Monday, March 31, 2014

13 Most Infamous Security Break-Ins

Hackers can be harmless when they want to, but when they want, they can cause devastation in the cyberspace. Over the years, there have been many hacker attacks that have led to quite the commotion and even huge losses. Here are 13 of the most recent and better known ones.

Hackers, hacking, NSA, Edward Snowden, LulzSec, Yahoo, Google, hack attacks, hacker attacks1. 2004: An anonymous hacker, who was never caught, broke into Microsoft’s corporate network and stole the source code for Windows 2000. He or she made the 600 million bytes of data public by posting it online.

2. 2011: 50,000 internal business messages from HBGary Federal CEO Aaron Barr’s email id were made public by hackers from the infamous LulzSec group. As a result, Barr quit his position in the company. LulzSec explained how they exploited weak passwords and unpatched servers to carry out the hack. They were eventually caught and one of them, Jake Davis, confessed to in a London court.

3. 2011: Hackers stole information from RSA related to their SecurID tokens. This attack was disclosed by Art Coviello, executive chairman of RSA. The attack was later linked to a cyber attack on Lockheed Martin. As a result of this, RSA replaced 40 million SecurID tokens.

4. 2013: Code-signing certificates from security firm Bit9 had been stolen by hackers last year. The attack was made to push malware into the systems of three of the firm’s customers. The firm took the complete blame for its ‘operational oversight’ that created the vulnerability.

5. 2012: A hacker group called Lords of Dharmaraja exposed the source code for Symantec Endpoint Protection 11.0, Symantec AntiVirus 10.2, pcAnywhere and Norton Internet Security. While Symantec did identify the code as being authentic, they said that the hackers had tried, in vain, to extort $50,000 for not posting the code online. The hackers claimed to have obtained the code from a third-party in the Indian military.

6. 2010: The Aurora Attacks of 2010 involved Google, whose network was broken and valuable intellectual property stolen. The company pointed towards the attacks originating in China, though the Chinese government refused any knowledge of such an attack from their side. 

7. 2010: Information relating to Cisco Live Badge numbers, title, names, email and company addresses for the attendees in Cisco Live 2010 were compromised. According to Cisco an unexpected attempt was made at hacking the list of attendees using the event site (ciscolive2010.com). While the breach was taken care of quite quickly, some information was still compromised and the company apologised via email to all invitees of the event.

8. 2011: Glen Mangham, a hacker from York, England, accessed the account of a Facebook employee. Mangham said that he did it to penetrate the network and find Facebook source codes so that he could analyse it. He was caught and sent to jail.

9. 2012: The private key for the Axis extension in Yahoo Search and browsing on Google Chrome was leaked by the company accidentally. The package containing the private crypto key was discovered by security blogger Nik Cubrilovic. Yahoo had to release a new version of the extension for Google Chrome because of the leak.

10. 2012: An Egyptian hacker, going by the name of Virus_HimA posted stolen email addresses and encrypted passwords from Adobe’s database. He posted the information for 230 users on Pastebin. 
Also, in 2013, the company disclosed that about 38 million usernames and encrypted passwords of customers were stolen in a cyberattack. The company said that the attackers had eve decrypted some of the information for credit cards using Adobe’s own systems as well.

11. 2011: Comodohacker, who is allegedly a 21-year-old Iranian student, breached SSL digital certificate providers Comodo, DigiNotar and GlobalSign. The attack resulted in DigiNotar going broke after the Dutch government banned the use of their certificates.

12. 2013: Evernote detected an intrusion in their systems and forced its 50 million users to change their passwords. The attacker had apparently gained access to emails passwords and usernames.

13. 2013: Yahoo Japan and Goo, a Japanese portal operated by NTT, were hacked. Goo had to lock as many as 100,000 accounts in order to prevent unwanted logins from hackerd accounts. Yahoo Japan on the other hand found a malware that stole user data for as many as 1.27 million, but the company was able to contain the attack before any information was leaked outside. 

No comments:

Post a Comment