SolarWinds, Estonia, Kaseya, Colonial Pipeline and Florida Water Treatment Facility: The Biggest Cyberattacks in History

SolarWinds, Estonia, Kaseya, Colonial Pipeline and Florida Water Treatment Facility: The Biggest Cyberattacks in History

Major Cyberattacks in History: A Look at the Most Disruptive Breaches

Cyberattacks have evolved into a critical geopolitical and economic threat, with far-reaching consequences for governments, businesses, and critical infrastructure. From state-sponsored espionage to financially motivated ransomware, these incidents highlight the growing sophistication and impact of cyber warfare. Below are some of the most significant cyberattacks in recent history.

1. Estonia Cyberattacks (2007)

In 2007, Estonia faced one of the first large-scale cyber warfare campaigns after relocating a Soviet-era war memorial in Tallinn. The attack, widely attributed to Russia, crippled the country’s digital infrastructure, causing banking failures, media blackouts, and communication disruptions. While direct evidence was scarce, an Estonian official later confirmed Kremlin involvement, with criminal groups joining the assault. The incident marked a turning point in hybrid warfare, demonstrating how cyberattacks could destabilize a nation.

2. SolarWinds Supply Chain Attack (2020)

A Russian espionage operation breached SolarWinds, a U.S.-based software company, by embedding malware (Sunburst) in an Orion software update. The attack granted hackers access to thousands of organizations, including U.S. government agencies, for up to 14 months. The unprecedented scale of the breach exposed vulnerabilities in supply chain security, making it one of the most damaging cyber espionage campaigns in history.

3. Ukraine Power Grid Attack (2015)

Russia’s Sandworm cyber unit targeted Ukraine’s power grid in 2015, causing blackouts for up to 230,000 people. The attack, which began with a breach at the Prykarpattyaoblenergo control center, marked the first successful cyberattack on a power grid. It demonstrated Russia’s ability to weaponize cyber tools in its conflict with Ukraine, setting a precedent for future infrastructure attacks.

4. NotPetya Malware Attack (2017)

Initially resembling ransomware, NotPetya was a destructive cyber weapon linked to Sandworm. Spread via a compromised Ukrainian tax software (M.E.Doc), it caused $1 billion in global damages. Unlike traditional ransomware, NotPetya permanently encrypted data, suggesting political motives rather than financial gain. Ukraine bore the brunt of the attack, but multinational corporations also suffered severe disruptions.

5. WannaCry Ransomware Attack (2017)

The WannaCry attack exploited a Windows vulnerability (EternalBlue) to infect 200,000 systems across 150 countries. The North Korea-linked Lazarus Group was widely blamed for the attack, which encrypted data and demanded Bitcoin ransoms. The UK’s National Health Service (NHS) was particularly affected, with 70,000 devices including medical equipment compromised, prompting a review of cybersecurity practices.

6. Florida Water System Hack (2021)

In 2021, a hacker accessed a Florida water treatment facility’s outdated Windows 7 system and increased sodium hydroxide levels by 100 times. The breach, which could have poisoned the water supply, was detected before causing harm. The incident underscored the risks of unpatched and legacy systems in critical infrastructure.

7. Colonial Pipeline Ransomware Attack (2021)

A single compromised password allowed the DarkSide ransomware group to shut down Colonial Pipeline, the largest U.S. fuel pipeline, for days. The attack triggered fuel shortages and panic buying along the East Coast. Colonial Pipeline paid a $4.4 million ransom in Bitcoin, highlighting the growing threat of ransomware to national security.

8. Kaseya Supply Chain Attack (2021)

The REvil ransomware gang targeted Kaseya, an IT management software provider, by pushing malware through a fake update. The attack affected 60 MSPs and over 1,500 downstream businesses, demonstrating how supply chain breaches can amplify damage. The incident mirrored the SolarWinds hack, reinforcing concerns about third-party vulnerabilities.

9. RockYou2021 Password Leak (2021)

A 100GB file posted on a hacker forum claimed to contain 82 billion passwords, later revised to 8.4 billion. While the leak was largely a compilation of previously exposed credentials, it served as a stark reminder of the risks posed by password reuse and weak authentication practices.

