For all of the benefits of the digital age, there’s always the threat of bad actors attacking business and personal computers. Computer viruses can be devastating when they steal passwords and personally identifiable information (PII) and shut down systems. These attacks cost millions, if not billions, of dollars in damage.
All it takes is a user opening up a compromised email or attachment or downloading an infected file to wreak havoc on a single computer or network. Following cybersecurity best practices decreases the likelihood of a successful infiltration, but not taking the proper precautions can have profound implications, as seen in some of the most destructive virus attacks in history.
1. CodeRed
CodeRed, first discovered in 2001, affected various networks, including many government websites, causing $2.4 billion in damages. It infamously brought down The White House’s official website, which had to change its IP address in response. The computer worm exploited a vulnerability in Microsoft’s Internet Information Server (IIS), leading to computer and website disruptions. Devices affected by CodeRed were subjected to distributed denial of service (DDoS) attacks. This virus was particularly insidious because it only needed an internet connection to activate.
2. CryptoLocker
The CryptoLocker malicious code was first identified in 2013. A type of ransomware, it restricted the computer access of over 5,000 companies with encryption. The virus displayed a ransom message demanding payment from victims within three days in exchange for the decryption key to access their files. The malware’s damage incurred approximately $665 million in losses. Some users targeted by CryptoLocker claimed they paid the ransom but never received the promised decryption keys.
3. ILOVEYOU
About 10%, or 10 million computers globally, were impacted by the ILOVEYOU or the Love Bug self-replicating virus in 2000. It spread through emails with the words “ILOVEYOU” in the subject line and a fake love letter attachment. Once a user opened the attached letter, the virus infected the computer. It spread to other computers by obtaining the user’s email contact information. These attacks are why users are advised not to open email attachments from unknown parties or suspicious-looking emails.
4. Klez
In 2001, the Klez virus multiplied users’ emails, not with a download, but by simply previewing or opening an email message. Klez exploited vulnerabilities in Microsoft’s Internet Explorer web browser and Outlook email to the tune of $20 billion in damages. The virus attacked unprotected computers and developed increasingly aggressive and damaging variants during the early 2000s.
5. MyDoom
The year 2004 didn’t start out well for businesses in terms of cybersecurity threats. In January of that year, the MyDoom virus spread through infected emails, with an estimated 16% to 25% of spam emails sent in 2004 originating from it. The SCO Group and Microsoft were particularly affected. The first MyDoom variant hit The SCO Group, forcing the company to shut down its site. The second variant struck Microsoft’s website a few days later. The estimated losses stemming from the virus amounted to $38.5 billion.
6. NanoCore
Since 2013, the NanoCore virus has attacked users’ computers through infected PDF documents housed within cloud storage services or emails containing malicious ZIP files. The Windows remote access trojan (RAT) malware gave bad actors control over webcams, which were used to spy on unsuspecting victims. NanoCore also stole email information and user passwords.
7. Sasser
In 2004, a teenager developed the Sasser virus after discovering a security vulnerability in Windows XP and Windows 2000. Sasser affected millions of computers worldwide by slowing down their performance and causing them to crash. Unlike other computer viruses, Sasser didn’t require human interaction to spread. Sasser’s path of destruction impacted many organizations, costing an estimated $500 million.
8. Sobig
Transmitted to users through spam emails, the Sobig computer worm and its variants randomly attacked computers, making them even more harmful than many other viruses. First discovered in August 2003, Sobig’s spread was so rapid and widespread that it shut down the Massachusetts Institute of Technology’s (MIT) email network. In a short time, Sobig caused about $30 billion in damage.
9. SQL Slammer
Another malicious code unleashed in 2003 was the SQL Slammer computer worm. After choosing random Internet Protocol (IP) addresses, it identified and exploited Microsoft’s SQL Server flaws and infected multiple computers. SQL Slammer drastically slowed internet traffic and initiated DDoS attacks on numerous hosts, affecting a 911 system in Washington state, a nuclear plant in Ohio, and automated teller machines (ATMs) in the United States and Canada, incurring losses close to $1.2 billion. SQL Slammer reappeared in late 2016 with IP addresses from China, Mexico, and Ukraine launching attacks in 172 countries.
10. WannaCryptor/WannaCry
WannaCryptor, shortened to WannaCry, launched in 2017 and impacted 200,000 systems, most of which were business-related. After the ransomware compromises a computer, the files are encrypted, and the bad actor demands a ransom paid in Bitcoin. The owners permanently lose access to their files if they don’t pay the ransom. These attacks led to an estimated $4 billion in losses and continue to threaten poorly protected systems.
11. Zeus
In 2007, 88% of Fortune 500 companies were impacted by the Zeus trojan malware, which seized their computers and gave the malicious actors control. Infected computers became part of a network of bots with a bot master orchestrating mass hacking incidents. The malware was mostly transmitted in spam emails and attached to downloads targeting financial institutions. Zeus continues to be responsible for online bank thefts, data breaches, and DDoS attacks.
READ MORE FROM US
