Significant Cyber ​​Incidents (2023)

This timeline lists significant cyber incidents since 2006. We focus on government actions, espionage, and cyber attacks costing more than $1 million in damage. This is a living document. When we learn of a cyber incident, we add it in chronological order. If you think we have missed something, please send us an

Download the complete list of incidents

Below is a summary of the events of the past year. To view the full list, click the download link above.

December 2022.A US lawmaker predicted that spyware hackers by US government officials could number in the hundreds, including diplomats in various countries. This follows an investigation into how many devices in the US government are affected by spyware.

November 2022.The United Arab Emirates hired three former US military and intelligence officials to help the government break into computers in the US and other countries.

November 2022.Microsoft led cyberattacks in the transportation and logistics-related sectors in Ukraine and Poland on a Russian GRU hacker group. The campaign started at the end of September 2022.

November 2022.Hackers attacked Bahraini government websites with DDoS attacks ahead of the country's general and local elections.

November 2022.Iranian government-sponsored hackers compromised the US Merit Systems Protection Board and exploited the log4shell vulnerability in February 2022. After a network breach, the hackers installed log4shell mining software cryptocurrencies and used malware to steal sensitive data.

November 2022.Hackers damaged the Danish State Railways network after attacking an IT subcontractor's software test environment. The attack paralyzed train operations for several hours.

November 2022.A group of India-based hackers attacked Pakistani politicians, generals and diplomats using malware that gives the attacker access to computer cameras and microphones.

November 2022.State-sponsored hackers with possible ties to the Chinese government have been targeting several Asian countries in a spying operation since March 2022, compromising a digital certificate authority in one country.

November 2022.Hackers disabled Vanuatu government digital services in a cyber attack. The attack affected all government services and disabled government emails, websites and systems, with only partial access restored a month later. Australian sources said the hack was a ransomware attack.

November 2022.The hackers targeted the Guadalupe government and forced all government computers to shut down to "protect data" during the incident response and to see the scale of the attack.

November 2022.Indian hackers have been targeting Pakistani government entities, including the military and companies, since April 2020. The attacks allowed the hackers to infiltrate systems and gain access to computer controls.

November 2022.Suspected hackers with ties to China have been running a spying campaign against public and private organizations in the Philippines, Europe, and the United States since 2021. The attacks used infected USB drives to deliver malware to the organizations.

November 2022.Actors linked to the Chinese state have intensified attacks against the smaller nations of Southeast Asia for the purposes of cyber espionage.

October 2022.In a ransomware attack, hackers targeted a communications platform in Australia that processes data from the Ministry of Defense. The government believes that the hackers breached sensitive government data in this attack.

October 2022. Russian official Vladimir Shin accused the US government and its allies of a coordinated campaign of cyber attacks against Russia. Shin cited comments by General Paul Nakasone confirming that the United States had "carried out a series of operations" in response to Russia's invasion of Ukraine.

October 2022. A Ukrainian newspaper published hacked data claiming to be confidential information from Russian defense contractors. The hackers responsible belong to an anti-Putin group in Russia.

October 2022.Hackers attacked the Bulgarian websites of the Presidential Administration, the Ministry of Defense, the Ministry of the Interior, the Ministry of Justice and the Constitutional Court in a DDoS attack. A pro-Russian hacker group claimed responsibility for the attack, saying it was punishment "for betraying Russia and supplying weapons to Ukraine."

October 2022. Hackers targeted several major US airports with a DDoS attack, affecting their websites. A group of pro-Russian hackers organized the attack before it took place.

October 2022. Pro-Russian hackers have claimed responsibility for an attack that brought down US websites, including those in Colorado, Kentucky and Mississippi.

October 2022. CISA, the FBI and the NSA announced that beginning in January 2021, state-sponsored hacking groups had long-term access to a defense company and compromised sensitive company data.

September 2022.Iranian hackers attacked Albanian computer systems, forcing the Albanian authorities to temporarily shut down the Total Information Management System, a service used to track people entering and leaving Albania. This attack came on the heels of Albania's decision to sever diplomatic ties with Iran, as well as US sanctions and NATO's condemnation of an Iranian cyberattack against Albania in July. In the July attack, Iranian actors deployed ransomware on Albanian government networks, destroying data and disrupting government services.

September 2022.A newly discovered group of hackers targeted telecommunications, Internet service providers and universities in the Middle East and Africa. The group installs malware platforms directly into system memory, bypassing native security solutions.

September 2022.Hackers targeted Montenegrin government networks, rendering key Montenegrin government websites and information platforms inaccessible. Montenegrin officials blamed Russia for the attack.

September 2022.Hackers attacked the website of the national parliament of Bosnia and Herzegovina, rendering the websites and servers inaccessible for several weeks.