These attacks illustrate the evolving nature of cyber threats, from state-sponsored sabotage to financially driven extortion. As digital infrastructure becomes more interconnected, the potential for large-scale disruption continues to grow.

Source: https://www.historyhit.com/the-biggest-cyberattacks-in-history/

SolarWinds TPRM report: https://www.rankiteo.com/company/solarwinds

Estonia TPRM report: https://www.rankiteo.com/company/e-estonia

Kaseya TPRM report: https://www.rankiteo.com/company/kaseya

Colonial Pipeline TPRM report: https://www.rankiteo.com/company/colonial-pipeline-company

Florida Water Treatment Facility TPRM report: https://www.rankiteo.com/company/florida-state-university

"id": "cole-eflosolkas1782779791",
"linkid": "colonial-pipeline-company, e-estonia, florida-state-university, solarwinds, kaseya",
"type": "Cyber Attack",
"date": "5/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Entire population (banking, '
                                              'communications)',
                        'industry': 'Government, Finance, Media',
                        'location': 'Estonia',
                        'name': 'Estonia (Government, Banks, Media)',
                        'type': 'Government, Financial Institutions, Media'},
                       {'customers_affected': 'Thousands of organizations',
                        'industry': 'IT, Government, Various',
                        'location': 'Global (U.S.-centric)',
                        'name': 'SolarWinds, U.S. Government Agencies, Private '
                                'Companies',
                        'size': 'Thousands of organizations',
                        'type': 'Software Provider, Government, Private '
                                'Sector'},
                       {'customers_affected': '230,000 people',
                        'industry': 'Energy',
                        'location': 'Ukraine',
                        'name': 'Ukraine Power Grid (Prykarpattyaoblenergo)',
                        'type': 'Critical Infrastructure'},
                       {'industry': 'Various',
                        'location': 'Global (Ukraine-centric)',
                        'name': 'Global Corporations (Ukraine, Multinationals)',
                        'type': 'Private Sector, Government'},
                       {'customers_affected': 'NHS patients, global users',
                        'industry': 'Healthcare, Various',
                        'location': 'Global (150 countries)',
                        'name': 'UK NHS, Global Organizations',
                        'size': '200,000 systems',
                        'type': 'Healthcare, Private Sector'},
                       {'customers_affected': 'Local population',
                        'industry': 'Utilities',
                        'location': 'Florida, USA',
                        'name': 'Florida Water Treatment Facility',
                        'type': 'Critical Infrastructure'},
                       {'customers_affected': 'East Coast fuel consumers',
                        'industry': 'Energy (Oil & Gas)',
                        'location': 'USA (East Coast)',
                        'name': 'Colonial Pipeline',
                        'size': 'Largest U.S. fuel pipeline',
                        'type': 'Critical Infrastructure'},
                       {'customers_affected': '1,500+ businesses',
                        'industry': 'IT, Various',
                        'location': 'Global',
                        'name': 'Kaseya, MSPs, Downstream Businesses',
                        'size': '60 MSPs, 1,500+ businesses',
                        'type': 'IT Management, Private Sector'},
                       {'customers_affected': 'Potentially millions (password '
                                              'reuse risk)',
                        'industry': 'Various',
                        'location': 'Global',
                        'name': 'Global Internet Users',
                        'type': 'Individuals, Organizations'}],
 'attack_vector': ['Distributed Denial of Service (DDoS)',
                   'Malicious Software Update (Sunburst)',
                   'Spear Phishing / Control System Exploitation',
                   'Compromised Software Update (M.E.Doc)',
                   'Exploited Windows Vulnerability (EternalBlue)',
                   'Exploited Outdated OS (Windows 7)',
                   'Compromised Password',
                   'Malicious Software Update',
                   'Hacker Forum Leak'],
 'customer_advisories': ['Affected organizations notified',
                         'Affected businesses notified',
                         'NHS patients, global users notified',
                         'Local population notified',
                         'Fuel consumers notified',
                         'Affected businesses notified'],
 'data_breach': {'data_encryption': [None,
                                     None,
                                     None,
                                     'Yes (permanent)',
                                     'Yes',
                                     None,
                                     'Yes (ransomware)',
                                     'Yes (ransomware)',
                                     None],
                 'data_exfiltration': [None,
                                       'Yes (espionage)',
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None],
                 'file_types_exposed': [None,
                                        None,
                                        None,
                                        None,
                                        None,
                                        None,
                                        None,
                                        None,
                                        'Text (passwords)'],
                 'number_of_records_exposed': [None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               '8.4 billion'],
                 'personally_identifiable_information': [None,
                                                         None,
                                                         None,
                                                         None,
                                                         None,
                                                         None,
                                                         None,
                                                         None,
                                                         'Yes (passwords)'],
                 'sensitivity_of_data': [None,
                                         'High (government, corporate)',
                                         None,
                                         'High (corporate, operational)',
