The internet runs on trust.
Every day, billions of systems exchange data, process transactions, and store information we depend on. But history has shown how fragile that trust can be.
A missed patch.
A stolen credential.
A vulnerability no one noticed.
Chronicles of Compromise documents the cyber attacks that exposed those weaknesses. Each story explores the timeline, the techniques, and the people behind some of the most significant breaches in modern history.
Understanding how these attacks happened is more than curiosity.
It’s how we learn to stop the next one.
- The Billion-Dollar TypoHow North Korea’s phantom hackers nearly broke the global banking system Prologue 4:00 AM, 5 February 2016. Dhaka is sleeping. The streets around Bangladesh Bank’s headquarters on Motijheel Avenue are quiet. The overnight staff are keeping watch, but there’s nothing to watch. The SWIFT terminal hums. The servers breathe. Everything is ordinary. Somewhere on the… Read more: The Billion-Dollar Typo
- The Day Ireland’s Health Service Went DarkOn May 14, 2021, Ireland’s Health Service Executive fell victim to a devastating ransomware attack triggered by a single phishing email. The attack crippled hospitals nationwide, delaying treatments and compromising patient data. Despite warnings, the incident reflected systemic cybersecurity failures within the organization, ultimately highlighting vulnerabilities in health services globally.
- “The Bandwidth Wars” – The Flood No One Could SeeOn February 28, 2018, GitHub experienced a massive DDoS attack that peaked at 1.35 terabits per second, utilizing misconfigured Memcached servers to amplify traffic. Within ten minutes, GitHub rerouted traffic and absorbed the attack. By 2020, AWS faced a larger attack but successfully mitigated it, showcasing evolving defense strategies against infrastructure disruption.
- The XZ Utils Backdoor (2024)In March 2024, a backdoor hidden in XZ Utils, an essential Linux compression tool, was discovered. The attacker, posing as a trusted contributor for over two years, exploited community trust to embed malicious code capable of compromising millions of servers. The operation highlights the increasing threat of supply chain attacks and the significance of vigilance in software maintenance.
- SolarWinds Supply Chain Attack (2020)In early 2020, a routine software update for SolarWinds’ Orion contained hidden malware, SUNBURST, leading to a global cyber-espionage campaign. Discovered by FireEye in December 2020, the breach highlighted vulnerabilities in trust and supply chains, with attackers, linked to Russian intelligence, exploiting a single vendor to access numerous networks for strategic data gathering.
Chronicles of Compromise 