September 2022.China has accused the US National Security Agency (NSA) of numerous cyberattacks against Northwest Polytechnic University in China. Authorities claim the NSA stole user data and infiltrated digital communication networks.

(Video) Top 10 Cyber Attacks In History | Biggest Cyber Attacks Of All Time | Cyber Security | Simplilearn

September 2022.The Anonymous group claimed responsibility for a series of cyberattacks against the Iranian government that shut down two key Iranian government websites and the websites of several state media organizations.

September 2022.The hackers targeted the Mexican Defense Secretariat and accessed six terabytes of data, including internal communications, criminal data, and data revealing Mexican surveillance of Ken Salazar, the US ambassador to Mexico. Mexican President Andrés Manuel López Obrador confirmed the authenticity of the data, including the personal health data that was released to the public.

September 2022.A group of Russian-based hackers attacked the website of British intelligence agency MI5 with a DDoS attack that temporarily took the site offline.

August 2022.The hackers breached the Italian energy agency Gestore dei Servizi Energetici (GSE), compromising servers, blocking access to systems, and blocking access to the GSE website for a week.

August 2022.Hackers used a DDoS attack to temporarily shut down the Taiwan Presidential Office website. The Taiwanese government blamed the attack on foreign hackers and said normal website operations resumed after 20 minutes. Taiwan's Ministry of Foreign Affairs also discovered that hackers had attacked its website and the main portal of the Taiwanese government.

August 2022.Hackers attacked the Finnish Parliament with a DDoS attack, making the parliamentary website inaccessible. A Russian group claimed responsibility for the attack on Telegram.

August 2022.The hackers targeted the website of the State Energy Agency of Ukraine, which is responsible for monitoring Ukraine's nuclear power plants. The agency said that Russian hackers carried out the attack.

August 2022.Hackers launched a DDoS attack on the Latvian Parliament's website, which temporarily disabled the website's server. A group of Russian hackers claimed responsibility for the attack on Telegram.

August 2022.The hackers targeted Greece's largest natural gas supplier, DESFA, leading to system failures and data disclosure.

August 2022.A Russian group has claimed responsibility for breaching a British private water company South Staffordshire Water and leaking files in a blackmail attempt.

August 2022.The hackers targeted Montenegrin government institutions and broke into the computer systems of various government agencies. Montenegro's defense minister said there was enough evidence to suspect that Russia was behind the attack.

August 2022.A DDoS campaign targeted the websites of state and private institutions in Estonia. Estonia claimed that the attack was largely repulsed and the impact was limited.

August 2022.Hackers used phishing emails to plant malware at government institutions and defense contractors in Eastern Europe in January 2022. A report by Russia-based Kaspersky linked the campaign to a Chinese hacker group.

July 2022.Hackers have targeted the Pakistan Air Force (PAF) in a spearfishing campaign to deploy malware and steal sensitive files. Pakistani and Chinese organizations claimed the attack came from hackers with ties to India.

July 2022.The hackers targeted Iran's Islamic Culture and Communications Organization (ICCO). The attack paralyzed at least 6 websites, posted images of Iranian resistance leaders on fifteen other websites, wiped databases and computers, and gave hackers access to sensitive ICCO data.

July 2022.A hacker claimed he obtained records of 1 billion Chinese from a Shanghai police database and put the data online for sale.

July 2022.The Belgian Foreign Ministry accused China of a cyber espionage campaign against Belgian targets, including the Belgian Interior and Defense ministries. A spokesman for the Chinese embassy in Belgium denied the allegations.

July 2022.The hackers targeted social media accounts belonging to the British Royal Army. The attack involved seizing the British Army's Twitter and YouTube accounts.

July 2022.Hackers targeted Lithuania's state energy company in a DDoS attack. Killnet, which Lithuanian authorities link to Russia, claimed responsibility for the attack.

July 2022.The hackers temporarily paralyzed the websites of the Albanian prime minister and parliament, as well as the e-Albania portal used to access public services.

July 2022.Hackers broke into a Ukrainian media outlet to broadcast to various radio stations that Ukrainian President Volodymyr Zelenskyy is in critical condition. Zelenskyy denied the allegations and blamed Russia for the attack.

July 2022.China said the United States stole 97 billion global Internet records and 124 billion phone records in June, specifically blaming the National Security Agency's (NSA) Adaptive Access Operations Office (TAO).

June 2022.Hackers targeted Lithuanian railways, airports, media companies and government departments with DDoS attacks. A Russian-backed group of hackers claimed responsibility for the attack.

June 2022.The FBI, the National Security Agency (NSA) and CISA announced that Chinese state-sponsored hackers have been attacking and breaching major telecommunications companies and network service providers since at least 2020.