                                         'High (healthcare, personal)',
                                         None,
                                         None,
                                         'High (business, customer)',
                                         'High (passwords, PII risk)'],
                 'type_of_data_compromised': [None,
                                              'Government and corporate '
                                              'secrets',
                                              None,
                                              'Encrypted data (permanent loss)',
                                              'Encrypted data',
                                              None,
                                              None,
                                              'Access to business systems',
                                              'Passwords']},
 'date_detected': ['2007',
                   '2020',
                   '2015',
                   '2017',
                   '2017',
                   '2021',
                   '2021',
                   '2021',
                   '2021'],
 'date_publicly_disclosed': ['2007',
                             '2015',
                             '2017',
                             '2017',
                             '2021',
                             '2021',
                             '2021',
                             '2021'],
 'date_resolved': ['2021', '2021'],
 'description': ['In 2007, Estonia faced one of the first large-scale cyber '
                 'warfare campaigns after relocating a Soviet-era war memorial '
                 'in Tallinn. The attack crippled the country’s digital '
                 'infrastructure, causing banking failures, media blackouts, '
                 'and communication disruptions.',
                 'A Russian espionage operation breached SolarWinds by '
                 'embedding malware (Sunburst) in an Orion software update, '
                 'granting hackers access to thousands of organizations, '
                 'including U.S. government agencies, for up to 14 months.',
                 'Russia’s Sandworm cyber unit targeted Ukraine’s power grid '
                 'in 2015, causing blackouts for up to 230,000 people. The '
                 'attack marked the first successful cyberattack on a power '
                 'grid.',
                 'NotPetya was a destructive cyber weapon linked to Sandworm, '
                 'spread via a compromised Ukrainian tax software (M.E.Doc), '
                 'causing $1 billion in global damages by permanently '
                 'encrypting data.',
                 'The WannaCry attack exploited a Windows vulnerability '
                 '(EternalBlue) to infect 200,000 systems across 150 '
                 'countries, encrypting data and demanding Bitcoin ransoms. '
                 'The UK’s NHS was particularly affected.',
                 'A hacker accessed a Florida water treatment facility’s '
                 'outdated Windows 7 system and increased sodium hydroxide '
                 'levels by 100 times, detected before causing harm.',
                 'A single compromised password allowed the DarkSide '
                 'ransomware group to shut down Colonial Pipeline, triggering '
                 'fuel shortages and panic buying. A $4.4 million ransom was '
                 'paid.',
                 'The REvil ransomware gang targeted Kaseya, an IT management '
                 'software provider, by pushing malware through a fake update, '
                 'affecting 60 MSPs and over 1,500 downstream businesses.',
                 'A 100GB file posted on a hacker forum claimed to contain 8.4 '
                 'billion passwords, largely a compilation of previously '
                 'exposed credentials.'],
 'impact': {'brand_reputation_impact': [None,
                                        'Severe (SolarWinds, U.S. government '
                                        'agencies)',
                                        None,
                                        'Severe (global corporations)',
                                        'Severe (NHS, UK government)',
                                        'Moderate (local water utility)',
                                        'Severe (Colonial Pipeline, U.S. '
                                        'government)',
                                        'Severe (Kaseya, MSPs)',
                                        None],
            'conversion_rate_impact': [None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None],
            'customer_complaints': [None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    'Panic buying, fuel shortages',
                                    None,
                                    None],
            'data_compromised': [None,
                                 'Access to thousands of organizations, '
                                 'including U.S. government agencies',
                                 None,
                                 'Permanent data encryption',
                                 'Data encryption (200,000 systems)',
                                 None,
                                 None,
                                 'Access to 60 MSPs and 1,500 businesses',
                                 '8.4 billion passwords'],
            'downtime': [None,
                         'Up to 14 months (undetected access)',
                         'Blackouts for up to 230,000 people',
                         None,
                         None,
                         None,
                         'Days (fuel pipeline shutdown)',
                         None,
                         None],
            'financial_loss': [None,
                               None,
                               None,
                               '$1 billion (global damages)',
                               None,
                               None,
                               None,
                               None,
                               None],
            'identity_theft_risk': [None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    None,
                                    'High (password reuse risk)'],
            'legal_liabilities': [None,
                                  None,
                                  None,
                                  None,
                                  None,
                                  None,
                                  None,
                                  None,
                                  None],
            'operational_impact': ['Banking failures, media blackouts, '
                                   'communication disruptions',
