Cyberattacks

A cyberattack is a malicious attempt to steal, disrupt or damage someone else’s data or information system. Inadequate digital security that left private consumer information vulnerable has been the subject of multiple class action lawsuits worth millions of dollars.

There are two types of cyberattacks: Targeted and untargeted. Untargeted cyberattacks are the most common, attacking as many devices as possible. Targeted cyberattacks focus on one specific individual or corporation and often take months to prepare.

Cyberattacks typically follow several stages. Attackers explore a target’s defenses for weaknesses. Then they try to find ways to exploit the target, sometimes using ransomware to hijack systems and extort money. In some cyberattacks information is stolen and sold, but sometimes the goal is simply to cause chaos.

There are many different types of data breaches and cyberattacks. Tools perpetrators use range from sophisticated software, new use of artificial intelligence such as ChatGPT and simple scams such as email phishing. Some attacks combine tactics. Distributed denial of service attacks, for example, are sometimes used as a distraction while other more serious attacks occur.

An ATM cash out is a multi-step attack. Banking data is stolen and then used to launch a synchronized withdrawal of money from different ATMs in various regions or one large withdrawal from a single ATM. Cybercriminals override ATM or account cash limits, resulting in large cash withdrawals.

A corporate account takeover attack often begins with malware to breach digital security. Once past security, CATO attackers act as that business to send money transfers to accounts they’ve set up.

Viruses, spyware and ransomware are types of malicious software. An email with an infected link, for example, can spread through an entire network once clicked. Spyware monitors activities to view classified government documents, banking corporate financial data or trade secrets. Ransomware blocks an individual or company’s access to its own files or systems. Attackers then demand a ransom payment to regain access. Malware has been used in a number of famous data breaches.

Ransomware was key to a 2021 DarkSide attack on Colonial Pipeline Company, which operates a 5,500 mile pipeline from Texas to New York. DarkSide took Colonial’s computer systems hostage and Colonial paid a 75 Bitcoin (nearly $5 million) ransom. President Biden officially remarked, “My administration is continuing to safeguard our critical infrastructure, the majority of which is privately owned and managed, like Colonial Pipeline.”

The U.S. Attorney’s Office announced in February 2023 that a Russian malware developer was arrested in the Republic of Georgia, extradited and brought before U.S. Magistrate C. P. Tuite in Tampa, Florida following an IRS and FBI investigation. The malware developer could face 47 years in prison for using the program he created to steal login credentials of tens of thousands of computers globally. These were then sold on the dark web to fund further criminal activity, including tax fraud. The case highlights the scope of global threats to digital security.

In the U.S., more than 80 million insider cyberattacks occur each year and have an economic impact of billions of dollars. These attacks can be intentional or accidental. These cybersecurity threats can include deliberately granting access to others or stealing files or human error such as ignoring security or IT policies, mistyping an email address or losing a storage device.

Employees working for Twitter gave usernames and passwords to attackers using either email, text message or phone call spear-phishing, or vishing, in 2020. The Twitter accounts of then presidential candidate Biden and Microsoft founder Bill Gates were among the high-profile users whose accounts were hacked.

Retail giant Target experienced a cyberattack that used security information gained from a third-party vendor. The HVAC company in Pennsylvania was granted insider access, but then did not follow security practices. Attackers in 2013 were able to use the vendor’s credentials to access sensitive consumer data. The U.S. Secret Service and FBI were among agencies that investigated the case. An $18.5 million settlement with 47 states and the District of Columbia was agreed to, which was the largest settlement for a data breach at the time.

Distributed denial of service attacks are designed to block access to a website. Typical denial of service attacks can use a single computer or a few systems to barrage a target site with excessive traffic to shut down, thereby denying access to it. DDoS attacks are distributed across many, possibly thousands, of individuals working to overload and disable a target site. Individual users can unknowingly become part of a DDoS attack if their computer has been subjected to a malware attack.

The criminals behind these attacks have used DDoS cyberattacks to disable a variety of services, including banks. More than one in five cyberattacks targets financial institutions.

DDoS attacks successfully shut down the websites of seven German airports in a targeted attack that lasted for hours in February 2023. The attack caused the cancellation of hundreds of flights. German Airports Association Chief Executive Ralph Beisel noted in a statement, “Once again, airports fell victim to large-scale DDoS attacks.” In October 2022, for example, U.S. airports including those in New York, Chicago, Atlanta, Denver and Los Angeles, experienced systems disruptions because of Russian hacktivist group Killnet and its coordinated DDoS attack.

Cyberattacks can erode public trust in institutions and organizations’ ability to protect their private information. In addition to reputational harm, companies can face significant financial costs for upgraded security, repairing any damage to infrastructure, fines and lawsuit verdicts or settlements.

Cyber harm can also include bodily injury and even loss of life. A teenager in Lodz, Poland hacked into the city’s tram system using a combination of information he gathered via public library systems, open source information online and physically trespassing in train depots. Using that information, his access to the city tram system and a remote control he fashioned from a modified TV remote, he derailed four trams and injured 12 people.

Hospitals have also been the targets of cyberattacks. In 2009, a security guard at a Dallas hospital was indicted for transmitting malicious code that damaged the facility’s computer system. The attacker damaged a computer that maintained patient medical records and another that managed the heating, ventilation and air conditioning system. Patient safety was risked, and an investigation revealed the attacker was also discussing a large-scale DDoS attack against the hospital.

Some of the biggest data breaches in history have impacted critical societal infrastructure causing significant cyber harm. Cyberattacks have also targeted federal law enforcement agencies, school districts and labor unions, resulting in financial, psychological, reputational and societal damages.

A major ransomware attack in February 2023 against the U.S. Marshals Service resulted in a data breach of employees’ personal information, details about individuals under federal investigation and information about known fugitives. The Department of Justice deemed the attack a “major incident” and federal officers were required to report the incident to Congress. The federal investigation into the attack is ongoing.

A ransomware attack and data breach targeted an L.A. school district in 2022, resulting in the theft of personal information from more than 2,000 students. Driver’s licenses, insurance information and Covid-19 test results were compromised. In 2020, a cyberattack on a Boston-based labor union caused $6.4 million in losses. The attack targeted Pipefitters Local 537 health fund, but didn’t involve the loss of any personal information.

Taking steps to prevent a cyberattack can help ensure your personal information stays safe.

Financial institutions, government entities and retail giants are all vulnerable to cyberattacks, as are individuals on their home computers. Even social media is not immune to cyberattacks.

If a cyberattack affects you even after taking preventive measures, there are steps you can take to mitigate the damage.

If your data has been compromised or a cybercriminal contacts you, get in touch with local law enforcement to file a report. The U.S. Department of Homeland Security’s site Ready.gov also suggests contacting federal agencies including the Office of the Inspector General and FBI Internet Crime Complaint Center and offers contact information and additional agency recommendations depending on the nature of the crime.

Inform your bank, credit card or loan companies so they can monitor for suspicious activity. You can also contact your local Department of Motor Vehicles if your driver’s license information was accessed.

You may have the option of filing a lawsuit to recover losses. Many data breach lawsuits have successfully helped people hold companies accountable for inadequate security or negligence. If you think you may have a claim, contact an attorney who knows the laws around cybersecurity to advise you.