June 2022.The hackers targeted former Israeli officials, military personnel, and a former US ambassador to Israel. An Israeli cybersecurity firm said Iran-affiliated actors used a phishing campaign to gain access to targets' inboxes, personal information and identification documents.

(Video) Top 10 Cybersecurity Incidents that happened in 2021

June 2022.Hackers targeted three Iranian steel companies, forcing the country's state-owned steelmaker to halt production.

June 2022.Hackers leaked files and photos known as the "Xinjiang Police Files," showing human rights abuses committed by the Chinese government against the Uyghur population.

June 2022.One attack targeted users of Australia's largest Chinese-language platform, Media Today. Hackers made more than 20 million attempts to reset user passwords in the platform's registration system.

June 2022.The hackers attacked the city's loudspeaker systems in Jerusalem and Eliat, triggering air-raid sirens in both cities. An Israeli industrial cybersecurity company blamed the attack on Iran.

June 2022.A China-linked disinformation campaign has targeted Australian miner Lynas Rare Earths. The campaign included the spread of misinformation on social media platforms and websites about the alleged environmental footprint of Lynas Rare Earths.

June 2022.The hackers made their way to Harmony's Horizon, a blockchain bridge, and accessed personal data that led to the theft of around $100 million. Blockchain analysis firm Elliptic has linked North Korea to the attack.

June 2022.A phishing campaign targeted US military, software, supply chain, healthcare, and pharmaceutical organizations to compromise Microsoft Office 365 and Outlook accounts.

June 2022.The hackers compromised the accounts of employees of Germany's Green Party, including those previously used by Annalena Baerbock and Robert Habeck, who now serve as foreign ministers and ministers for economic affairs and climate protection.

June 2022.Hackers attacked Norwegian public institutions with DDoS attacks and disrupted government websites. The Norwegian security agency NSM blamed the attack on pro-Russian hackers.

Mayo 2022.A DDoS attack targeted the Port of London Authority, forcing its website to go offline. A group linked to Iran claimed responsibility for the hack.

Mayo 2022.A phishing campaign targeted the Jordanian Ministry of Foreign Affairs. Investigators attributed the attack to an Iranian cyber espionage agent.

Mayo 2022.The Ethiopian Information Network Security Agency (INSA) said the hackers targeted the Grand Ethiopian Renaissance Dam (GERD). The Ethiopian Communications Security Agency thwarted the attacks before the hackers could gain access to the networks.

mayo 2022. Hackers attacked Greenland's healthcare system and caused network outages across the island. While an initial diagnosis found that the attack did not corrupt or expose citizen data, it severely crippled healthcare services.

mayo 2022. A group of Chinese hackers has been stealing intellectual property from US and European companies since 2019, largely undetected. Investigators believe the group has the support of the Chinese government.

Mayo 2022.According to the company, state-sponsored hackers shut down RuTube, the Russian version of YouTube.

mayo 2022. Russian hackers attacked Italian websites with a DDoS attack, including the Senate, the Ministry of Defense and the National Institute of Health. The group says its goal is to attack NATO countries and Ukraine.

April 2022.The Romanian National Directorate for Cybersecurity said several public and private sector websites were hit by DDoS attacks. Among the victims were the Ministry of Defence, the Border Police, the National Railway Company and the OTP Bank. A group blamed for the attack said on Telegram that it hacked the sites because Romania has supported Ukraine since the country was invaded by Russia.

April 2022.Cybersecurity researchers have identified a new hacking campaign with ties to Russia that began in January and targeted diplomats and embassy staff from France, Poland, Portugal and other countries. The attacks started with a phishing email to send a malware-laden file to the target.

April 2022.Iranian state television said the government thwarted cyberattacks targeting more than 100 public sector agencies. They did not provide any further information about the incident.

April 2022. Russian hackers targeted the Costa Rican Treasury Department in a cyberattack, crippling tax collection and export systems. Costa Rica's newly elected president declared a national emergency as a result of the attack and the group demanded a $20 million ransom or plans to release the stolen data.

April 2022.Hackers attacked members of the European Commission using spyware developed by NSO Group. A November notification from Apple to thousands of iPhone users that they were being attacked by state-sponsored actors drew the Commission's attention to the use of spyware.

April 2022.A North Korea-related hacking campaign that used phishing emails sent by fake employment agencies targeted chemical companies in South Korea.

April 2022.A Citizen Lab study found that actors used NSO Group spyware to target at least 65 Catalan activists and political figures.

April 2022.The US Treasury Department's Office of Foreign Assets Control blamed the March 29 Ronin Network hack on a group of North Korean hackers and announced sanctions against the hackers. The group stole more than $540 million worth of Ethereum and USDC.

April 2022.Hackers carried out DDoS attacks against the websites of the Finnish Ministry of Foreign Affairs and Defense. The attack botnet used more than 350 IP addresses from around the world and the denial of service lasted four hours.