                                   'Undetected espionage for months',
                                   'Power outages for 230,000 people',
                                   'Global operational disruptions',
                                   'NHS medical equipment compromised, delayed '
                                   'treatments',
                                   'Potential water poisoning (detected in '
                                   'time)',
                                   'Fuel shortages, panic buying, economic '
                                   'disruption',
                                   'Disruptions for 1,500+ businesses',
                                   None],
            'payment_information_risk': [None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         None],
            'revenue_loss': [None,
                             None,
                             None,
                             None,
                             None,
                             None,
                             None,
                             None,
                             None],
            'systems_affected': ['Banking, media, government communications',
                                 'Thousands of organizations (government and '
                                 'private sector)',
                                 'Ukraine’s power grid (Prykarpattyaoblenergo '
                                 'control center)',
                                 'Global systems (Ukraine and multinational '
                                 'corporations)',
                                 '200,000 systems across 150 countries '
                                 '(including NHS medical equipment)',
                                 'Florida water treatment facility (Windows 7 '
                                 'system)',
                                 'Colonial Pipeline (largest U.S. fuel '
                                 'pipeline)',
                                 '60 MSPs and 1,500 downstream businesses',
                                 None]},
 'initial_access_broker': {'backdoors_established': [None,
                                                     'Sunburst malware',
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None],
                           'data_sold_on_dark_web': [None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     'Yes (passwords)'],
                           'entry_point': [None,
                                           None,
                                           None,
                                           None,
                                           None,
                                           None,
                                           None,
                                           None,
                                           None],
                           'high_value_targets': [None,
                                                  'U.S. government agencies, '
                                                  'private companies',
                                                  None,
                                                  None,
                                                  None,
                                                  None,
                                                  None,
                                                  None,
                                                  None],
                           'reconnaissance_period': [None,
                                                     'Up to 14 months '
                                                     '(undetected)',
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None,
                                                     None]},
 'investigation_status': ['Attributed to Russia (circumstantial evidence)',
                          'Attributed to Russian SVR (Cozy Bear)',
                          'Attributed to Russia (Sandworm)',
                          'Attributed to Russia (Sandworm)',
                          'Attributed to North Korea (Lazarus Group)',
                          'Under investigation',
                          'Attributed to DarkSide',
                          'Attributed to REvil',
                          'Verified as compilation of previous leaks'],
 'lessons_learned': ['Cyberattacks can destabilize nations; hybrid warfare is '
                     'a growing threat.',
                     'Supply chain security is critical; third-party risks '
                     'must be managed.',
                     'Critical infrastructure is vulnerable to cyberattacks; '
                     'redundancy and security are essential.',
                     'Politically motivated cyberattacks can cause global '
                     'damage; attribution is challenging.',
                     'Unpatched systems are high-risk targets; regular updates '
                     'are crucial.',
                     'Legacy systems in critical infrastructure pose '
                     'significant risks; modernization is necessary.',
                     'Ransomware can disrupt national security; robust backup '
                     'and recovery plans are vital.',
                     'Supply chain attacks amplify damage; vendor security '
                     'must be prioritized.',
                     'Password reuse is a major risk; multi-factor '
                     'authentication is essential.'],
 'motivation': ['Political Retaliation / Hybrid Warfare',
                'Cyber Espionage',
                'Cyber Warfare / Infrastructure Disruption',
                'Political Destruction / Cyber Warfare',
                'Financial Gain / Cyber Warfare',
                'Unknown',
                'Financial Gain',
                'Financial Gain',
                'Data Exposure / Credential Harvesting'],
 'post_incident_analysis': {'corrective_actions': ['Enhanced national cyber '
                                                   'defenses, DDoS mitigation',
                                                   'Supply chain security '
                                                   'audits, third-party '
                                                   'monitoring',
                                                   'Critical infrastructure '
                                                   'redundancy, cybersecurity '
                                                   'upgrades',
                                                   'International cyber norms, '
                                                   'improved attribution',
                                                   'Patch management, system '
                                                   'updates, monitoring',
                                                   'Legacy system '
