Traditionally, most cyber-attacks have been carried out by criminal organizations, with the majority of incidents failing to register on an enterprise risk scale of businesses that faced significant setbacks. In 2017, this dynamic changed with the WannaCry and NotPetya incidents. These two attacks affected organizations in more than 150 countries, prompted business interruption and other losses estimated at well over USD 300 million by some companies, brought reputational damage, and resulted in loss of customer data.
In December 2017, the U.S. government took a rare step and attributed the WannaCry attack to hackers backed by North Korea. WannaCry and NotPetya exposed a systemic risk and affected a broad cross-section of businesses without specific targeting, demonstrating the potential for escalation in the threat of cyber terrorism.
These type of attacks can be prevented by keeping archives of records all the data and having a firewall system with high security.