Nine cyberattacks that will remind you of your ex

Has your ex tried to reconnect in the past few months? If so, you’re not alone. As governments around the world imposed lockdowns and social distancing measures in the first half of 2020, humans suddenly came face to face with “unprecedented levels of boredom and loneliness.” All this newfound free time and limited avenues for social interactions has forced many to turn to social media and messaging in order to remain connected with friends and family: including reconnecting with past partners. New research by the Kinsey Institute at Indiana University demonstrates that about one in five people have reached out to an ex while in quarantine.

With a possible vaccine for the novel coronavirus still months away, we should brace ourselves for this new normal in which our appetite for social interactions will not be met as they normally would. Increased uncertainty will naturally cause introspection about one’s family, relationships, and work. Just as you should be wary of reconnecting with someone who should probably be left in the past, keep an eye out for an increase in cyber incidents. In preparation for the very real possibility of exes coming out of the woodwork and cyber incidents making the news, we’ve identified nine cyberattacks that will remind you of your ex.

WannaCry was a ransomware that exploited a vulnerability called Eternal Blue, developed by the US National Security Agency (NSA). In May 2017, WannaCry spread rapidly, infecting computers and encrypting files that could be decrypted with a $300 ransom. Just as investing in your ex’s “business venture” probably won’t result in returns, payment of the WannaCry ransom didn’t usually result in one’s files being decrypted.

CRASHOVERRIDE caused power outages across Ukraine in 2016 and locked grid operators out of their own systems—embarrassing, right? During this attack, grid operators were forced to revert to analog operations and other stone age tools. On the bright side, at least your ex isn’t a former imperial state who can’t seem to get over your dissolution.

In October 2016, the Mirai botnet leveraged insecure Internet of Things (IoT) devices to develop an army of bots for a distributed denial of service (DDoS) attack that caused an internet outage on US east coast. It started out with a kiss Minecraft, how did it end up like this?

Stuxnet is a computer worm that was discovered in 2010 but likely developed around 2005 *definitely not* by the United States and Israel. Stuxnet was successful in destroying centrifuges in Iran’s Natanz uranium enrichment facility while also sending false feedback to operators—talk about gaslighting. All the while, there was no clear indication that the centrifuges had been destroyed before it was too late. Think of Stuxnet as the Gideon Gordon Graves of both exes and cyberattacks.

NotPetya first targeted Linkos Group, a mom and pop Ukrainian software company, in June 2017 before going global. Small businesses and multinational corporations alike were paralyzed by the malware, just like when you realized you could Find My iPhone but not the rest of your life. NotPetya is considered to be the most expensive cyberattack, causing over $10 billion in damages, which is nothing compared to your ex stealing your beloved dog.

In November 2014, a group called the Guardians of Peace  (origins of the name remain unclear but what would one expect from North Korea?) took large amounts of private data off Sony’s corporate network while also deleting the original files. The group leaked thousands of company documents and sensitive correspondence. Could your middle school diary entries be worse than vitriolic emails about Angelina Jolie? You be the judge.

Conficker, first identified in 2008, is one of the older self-replicating cyberattacks—not unlike that one person you know who will date literally anyone. Conficker hardly caused any damage, since it was developed at a time when malware was primarily used to infect as many devices as possible instead of revenue generation. As it relies on infecting unsupported, unpatched legacy systems, it still shows up now and again. All in all, harmless but still cringe-worthy.

This was in fact part of a 2018 Defense Advanced Research Projects Agency (DARPA) exercise in Plum Island, New York. Two electric utilities worked to defend a grid from a red team and the objective was to defend and maintain power to a building deemed a critical asset. This attempted relationship (and the DARPA exercise) tested how you, researchers, and grid operators could prepare for, and respond to something devastating—and still fail.

In 2015, Chinese hackers breached the Office of Personnel Management (OPM) and the personal data of approximately 22 million people was compromised. This data included financial records and even fingerprints, but no evidence suggests that the data from the breach has been leveraged financially. So, while your credit score remains unchanged, that might just mean your ex is using your identity for more nefarious ends.

Safa Shahwan Edwards is an associate director in the Scowcroft Center for Strategy and Security’s Cyber Statecraft Initiative.

Further reading:

Image: An information analyst works in front of a screen showing a near real-time map tracking cyber threats at the FireEye office in Milpitas, California on December 29, 2014. Photo by Beck Diefenbach via Reuters.