The year 2017 will go down in history as one of the most interesting years so far by having experienced a disproportionally large number of cyber attacks. From large corporate breaches to state sponsored cyber attacks, 2017 has to be one of the years with the greatest cyber meltdown ever recorded in history. In this article we present an overview of the major cyber attacks that happened in 2017 and the effects they had.

1. Cloudbleed

Cloudbleed was one of the first breaches to welcome us into 2017. It was a major security bug discovered in February 2017 embedded in the reverse proxies of Cloudflare’s website. Exploiting this bug made Cloudflare’s servers return more data than requested and necessary in response to website requests. This led to a massive leak of sensitive data which included its users, authentication tokens and passwords. The bug was said to have been in existence since September 2016 till February 2017 when it was discovered.  Since Cloudflare is a security-as-a-service provider, major users including Uber and OKCupid and many others were affected.

2. Shadowbrokers

Shadow Brokers first surfaced in August 2016, claiming to have breached the spy tools of the elite NSA-linked operation known as the Equation Group. This April, though, marked the group’s most impactful release yet. It included a trove of particularly significant alleged NSA tools, including a Windows exploit known as EternalBlue, which hackers have since used to infect targets in two high-profile ransomware attacks. This brings us to our next point.

3. WannaCry

On May 12 a strain of ransomware called WannaCry spread around the world, walloping hundreds of thousands of targets, including public utilities and large corporations. The WannaCry ransomware was successful as a result of the NSA losing control of its key hacking tools.  The ransomware temporarily crippled National Health Service hospitals and facilities in the United Kingdom, hobbling emergency rooms, delaying vital medical procedures, and creating chaos for many British patients. WannaCry’s reach came in part thanks to the leaked Shadow Brokers Windows vulnerabilities, EternalBlue.  The WannaCry ransomware is said to have been the biggest ransomware of its kind in history.

4. NotPetya

Roughly after WannaCry, another wave of ransomware infections that partially leveraged Shadow Brokers Windows exploits hit targets worldwide. This malware, called Petya, NotPetya and a few other names, was more advanced than WannaCry in many ways, but still had some flaws, like an ineffective and inefficient payment system.

Though it infected networks in multiple countries—like the US pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosnoft—researchers suspect that the ransomware actually masked a targeted cyberattack against Ukraine. The ransomware hit Ukrainian infrastructure particularly hard, disrupting utilities like power companies, airports, public transit, and the central bank, just the latest in a assaults against the country.

5. Equifax Breach

The Equifax breach is one of the most severe breaches of all for a simple reason: the enormous amount of highly sensitive data stolen by criminals, leaving 143 million people affected. From mid-May to July, hackers exploited vulnerability in its website. The data compromised included Social Security numbers (SSNs), dates of birth and driving-licence numbers, and for 209,000 people, possibly their credit-card numbers as well. Equifax also noted that data of British and Canadian citizens may have been stolen. This breach was tagged “the mother of all hacks”

6. BadRabbit

After WannaCry and NotPetya, a new Ransomware surfaced. Bad Rabbit started hitting organisations across Russia and Eastern Europe spreading via fake Flash update on compromised websites. Bad Rabbit’s targets included Ukraine’s Ministry of Infrastructure and Kiev’s public transportation system.

7. MongoDB

MongoDB suffered quite a number of attacks this year.  A group of hackers exploited the vulnerability in unsecured MongoDB installs. This resulted in the infection of over 27000 systems with ransomware in January. By September, 26000 MongoDB databases were totally deleted by three groups of hackers. In another variant of ransomware, the attackers requested for payment in order to return the data wiped out.

Apart from the above listed, other major cyber breaches that happened in 2017 include the following:

8. The Edmodo data breach

Edmodo is an education platform which offers both interaction and teaching tools for K-12 schools and teachers. Edmodo’s platform allows teachers share content, assignments and provide communication between teachers, students and parents.  In April 2017, hackers put information of about 11.5 GB of data with over 77 million unique Edmodo users (6.4 million children) for sale on the dark web. This data included usernames, email addresses and hashed passwords.

9. The Deloitte Data Breach

Due to absence of the much lauded two-factor-authentication Deloitte Touché Tohmatsu Limited, popularly referred to as “Deloitte” which was ranked the best cybersecurity consultant in the world in 2012  was hit by a cyber attack which led to the theft of several confidential documents. The attacker(s) compromised the mail server through an administrator account which required just a password to gain entry to  and this gave them unrestricted privileges to access all other users. This gave them access to Deloitte’s Microsoft- hosted mail boxes. The hackers are estimated to have gained access to several IP addresses, health records, user names and passwords, and other critical business documents.

10. 198 Million Voters Data Leak

In June 2017, security researcher Chris Vickery announced that he had discovered a publicly assessable database containing full information about registered US voters dating as far back as the last 10 years. This lead was as a result of the misconfiguration of the Amazon S3 server where the database was hosted by a data firm Deep Root Analytics. The misconfiguration was such that over 1 TB of data was publicly available and accessible on the web.

Several other cyber attacks and breaches were recorded in 2017 including the Macron Campaign breach where hackers leaked over 9 GB collections of his party emails days before his election, the WikiLeaks CIA data dump which dumped over 80-00 documents stolen from the CIA on their website.  Apart from data breaches, there were also other incidents of ransomware attacks such as Locky, Nemucod, Jaff Cryptomix and Jigsaw which had their own share of the front sit this year.

While the year isn’t over yet, unless there is a much bigger cyber attack before the end of 2017, we will have to name the Equifax breach the biggest attack of the year since the Equifax breach ended up breaching the confidentiality, integrity and availability of their systems this year. Stay tuned on our blog and social media channels for our 2018 predictions.