of Georgia, extradited and brought before U.S. Magistrate C. P. Tuite in Tampa, Florida following an IRS and FBI investigation. The malware developer could face 47 years in prison for using the program he created to steal login credentials of tens of thousands of computers globally. These were then sold on the dark web to fund further criminal activity, including tax fraud. The case highlights the scope of global threats to digital security.
In the U.S., more than 80 million insider cyberattacks occur each year and have an economic impact of billions of dollars. These attacks can be intentional or accidental. These cybersecurity threats can include deliberately granting access to others or stealing files or human error such as ignoring security or IT policies, mistyping an email address or losing a storage device.
Employees working for Twitter gave usernames and passwords to attackers using either email, text message or phone call spear-phishing, or vishing, in 2020. The Twitter accounts of then presidential candidate Biden and Microsoft founder Bill Gates were among the high-profile users whose accounts were hacked.
Retail giant Target experienced a cyberattack that used security information gained from a third-party vendor. The HVAC company in Pennsylvania was granted insider access, but then did not follow security practices. Attackers in 2013 were able to use the vendor’s credentials to access sensitive consumer data. The U.S. Secret Service and FBI were among agencies that investigated the case. An $18.5 million settlement with 47 states and the District of Columbia was agreed to, which was the largest settlement for a data breach at the time.
Distributed denial of service attacks are designed to block access to a website. Typical denial of service attacks can use a single computer or a few systems to barrage a target site with excessive traffic to shut down, thereby denying access to it. DDoS attacks are distributed across many, possibly thousands, of individuals working to overload and disable a target site. Individual users can unknowingly become part of a DDoS attack if their computer has been subjected to a malware attack.
The criminals behind these attacks have used DDoS cyberattacks to disable a variety of services, including banks. More than one in five cyberattacks targets financial institutions.
DDoS attacks successfully shut down the websites of seven German airports in a targeted attack that lasted for hours in February 2023. The attack caused the cancellation of hundreds of flights. German Airports Association Chief Executive Ralph Beisel noted in a statement, “Once again, airports fell victim to large-scale DDoS attacks.” In October 2022, for example, U.S. airports including those in New York, Chicago, Atlanta, Denver and Los Angeles, experienced systems disruptions because of Russian hacktivist group Killnet and its coordinated DDoS attack.
Consequences of a Cyberattack
Cyberattacks can erode public trust in institutions and organizations’ ability to protect their private information. In addition to reputational harm, companies can face significant financial costs for upgraded security, repairing any damage to infrastructure, fines and lawsuit verdicts or settlements.
Cyber harm can also include bodily injury and even loss of life. A teenager in Lodz, Poland hacked into the city’s tram system using a combination of information he gathered via public library systems, open source information online and physically trespassing in train depots. Using that information, his access to the city tram system and a remote control he fashioned from a modified TV remote, he derailed four trams and injured 12 people.
Hospitals have also been the targets of cyberattacks. In 2009, a security guard at a Dallas hospital was indicted for transmitting malicious code that damaged the facility’s computer system. The attacker damaged a computer that maintained patient medical records and another that managed the heating, ventilation and air conditioning system. Patient safety was risked, and an investigation revealed the attacker was also discussing a large-scale DDoS attack against the hospital.
Examples of Cyberattacks
Some of the biggest data breaches in history have impacted critical societal infrastructure causing significant cyber harm. Cyberattacks have also targeted federal law enforcement agencies, school districts and labor unions, resulting in financial, psychological, reputational and societal damages.
A major ransomware attack in February 2023 against the U.S. Marshals Service resulted in a data breach of employees’ personal information, details about individuals under federal investigation and information about known fugitives. The Department of Justice deemed the attack a “major incident” and federal officers were required to report the incident to Congress. The federal investigation into the attack is ongoing.
A ransomware attack and data breach targeted an L.A. school district in 2022, resulting in the theft of personal information from more than 2,000 students. Driver’s licenses, insurance information and Covid-19 test results were compromised. In 2020, a cyberattack on a Boston-based labor union caused $6.4 million in losses. The attack targeted Pipefitters Local 537 health fund, but didn’t involve the loss of any personal information.
How to Protect Against Cyberattacks
Taking steps to prevent a cyberattack can help ensure your personal information stays safe.
- Antivirus programs can help you block threats.
- Back up your files into an encrypted file storage device.
- Be sure when entering information online that its address starts with https://.
- Check your financial statements regularly for any suspicious activity.
- Choose strong passwords with letters, numbers and special characters.
- Don’t click links in emails or online if you’re in any doubt about their security.
- Limit the personal information you share online as much as possible.
- Set up two-step verification on your phone and email account.
Financial institutions, government entities and retail giants are all vulnerable to cyberattacks, as are individuals on their home computers. Even social media is not immune to cyberattacks.
If a cyberattack affects you even after taking preventive measures, there are steps you can take to mitigate the damage.
What to You Do If a Cyberattack Affects You
If your data has been compromised or a cybercriminal contacts you, get in touch with local law enforcement to file a report. The U.S. Department of Homeland Security’s site Ready.gov also suggests contacting federal agencies including the Office of the Inspector General and FBI Internet Crime Complaint Center and offers contact information and additional agency recommendations depending on the nature of the crime.
Inform your bank, credit card or loan companies so they can monitor for suspicious activity. You can also contact your local Department of Motor Vehicles if your driver’s license information was accessed.
- Bring your infected device to a cybersecurity professional to run a scan.
- Change all your online passwords.
- Check bank and credit card statements for suspicious activity.
