Reflecting on 15 years of cyberattacks, we revisit notable incidents, ranging from Estonia’s internet paralysis in 2007 to the recent $4.4-million ransom paid after the shutdown of a major US pipeline last week.

In 2007, Estonia faced the first massive state cyberattack, attributing the incident to Moscow amid diplomatic tensions. Stuxnet, a potent computer virus, targeted Iran’s nuclear facilities in 2010, disrupting operations and infecting thousands of computers. Iran accused Israel and the US of orchestrating the attack, marking the first on an entire industrial system.

Yahoo experienced a historic cyberattack in 2013, affecting three billion accounts, while a 2014 attack on a web services provider, linked to Russia, impacted 500 million accounts. Sony Pictures Entertainment encountered a major cyberattack in 2014, linked to North Korea and associated with the film “The Interview.”

In 2015, a group supporting Islamic State jihadists hacked into US Central Command’s social media accounts, causing embarrassment for the US in its fight against IS. The 2016 US presidential election saw the publication of Democratic Party candidate Hillary Clinton’s campaign staff emails online, leading to allegations of Moscow influencing the election outcome.

The 2017 WannaCry cyberattack affected numerous global organizations and companies, exploiting a security flaw in Microsoft’s Windows XP operating system. In late 2020, SolarWinds, a security software company, fell victim to a cyberattack lasting months, impacting 18,000 clients and over a hundred US companies. In March, a Chinese cyberespionage campaign exploited Microsoft Exchange service flaws, affecting at least 30,000 US organizations.

The mid-May 2023 cyberattack paralyzed Colonial Pipeline, the largest US oil pipeline operator, with Washington identifying the Russia-based DarkSide as responsible. Colonial Pipeline later admitted paying a $4.4-million ransom to resolve the crisis.