(Video) Why The U.S. Can't Stop Cyber Attacks

April 2022.Hamas-linked cyber actors used a network of fake Facebook and Twitter profiles to monitor members of the Israeli security apparatus. The actors also used WhatsApp to gain the trust of their targets and then asked them to download an app that contained malware.

April 2022.Hackers targeted the Telegram accounts of Ukrainian government officials with a phishing attack to gain access to the accounts.

April 2022.Cyber ​​security researchers have observed hackers breaking into the networks of at least 7 Indian State Load Dispatch Centers (SLDCs) that oversee the operation of power grid controls. The SLDCs manage the SCADA systems and researchers have suggested that PLA-connected hackers may be involved.

April 2022.A social media platform has disrupted two Iran-linked cyber-espionage campaigns targeting activists, academics and private companies. The campaign targeted energy, semiconductor and telecommunications companies in countries including the United States, Israel, Russia and Canada, using phishing and other social engineering techniques.

April 2022.According to investigators, a group targeted several Ukrainian media organizations to gain long-term access to their networks and collect sensitive information. The group has links to the Russian GRU.

April 2022. The United States has removed Russian malware from computer networks around the world, a move announced by Attorney General Merrick B. Garland. While it's unclear what the malware's intent was, authorities noted that it could be used for anything from surveillance to destructive attacks. The malware created a botnet controlled by the Russian GRU.

April 2022. Hackers attacked a Ukrainian power plant, but CERT-UA and private sector support largely thwarted attempts to shut down substations in Ukraine. Researchers believe the attack came from the same GRU-linked Russian group that attacked Ukraine's power grid in 2016 using an updated form of the same malware.

April 2022:Hackers attacked the National Post Office of Ukraine with a DDoS attack days after the release of a new stamp honoring a Ukrainian border guard. The attack affected the agency's ability to operate its online store.

March 2022.Hackers used a DDoS attack to bring down the Marshall Islands National Telecommunications Authority. The attack disrupted internet services on the islands for more than a week.

March 2022.Pakistani government-linked hackers targeted Indian government officials in a spying operation. The group also created fake government and military websites to deliver malware to its targets.

March 2022.An attack on a satellite broadband service operated by the US company Viasat disrupted Internet services across Europe, including Ukrainian military communications at the start of the Russian invasion. The attackers hacked into the satellite modems of thousands of Europeans to disrupt the company's service.

March 2022.The hackers penetrated the websites of several Russian agencies, including the Department of Energy, the State Statistical Office, the Federal Penitentiary Service and the Federal Correctional Service. The websites displayed various anti-government and anti-theft images and messages before authorities could evict the trespassers.

March 2022.Hackers targeted Greenland's parliamentary authority in an apparent spying operation, forcing parliament to cancel sessions and delaying welfare payments.

March 2022.The China National Computer Network Emergency Response Coordination Center/Technical Team (CNCERT/CC) said US hackers had attacked Chinese computers to launch attacks against Russia, Ukraine and Belarus.

March 2022.The European Banking Authority was attacked using a vulnerability in Microsoft's mail server software, but no data was compromised. Several attacks exploiting this vulnerability have been attributed to a Chinese government-backed actor.

March 2022.The US Department of Justice indicted four Russian government officials involved in hacking campaigns that took place between 2012 and 2018. The attacks targeted companies and organizations with critical infrastructure, particularly in the energy sector. Hackers attempted to install backdoors and insert malware into the operating technology of their targets.

March 2022.According to Russia's Ministry of Communications and Digital Development, the hackers defaced and disrupted several Russian government and state media websites. The Emergencies Ministry website was hacked and the attackers wrote messages encouraging Russian soldiers to defect. Tass, a state news agency, was also hacked, with the hackers urging people to "take to the streets against the war."

March 2022.The National Research Council, Canada's largest government-funded research agency, said its networks had been breached by hackers. An announcement on the Council's website explained that parts of its online presence went offline as a result of this incident.

March 2022.Chinese government-linked hackers penetrated the networks of government agencies in at least 6 different US states in a spying operation. Hackers exploited the Log4j vulnerability to access networks, as well as several other vulnerable Internet-facing web applications.

March 2022.Hackers used a DDoS attack to attack a major Israeli telecom operator. As a result, several Israeli government websites were taken down.

February 2022.Investigators identified campaigns by two North Korean government-backed groups targeting employees of various media, fintech, and software companies. Hackers used phishing emails advertising fake jobs and exploited a vulnerability in Google Chrome to compromise company websites and distribute malware.

February 2022.The websites of the Cabinet of Ministers and the Ministries of Foreign Affairs, Infrastructure and Education of Ukraine were disrupted days before Russian troops invaded Ukraine. Wiper malware was also used to penetrate the networks of a Ukrainian financial institution and two government contractors.