- Disconnect your device from the internet.
- Run recovery programs such as System Restore from Microsoft.
You may have the option of filing a lawsuit to recover losses. Many data breach lawsuits have successfully helped people hold companies accountable for inadequate security or negligence. If you think you may have a claim, contact an attorney who knows the laws around cybersecurity to advise you.
24 Cited Research Articles
Consumernotice.org adheres to the highest ethical standards for content production and references only credible sources of information, including government reports, interviews with experts, highly regarded nonprofit organizations, peer-reviewed journals, court records and academic organizations. You can learn more about our dedication to relevance, accuracy and transparency by reading our editorial policy.
- Scanga, N. & Legare. R. (2023, February 28). “Major” cyberattack compromised sensitive U.S. Marshals Service data. Retrieved from https://www.cbsnews.com/news/us-marshals-office-cyber-attack-compromised-sensitive-data/
- Getahun, H. (2023, February 25). It’s not just you: Cybercriminals are also using ChatGPT to make their jobs easier. Retrieved from https://www.businessinsider.com/chatgpt-cyber-crime-phishing-malware-artificial-intelligence-2023-2
- El-Bawab, N. (2023, February 24). Ransomware part of attack that compromised 2,000 LA student records, including COVID status, school district days. Retrieved from https://abcnews.go.com/US/ransomware-part-attack-compromised-2000-la-student-records/story?id=97443420
- Burt, J. (2023, February 23). Suspected Russian NLBrute malware boss extradited to US. Retrieved from https://www.theregister.com/2023/02/23/russian_nlbrute_hacking_malware/
- United States Attorney’s Office. (2023, February 22). Russian Malware Developer Arrested and Extradited to the United States. Retrieved from https://www.justice.gov/usao-mdfl/pr/russian-malware-developer-arrested-and-extradited-united-states
- Murray, M. & Lauer, K. (2023, February 16). German airport websites hit by suspected cyberattack. Retrieved from: https://www.reuters.com/technology/websites-several-german-airports-down-focus-news-outlet-2023-02-16/
- Goh, A. (2023 January 30). Gen Z doesn’t think anyone can keep them safe online, and one of their biggest concerns is photos getting leaked. Retrieved from https://www.businessinsider.com/gen-z-online-safety-cyber-security-malware-spam-hack-2023-1
- Aratani, L (2022, October 12). Hackers knock some U.S. airport websites offline. Retrieved from https://www.washingtonpost.com/transportation/2022/10/10/hackers-cyber-attack-airport-websites/
- U.S. Department of Homeland Security. (2022, September 14). Cybersecurity. Retrieved from https://www.ready.gov/cybersecurity
- Scroxton, A. (2022, February 1). Over one-fifth of ransomware attacks target financial sector. Retrieved from https://www.computerweekly.com/news/252512737/Over-one-fifth-of-ransomware-attacks-target-financial-sector
- Cohen, Z., Sands, G. & Egan, M. (2021, May 10). What we know about the pipeline ransomware attack: How it happened, who is responsible and more. Retrieved from https://www.cnn.com/2021/05/10/politics/colonial-ransomware-attack-explainer/index.html
- University of Oxford. (2018, October 19). Researchers identify negative impacts of cyber attacks. Retrieved from https://www.ox.ac.uk/news/2018-10-29-researchers-identify-negative-impacts-cyber-attacks
- National Cyber Security Center. (2016, March 16). Denial of Service (DoS) Guidance. Retrieved from https://www.ncsc.gov.uk/collection/denial-service-dos-guidance-collection
- National Cybersecurity Center. (2015, October 14). How cyberattacks work. Retrieved from https://www.ncsc.gov.uk/information/how-cyber-attacks-work
- Upton, D.M. & Creese, S. (2014, September). The Danger from Within. Retrieved from https://hbr.org/2014/09/the-danger-from-within
- U.S. Department of Justice. (2009, July 23). Federal Grand Jury Indicts Arlington Security Guard for Hacking Into Hospital’s Computer System. Retrieved from https://www.justice.gov/archive/usao/txn/PressRel09/mcgraw_cyber_indict_pr.html
- Smith, S. (2008, February 12). Teen Hacker in Poland Plays Trains and Derails City Tram System. Retrieved from https://amuedge.com/teen-hacker-in-poland-plays-trains-and-derails-city-tram-system/
- National Institute of Standards and Technology. (n.d.). Computer Security Resource Center Glossary. Retrieved from https://csrc.nist.gov/glossary/term/Cyber_Attack
- Federal Emergency Management Agency. (n.d.). Cyberattack Impact. Retrieved from https://community.fema.gov/ProtectiveActions/s/article/Cyberattack-Impact
- U.S. Department of Homeland Security. (n.d.). Distributed Denial of Service Defense. Retrieved from https://www.dhs.gov/science-and-technology/ddosd
- U.S. Department of Homeland Security. (n.d.)Insider Threat. Retrieved from https://www.dhs.gov/science-and-technology/cybersecurity-insider-threat
- ReadyDC. (n.d.). Cyberattack Preparedness. Retrieved from https://ready.dc.gov/cyber
- Cybersecurity & Infrastructure Security Agency. (n.d.). Malware Attacks: Lessons Learned from an Emergency Communications Center. Retrieved from https://www.cisa.gov/sites/default/files/publications/22_0414_cyber_incident_case_studies_malware_final_508c.pdf
- Cybersecurity & Infrastructure Security Agency. (n.d.). Defining Insider Threats. Retrieved from https://www.cisa.gov/defining-insider-threats