Cyber horror stories: The true horrors for this Halloween

Cyber horror stories: The Cyber Hell-Oween: It’s not about ‘IF’ but ‘WHEN’ will happen.

Now that autumn is here, and the leaves have turned to gold, it’s officially that time of the year to celebrate two important events in October, Halloween and Cybersecurity Awareness Month. For the last few years, we have witnessed some terrifying cyber attacks happening worldwide, which shames all the scary ghost stories we hear on Halloween. Just like “based on true events” stories that give us nightmares, the same happens when we hear the horrible and true facts that these cyber attacks have caused these recent years.

That is why we have gathered for you our top scary stories that are guaranteed to give a chill down your spine. So, gather around the fire(wall) and hear our top scariest stories that have happened these last years.

Cyber Horror Stories

The famous WannaCry attack. The WannaCry ransomware attack in 2017 affected organizations, including the NHS, Telefonica, and FedEx. The EternalBlue exploit, which the US National Security Agency discovered, was used to cause the infamous damage. The victims of it were asked to pay $300 in BitCoin to unlock the encrypted files, and the ransom note warned that the price would double after three days if payment were not made. After seven days, the ransomware claimed that the encrypted files would be deleted. WannaCry is said to have caused $4 billion in damages so far, and it has earned up to $49,000 in BitCoin till now.

The expensive data breach of TalkTalk. In 2015, a 17-year-old anonymous boy and his two friends, Matthew Hanley, 22, and Connor Allsopp, 20, hacked into TalkTalk’s system. The hackers stole customer sort codes and account numbers. The data breach cost TalkTalk £42 million and £400,000 as they were required to have a security system to protect customer data. The firm said that 4% of its clients had confidential data at risk.

The horrible breach of the Marriott Hotel

Marriott Hotel reported that more than five million hotel guests’ data was stolen in 2020. Employees of Marriott’s hotels use an app to provide guests with services that attackers use to get through and extract an excessive amount of guest information. It is believed that the information was accessed using login credentials at one of Marriott’s franchised properties in February 2020. The company believes that this occurred starting in mid-January 2020.

Facebook’s major data leak. In 2018, Facebook suffered a series of crises, beginning with a massive data breach that set the tone for a rough couple of months that led to the damaging disclosures divulged by Frances Haugen, a whistleblower. (Whistleblowers are individuals who perform an essential service by reporting what they reasonably believe to be evidence of waste, fraud, abuse, or mismanagement.) In April, someone posted a database containing the personal information of 540 million Facebook users on a publicly accessible deep web hacking forum. The leak included phone numbers, full names, previous places of residence, birth dates, relationship statuses, biographies, and email addresses. Experts said the information would likely be used for social engineering, hacking, and or marketing purposes.

Cyber horror stories
Nth slavery telegram group -cyber hell documentary on Netflix

The latest threat for telecommunication companies

In early 2021, T-Mobile USA, a cellular network provider, was breached, enabling cybercriminals to execute ‘SIM swap’ attacks on customers. In SIM swap attacks, cybercriminals could obtain and read all of their victims’ text messages, including the ones crucial for logging into secure online accounts for banking and cloud-based software services. The criminals could reassign mobile phone numbers to SIMS they possessed as a result. This was a severe problem for affected customers since different organizations enable two-factor authentication for password protection, which frequently includes a one-time security code delivered by text message.

The rise of international espionage

NSO Group, an Israeli technology company, developed a spyware named Pegasus and is reported to have sold it to various nations. Once installed on your mobile device, Pegasus could record your conversations, take photos of you through your mobile camera, and track your geographical position. Unfortunately, this spyware was allegedly used to monitor different civilian groups. More than 50.000 phone numbers thought to belong to activists, journalists, lawyers, politicians, and executives from 50 countries (among others) were being traced. NSO Group, in an official statement, stated that it had only been sold to countries with evident human rights records.

Life-threatening attack in the healthcare industry. In 2016, hackers encrypted patient data at Hollywood Presbyterian Medical Center, a hospital in California. Hackers shut down the hospital’s internal computer system for over a week, encrypting sensitive patient information, billing, and other emails. The attackers demanded $3.7 million in ransom to relinquish control of the data they obtained from the hospital’s server. Tim Erlin, a hospital spokesperson, said that the attack “significantly affected their ability to deliver care.”, which resulted in risking patients’ lives.

Cyber Hell: Exposing an Internet Horror Netflix’s true story documentary. Netflix has produced a new documentary that exposes the true horror of the Nth group in South Korea. Nth Room was a sexual slavery group on Telegram between 2018 and 2020. A large number of victims, including juveniles, were forced by blackmail to make and distribute explicit videos of themselves by the administrator of this chat group.

These videos were then sold to thousands of users worldwide, who paid for them in cryptocurrencies. This massive scandal became public in early 2020 by Kim Wan, a journalist for the South Korean daily The Hankyoreh, investigated this case thoroughly. After the police and cyber detectives’ investigations, it was eventually found that the abuser was a college student who had exploited 103 individuals. This brilliant documentary explores how secrecy is used to protect terrible activity in the digital age and how victims of digital abuse are left wondering if they will ever feel safe and secure.

Kristi Shehu is a Cyber Security Engineer (Application Security) and Cyber Journalist based in Albania. She lives and breathes technology, specializing in crafting content on cyber news and the latest security trends, all through the eyes of a cyber professional. Kristi is passionate about sharing her thoughts and opinions on the exciting world of cyber security, from breakthrough emerging technologies to dynamic startups across the globe.