February 2022.A Beijing-based cybersecurity firm has accused the US National Security Agency of developing a backdoor to monitor businesses and governments in more than 45 countries around the world. A Foreign Ministry spokesman said operations like this could threaten the security of China's critical infrastructure and compromise trade secrets.

February 2022.On February 15, a DDoS attack brought down websites belonging to the Ukrainian Ministry of Defense and two of the country's largest banks. The US and UK blame the attack on the Russian GRU. The Ukrainian Cyber ​​Police claimed that the attack was related to another "information attack", in which Ukrainian citizens received spam text messages claiming that ATMs were not working.

February 2022.A Beijing-based cybersecurity firm has accused the US National Security Agency of developing a backdoor to monitor businesses and governments in more than 45 countries around the world. A Foreign Ministry spokesman said operations like this could threaten the security of China's critical infrastructure and compromise trade secrets.

(Video) The Most Dangerous Cyber Threats in 2022

February 2022.A Pakistani group used a remote access Trojan to conduct espionage against Indian military and diplomatic targets. The group often uses social engineering and/or USB-based worms to break into a network.

February 2022.An Iran-affiliated group carried out espionage and other malicious cyber operations against a variety of private companies and local and federal governments.

February 2022.Between January 2020 and February 2022, state-sponsored Russian actors raided several US defense contractors. The hackers extracted sensitive emails and data related to the companies' export-controlled products, as well as proprietary information and interactions with foreign governments.

February 2022.Several oil terminals in some of Europe's largest ports in Belgium and Germany have been the victims of a cyber attack, preventing them from processing incoming barges. A ransomware strain linked to a group of Russian-speaking hackers was used to disrupt payment processing at energy companies.

February 2022.Since October 2021, a group of hackers has been targeting Palestinian individuals and organizations with malware. Investigators suspect the operation may be linked to a broader campaign by a hacking group widely attributed to Hamas's cyber arm that began in 2017.

February 2022.A UN report indicates that North Korean hackers stole more than $50 million from three cryptocurrency exchanges between 2020 and mid-2021. The report also added that this amount is likely to have increased in 2021 as the DPRK launched seven attacks on cryptocurrency platforms to finance its nuclear. program in the midst of a major sanctions regime.

February 2022.An investigation led by Mandiant found that Chinese government-linked hackers had compromised the email accounts of Wall Street Journal journalists. Hackers allegedly monitored and extracted data from the newspaper for more than two years, starting at least in February 2020.

February 2022.The networks of the British Foreign Office have been hacked. All details of the incident remain confidential.

January 2022.A group of Chinese hackers attacked several German pharmaceutical and technology companies. According to the federal government, the attack on the networks of service providers and companies was primarily an attempt to steal intellectual property.

January 2022.Hackers disrupted Internet traffic to and from North Korea twice in two weeks in what researchers say was likely a series of DDoS attacks. The second attack came shortly after North Korea's fifth missile test of the month.

January 2022.Hackers broke into the Canadian Department of Foreign Affairs and disrupted some of the department's Internet-connected services. The attack came a day after the government issued an alert to strengthen network security in anticipation of Russian cyberattacks on critical infrastructure.

January 2022.A series of DDoS attacks targeted a high-stakes Minecraft tournament and ended up affecting Andorra Telecom, the only ISP in the country. The attack disrupted Internet and 4G services for customers.

January 2022.The IT Directorate of the Greek Parliament identified an attempt to hack 60 parliamentary email accounts. In response, the authorities temporarily closed the postal system during the legislature.

January 2022.An Australian spokesperson accused WeChat of deleting Prime Minister Scott Morrison's account and redirecting users to a website that provides information to Chinese expatriates. The government claims it first encountered booking problems in the prime minister's account in mid-2021.

January 2022.Hackers broke into the systems of the International Committee of the Red Cross, gaining access to the data of more than 500,000 people and disrupting its services around the world. Investigators found that the operation may be linked to a widespread influence operation in Iran.

January 2022.A cyberattack targeted the Ukrainian government, affecting 90 websites and using malware disguised as ransomware to damage dozens of computers at government agencies.

January 2022.The hackers attacked several Israeli media outlets, including Maariv and the Jerusalem Post, posting threatening messages on their websites. One message read in English and Hebrew: "We are close to you where you don't think."

January 2022.A DRPK-linked group is targeting several Russian diplomats with malware. The diplomats received an email disguised as a New Year's greetings screen saver, but once opened, they installed a Trojan horse for remote access.

December 2021.A cyberattack on the Belgian Ministry of Defense forced the shutdown of part of its computer network, including the ministry's mail system, for several days. Hackers exploited the Log4j vulnerability to compromise the network.