                                                   'modernization, security '
                                                   'reviews',
                                                   'Multi-factor '
                                                   'authentication, backup and '
                                                   'recovery plans',
                                                   'Vendor security '
                                                   'requirements, regular '
                                                   'audits',
                                                   'Multi-factor '
                                                   'authentication, password '
                                                   'hygiene education'],
                            'root_causes': ['Political retaliation, hybrid '
                                            'warfare tactics',
                                            'Supply chain compromise, lack of '
                                            'vendor security',
                                            'Cyber warfare, exploitation of '
                                            'control systems',
                                            'Political destruction, supply '
                                            'chain compromise',
                                            'Unpatched systems, exploitation '
                                            'of EternalBlue',
                                            'Outdated OS (Windows 7), weak '
                                            'authentication',
                                            'Single compromised password, lack '
                                            'of MFA',
                                            'Supply chain compromise, lack of '
                                            'vendor security',
                                            'Password reuse, weak '
                                            'authentication practices']},
 'ransomware': {'data_encryption': [None,
                                    None,
                                    None,
                                    'Yes (permanent)',
                                    'Yes',
                                    None,
                                    'Yes',
                                    'Yes',
                                    None],
                'data_exfiltration': [None,
                                      None,
                                      None,
                                      None,
                                      None,
                                      None,
                                      None,
                                      None,
                                      None],
                'ransom_demanded': [None,
                                    None,
                                    None,
                                    None,
                                    'Bitcoin',
                                    None,
                                    '$4.4 million (Bitcoin)',
                                    None,
                                    None],
                'ransom_paid': [None,
                                None,
                                None,
                                None,
                                None,
                                None,
                                '$4.4 million (Bitcoin)',
                                None,
                                None],
                'ransomware_strain': [None,
                                      None,
                                      None,
                                      'NotPetya',
                                      'WannaCry',
                                      None,
                                      'DarkSide',
                                      'REvil',
                                      None]},
 'recommendations': ['Strengthen national cyber defenses; invest in DDoS '
                     'mitigation and resilience.',
                     'Enhance supply chain security; conduct regular audits '
                     'and monitoring of third-party vendors.',
                     'Improve critical infrastructure security; implement '
                     'redundancy and cybersecurity best practices.',
                     'Develop international norms for cyber warfare; improve '
                     'attribution and response mechanisms.',
                     'Patch known vulnerabilities immediately; enforce regular '
                     'system updates and monitoring.',
                     'Modernize legacy systems in critical infrastructure; '
                     'phase out unsupported software.',
                     'Implement robust backup and recovery plans; avoid paying '
                     'ransoms to discourage attacks.',
                     'Strengthen vendor security requirements; conduct regular '
                     'audits of third-party software.',
                     'Enforce multi-factor authentication; educate users on '
                     'password hygiene and risks.'],
 'references': [{'source': 'Cyber Incident Description'}],
 'regulatory_compliance': {'fines_imposed': [None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None],
                           'legal_actions': [None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None,
                                             None],
                           'regulations_violated': [None,
                                                    None,
                                                    None,
                                                    None,
                                                    'GDPR (UK NHS)',
                                                    None,
                                                    None,
                                                    None,
                                                    'GDPR (if EU users '
                                                    'affected)'],
                           'regulatory_notifications': [None,
                                                        'Yes (U.S. government)',
                                                        None,
                                                        None,
                                                        'Yes (UK ICO)',
                                                        'Yes',
                                                        'Yes (U.S. government)',
                                                        'Yes',
                                                        None]},
 'response': {'adaptive_behavioral_waf': [None,
                                          None,
