Skip to content

Incidents by attack type:

Wiper

WiperResolved

Kyivstar wiper attack

Russia's Sandworm group destroyed thousands of virtual servers and workstations at Kyivstar, Ukraine's largest mobile operator, knocking out service for some 24 million subscribers and disrupting air-raid alerts, banking and payments in the most damaging cyberattack on Ukrainian telecoms since the 2022 invasion.

Victim
Kyivstar
Loss
$95.0M
WiperContained

Albania HomeLand Justice destructive wiper (Iran MOIS, 2022)

Iran's Ministry of Intelligence and Security, operating as 'HomeLand Justice', spent 14 months dwelling in Albanian government networks before launching ransomware-style file encryption and disk-wiping malware. Albania suspended online public services and became the first country in history to sever diplomatic ties with another state over a cyberattack.

Victim
Government of Albania
WiperContained

Viasat KA-SAT AcidRain wiper

One hour before Russia's invasion of Ukraine, Sandworm operators deployed the AcidRain wiper against Viasat KA-SAT satellite modems, bricking ~30,000 European terminals and 5,800 German wind turbines and disabling Ukrainian military command-and-control.

Victim
Viasat KA-SAT (subscribers across Ukraine and Europe)
Loss
$100.0M
WiperResolved

WhisperGate wiper attack

On the eve of Russia's invasion, a destructive wiper disguised as ransomware corrupted master boot records and files across dozens of Ukrainian government, IT and non-profit organisations, defacing official websites and signalling the cyber dimension of the coming war.

Victim
Ukrainian government, IT and non-profit organisations
Wiperunresolved

Iranian Railways 'MeteorExpress' wiper attack

A previously unseen wiper named Meteor crippled Iran's national railway network, wiping computers across stations, halting and delaying hundreds of trains, and defacing departure boards with a number for travelers to call: the office of Supreme Leader Khamenei.

Victim
Islamic Republic of Iran Railways (RAI) / Ministry of Roads and Urban Development
WiperResolved

Sony Pictures Entertainment hack

A North Korean wiper attack tied to the release of 'The Interview' destroyed roughly half of Sony Pictures' IT estate and leaked terabytes of internal documents, emails, and unreleased films.

Victim
Sony Pictures Entertainment
Loss
$100.0M
Records
1.0M
WiperContained

Saudi Aramco Shamoon wiper

Iranian-attributed Shamoon wiper destroyed data on roughly 30,000 Saudi Aramco workstations on a single day, taking the world's largest oil company's IT estate offline for two weeks. The first major Iranian retaliatory cyber operation.

Victim
Saudi Aramco
Loss
$200.0M
WiperResolved

Stuxnet (Operation Olympic Games)

U.S. and Israeli intelligence services jointly developed and deployed Stuxnet — the first widely-known cyber weapon to cause physical damage. The worm targeted Iran's Natanz uranium enrichment facility and destroyed approximately 1,000 IR-1 centrifuges over 2009–2010.

Victim
Natanz uranium enrichment facility (Iran)
Loss
$100.0M