December 2021.Hackers have been targeting various governments in Southeast Asia over the past 9 months using custom malware linked to state-sponsored groups in China. Many of the nations involved are currently locked in disputes with China over territorial claims in the South China Sea.

December 2021. A breach of Prime Minister Modi's Twitter account allowed hackers to tweet from the account that India has officially adopted Bitcoin as legal tender. The tweet also included a fraudulent link promising a bitcoin offer.

December 2021.A Bloomberg investigation publicly linked a 2012 breach of Australia's telecommunications systems to malicious code embedded in a Huawei software update.

December 2021.Cybersecurity companies have found pro-government hackers from China, Iran, and North Korea attempting to use the Log4j vulnerability to gain access to computer networks. Following the Log4j announcement, researchers found more than 600,000 attempts to exploit the vulnerability.

December 2021.Chinese hackers attacked four other US defense and technology companies in December, as well as an organization in November. Hackers obtained passwords to access organizations' systems and attempted to intercept sensitive communications.

December 2021.A Russian group has claimed responsibility for a ransomware attack against Australian utility CS Energy. The announcement came after Australian media blamed the attack on Chinese government hackers.

(Video) 8 Most Common Cybersecurity Threats | Types of Cyber Attacks | Cybersecurity for Beginners | Edureka


What is a significant cyber incident? ›

The term "significant cyber incident" as used in this directive means: A cyber incident that is (or a group of related cyber incidents that together are) likely to result in demonstrable harm to the national security interest, foreign relations, or economy of the United States or to the public confidence, civil ...

What were the 3 biggest cyber attacks ever made? ›

We can always learn from the past, so let's take a look at some of history's biggest cyber attacks:
  • The Melissa Virus. ...
  • NASA Cyber Attack. ...
  • The 2007 Estonia Cyber Attack. ...
  • A Cyber Attack on Sony's PlayStation Network. ...
  • Adobe Cyber Attack. ...
  • The 2014 Cyber Attack on Yahoo. ...
  • Ukraine's Power Grid Attack.
Feb 13, 2023

What are some well known cyber attacks? ›

What are the 10 Most Common Types of Cyber Attacks?
  • Malware.
  • Denial-of-Service (DoS) Attacks.
  • Phishing.
  • Spoofing.
  • Identity-Based Attacks.
  • Code Injection Attacks.
  • Supply Chain Attacks.
  • Insider Threats.
Feb 13, 2023

What is the difference between a cyber incident and a significant cyber incident? ›

Cyber incidents are a fact of contemporary life, and significant cyber incidents are occurring with increasing frequency, impacting public and private infrastructure located in the United States and abroad.

What is the largest cyberattack in US history? ›

1. Yahoo! The data breach of Yahoo is one of the worst and most infamous cases of a known cyberattack and currently holds the record for the most people affected. The first attack occurred in 2013, and many more would continue over the next three years.

What is the greatest cybercrime threat in the US today? ›

1) Phishing Attacks

The biggest, most damaging and most widespread threat facing small businesses is phishing attacks. Phishing accounts for 90% of all breaches that organizations face, they've grown 65% over the last year, and they account for over $12 billion in business losses.

What is the biggest cyber threat today? ›

Spear Phishing

Cyber criminals manipulate their targets into bypassing security measures, disclosing sensitive information, installing infected files, or clicking on malicious links. Over 225 million phishing attacks were reported in 2022, 61% more than in 2021.

What is the number 1 cyber crime? ›

Email and internet fraud. Identity fraud (where personal information is stolen and used). Theft of financial or card payment data. Theft and sale of corporate data.

What are the recent major cyber attacks? ›

2023 Cyber Attack Newsletters
  • Microsoft Azure SSRF Vulnerabilities.
  • Slack GitHub Account Hack.
  • Data Of 228 Million Deezer Users Stolen.
  • Twitter Leaks Data On 200 Million Users.
  • Malware Targets 30+ WordPress Plugins.
  • Kubernetes Clusters Hacked.
  • Top 10 Cyber Attacks In 2022.
  • Top 10 Vulnerabilities In 2022.

What is the most popular cyber crime? ›

In 2021, the most common type of cyber crime as reported to the U.S. Internet Crime Complaint Center was phishing and similar fraud, with approximately 324 thousand individuals affected.

What are the 7 steps in incident response? ›

7 Phases of Incident Response
  • Preparation. It's nearly impossible to create a well-organized response to a cybersecurity threat in the moment. ...
  • Identification. All phases of an incident response plan are important, however, identification takes precedence. ...
  • Containment. Don't panic! ...
  • Eradication. ...
  • Recovery. ...
  • Learning. ...
  • Re-testing.

What are 3 basic elements in an incident? ›

The Three Elements of Incident Response: Plan, Team, and Tools.