                                          None,
                                          None,
                                          None,
                                          None,
                                          None,
                                          None,
                                          None],
              'communication_strategy': [None,
                                         'Public disclosure by U.S. government',
                                         None,
                                         None,
                                         'Public advisories (UK, global)',
                                         'Public notification',
                                         'Public updates (Colonial Pipeline, '
                                         'U.S. government)',
                                         'Public disclosure (Kaseya)',
                                         None],
              'containment_measures': [None,
                                       'Isolation of affected systems',
                                       None,
                                       None,
                                       'Patch deployment (EternalBlue)',
                                       'Immediate reversal of chemical change',
                                       'Pipeline shutdown, ransom payment',
                                       'Isolation of Kaseya VSA servers',
                                       None],
              'enhanced_monitoring': [None,
                                      'Implemented post-incident',
                                      None,
                                      None,
                                      'Implemented post-incident',
                                      'Implemented post-incident',
                                      'Implemented post-incident',
                                      'Implemented post-incident',
                                      None],
              'incident_response_plan_activated': [None,
                                                   None,
                                                   None,
                                                   None,
                                                   None,
                                                   'Yes (detected in time)',
                                                   'Yes',
                                                   None,
                                                   None],
              'law_enforcement_notified': [None,
                                           'Yes (U.S. government)',
                                           None,
                                           None,
                                           'Yes (UK, global agencies)',
                                           'Yes',
                                           'Yes (FBI)',
                                           'Yes',
                                           None],
              'network_segmentation': [None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       None,
                                       'Implemented post-incident',
                                       None,
                                       None],
              'on_demand_scrubbing_services': [None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None,
                                               None],
              'recovery_measures': [None,
                                    'Long-term monitoring, security overhaul',
                                    None,
                                    None,
                                    'NHS system recovery, cybersecurity '
                                    'reviews',
                                    'Security upgrades, monitoring',
                                    'Pipeline restart, fuel distribution '
                                    'recovery',
                                    'Business continuity planning',
                                    None],
              'remediation_measures': [None,
                                       'Removal of Sunburst malware, system '
                                       'audits',
                                       None,
                                       None,
                                       'System restoration, patching',
                                       'System updates, security reviews',
                                       'System restoration, enhanced security',
                                       'Removal of REvil malware, system '
                                       'audits',
                                       None],
              'third_party_assistance': [None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         None,
                                         'Yes (cybersecurity firms)',
                                         None,
                                         None]},
 'stakeholder_advisories': ['U.S. government advisories (CISA, FBI)',
                            'Global cybersecurity advisories',
                            'UK NCSC, global advisories',
                            'Local and federal advisories (USA)',
                            'U.S. government advisories (CISA, FBI)',
                            'Kaseya, global cybersecurity advisories'],
 'threat_actor': ['Russia (State-Sponsored), Criminal Groups',
                  'Russian SVR (Cozy Bear / APT29)',
                  'Russia (Sandworm / APT28)',
                  'Russia (Sandworm)',
                  'North Korea (Lazarus Group)',
                  'DarkSide Ransomware Group',
                  'REvil Ransomware Gang'],
 'title': ['Estonia Cyberattacks (2007)',
           'SolarWinds Supply Chain Attack (2020)',
           'Ukraine Power Grid Attack (2015)',
           'NotPetya Malware Attack (2017)',
           'WannaCry Ransomware Attack (2017)',
           'Florida Water System Hack (2021)',
           'Colonial Pipeline Ransomware Attack (2021)',
           'Kaseya Supply Chain Attack (2021)',
           'RockYou2021 Password Leak (2021)'],
 'type': ['Cyber Warfare',
          'Supply Chain Attack',
          'Infrastructure Attack',
          'Malware Attack',
          'Ransomware',
          'Critical Infrastructure Breach',
          'Ransomware',
          'Supply Chain Attack',
          'Data Leak'],
 'vulnerability_exploited': ['Supply Chain Compromise',
                             'Software Vulnerability (M.E.Doc)',
                             'EternalBlue (CVE-2017-0144)',
                             'Unpatched Windows 7 System',
                             'Single Compromised Password',
                             'Software Vulnerability (Kaseya VSA)']}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.