What are the 5 phases in the incident response process? ›

The NIST incident response lifecycle breaks incident response down into four main phases: Preparation; Detection and Analysis; Containment, Eradication, and Recovery; and Post-Event Activity.

What does significant incident mean? ›

A “significant incident” is defined as an incident that has the potential to result in harm to the health, safety or welfare of a person receiving services. •

What are 3 different types of cyber attacks? ›

Types of cyber threats your institution should be aware of include: Malware. Ransomware. Distributed denial of service (DDoS) attacks.

How does NIST define incident? ›

NIST SP 800-61 Rev. 2 under Computer Security Incident. A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.

What are the top 10 types of cyber attacks? ›

Types of Cyber Attacks
  • Malware Attack. This is one of the most common types of cyberattacks. ...
  • Phishing Attack. Phishing attacks are one of the most prominent widespread types of cyberattacks. ...
  • Password Attack. ...
  • Man-in-the-Middle Attack. ...
  • SQL Injection Attack. ...
  • Denial-of-Service Attack. ...
  • Insider Threat. ...
  • Cryptojacking.
Feb 7, 2023

What are the 8 main cyber security threats? ›

8 Common Cybersecurity Threats and How to Prevent Them
  • 1) Ransomware. ...
  • 2) Social Engineering/Phishing. ...
  • 3) Unpatched Systems and Misconfigurations. ...
  • 4) Credential Stuffing. ...
  • 5) Password Cracking Attacks. ...
  • 6) Man-in-the-Middle Attacks. ...
  • 7) Denial-of-Service Attacks. ...
  • 8) Drive-by Download Attacks.
Nov 10, 2022

What are the top 10 cyber threats? ›

Let's take a look at the following top 10 cybersecurity threats and steps you can take to prevent them.
  • Malware. ...
  • Ransomware. ...
  • Social Engineering. ...
  • Phishing. ...
  • Zero-Day Threats. ...
  • Internal Threats. ...
  • Emotet. ...
  • Denial of Service/Distributed Denial of Service.

What are the top 5 cybercrime cases in the US? ›

Here are 5 of the top cybercrimes affecting businesses and individuals in 2023:
  • Phishing Scams.
  • Website Spoofing.
  • Ransomware.
  • Malware.
  • IOT Hacking.
Oct 3, 2022

What was the Biggest data breach in History? ›

Data breached: 3 billion user accounts

According to data breach statistics, the largest data breach in history is the one that Yahoo! suffered for several years. Not only is it the biggest breach according to the number of affected users, but it also feels like the most massive one because of all the headlines.

What is one example of a cyberattack within the United States? ›

The SolarWinds attack is considered one of the most serious cyber espionage attacks on the United States, because it successfully breached the US military, many US-based federal agencies, including agencies responsible for nuclear weapons, critical infrastructure services, and a majority of Fortune 500 organizations.

Who is most targeted by cyber attacks? ›

Social Security numbers, banking information, and personal data of nearly 1.5 million customers were stolen by threat actors. The healthcare industry is particularly vulnerable to cyber attacks due to the wealth of Personal Identifiable Information (PII) their systems store.

What are the 5 types of cyber attacks? ›

17 Different Types of Cyber Attacks
  • Malware-based attacks (Ransomware, Trojans, etc.)
  • Phishing attacks (spear phishing, whaling, etc.)
  • Man-in-the-middle attacks.
  • Denial of Service attacks (DOS and DDoS)
  • SQL Injection attacks.
  • DNS Tunneling.
  • Zero-day exploits and attacks.
  • Password attacks.
Jan 18, 2023

What are the top 4 types of cyber crime today? ›

9 Most Common Computer and Internet Cyber Crimes
  • Harassment. ...
  • Ransomware. ...
  • Prostitution. ...
  • Child Pornography & Solicitation. ...
  • Intellectual Property Theft. ...
  • Account Hacking. ...
  • Drug Trafficking. ...
  • Credit Card Fraud.

Who is the main victim of cybercrime? ›

Those who use the Internet, email, social media and vulnerable computers will be the likely victims. Financially-motivated cybercrimes will likely be the preferred choice for criminals due to the ease of getting money, sourcing of victims and its difficulty in detection and apprehension.

How many cyber attacks have there been in the US? ›

How many cyberattacks per day? According to Security Magazine, there are over 2,200 attacks each day which breaks down to nearly 1 cyberattack every 39 seconds.

What are the real life examples of cyber crime? ›

Major Cases
  • A Byte Out of History: $10 Million Hack. A Russian's hacking of a U.S. bank in 1994 may have been the first online bank robbery. ...
  • Botnet Operation Disabled. ...
  • Cyber Criminal Forum Taken Down. ...
  • International Cyber Ring That Infected Millions of Computers Dismantled. ...
  • Melissa Virus. ...
  • Morris Worm. ...
  • Operation Innocent Images.

What is a real world example of cybercrime? ›

Your account has been invaded, and somebody else has taken your place. They have access to all your messages, your friends, your photos and personal information about you stored in your account. Even other websites and apps that you use Facebook to access. Somebody has stolen your digital life from you!

What is a real life example of cyber enabled crime? ›

Other crimes which are carried out online, but could be committed without the use of the internet, such as sexual grooming, stalking or harassment, bullying, and financial or romance fraud, are called cyber-enabled crimes.

What is an example of a cyber incident scenario? ›

An example of the scenario you could present: a member of the marketing team borrowed a company USB drive so they could take their presentation home and continue working on it. They plugged the USB into their home laptop, and while connected, it was infected with malware.

What is an example of an incident in cyber security? ›

Examples of security incidents include: Computer system breach. Unauthorized access to, or use of, systems, software, or data. Unauthorized changes to systems, software, or data.

What is the most common form of a cyber security incident? ›

Phishing is probably the most common form of cyber-attack, largely because it is easy to carry out, and surprisingly effective.

Which of the following is the warning level for significant cyber security incidents? ›

YELLOW or ELEVATED indicates a significant risk due to increased hacking, virus, or other malicious activity that compromises systems or diminishes service.

What is cybercrime give 5 examples? ›

Email and internet fraud. Identity fraud (where personal information is stolen and used). Theft of financial or card payment data. Theft and sale of corporate data.

What are the examples of incident? ›

For example:
  • By slipping and breaking an arm.
  • By coming into contact with a corrosive chemical.
  • By cutting themselves with a knife.
Oct 14, 2022

What are 3 types of incidents? ›

3 Types Of Incidents That Stand Out: Is Your Help Desk Prepared?
  • Major Incidents. Large-scale incidents may not come up too often, but when they do hit, organizations need to be prepared to deal with them quickly and efficiently. ...
  • Repetitive Incidents. ...
  • Complex Incidents.
May 11, 2022

What are the most common security incidents? ›

There are many types of cybersecurity incidents typically caused by insiders, such as sensitive data leaks and breaches, trade secrets and insider data theft, privilege misuse, and phishing attacks.

What is an example of a serious incident? ›

Unexpected death – like someone dying unexpectedly because they did not receive proper care and services.

What is a critical security incident? ›

An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use ...

What are the 4 main types of vulnerability in cyber security? ›

Below are some of the most common types of cybersecurity vulnerabilities:
  • System Misconfigurations. ...
  • Out-of-date or Unpatched Software. ...
  • Missing or Weak Authorization Credentials. ...
  • Malicious Insider Threats. ...
  • Missing or Poor Data Encryption. ...
  • Zero-day Vulnerabilities. ...
  • Vulnerability Detection. ...
  • Cyber Security Vulnerability Assessment.

How do you determine the severity of a cyber incident? ›

Organizations determine incident severity levels by assessing a range of criteria such as potential impact on business operations, asset or data confidentiality/integrity/availability; number of impacted users/systems; duration of exposure; legal implications; etc.

What is the first priority when responding to a major security incident? ›

Containment is the top priority once an incident has been detected. Containment should be done as soon as possible to reduce damage and prevent further incidents or destruction of evidence.

What is a Level 1 threat? ›

Typical Level I threats include enemy agents and terrorists whose. primary missions include espionage, sabotage, and subversion. Enemy activity and individual attacks may include random or directed killing of military and civilian personnel, kidnapping, and guiding special-purpose individuals or teams to targets.


1. New cyber incident reporting obligations that you need be aware of in the EU and US
(IT Governance Ltd)
2. CISA director on importance of reporting cyber incidents
(Washington Post Live)
3. Cyber attacks: How does ransomware work?
(Sky News)
4. 10 Most Devastating Cyber Attacks in History
(Matthew Santoro)
5. Top 10 Cyber Attacks in World | Top 10 Cyber Attacks of All Time | Cybersecurity | Simplilearn
6. What is incident response in cyber security [A step-by-step guide to perform the cybersecurity IRP]
(Secure Disruptions)


Top Articles
Latest Posts
Article information

Author: Edwin Metz

Last Updated: 02/10/2023

Views: 6571

Rating: 4.8 / 5 (78 voted)

Reviews: 93% of readers found this page helpful

Author information

Name: Edwin Metz

Birthday: 1997-04-16

Address: 51593 Leanne Light, Kuphalmouth, DE 50012-5183

Phone: +639107620957

Job: Corporate Banking Technician

Hobby: Reading, scrapbook, role-playing games, Fishing, Fishing, Scuba diving, Beekeeping

Introduction: My name is Edwin Metz, I am a fair, energetic, helpful, brave, outstanding, nice, helpful person who loves writing and wants to share my knowledge and understanding with you.