It is very difficult to decide whether
it was the biggest
hacking attack or the worst hacking attack that
created a sense of insecurity in the mind of common users, 2014 is
about to end (well happy new year and holidays) and the echo of the
hacking attack carried out in this year, will be listened in the next
year or may be in many years after.
2014 was the year of cyber criminals
and hackers, their unstoppable hacking attack has shocked the world’s
population; from corporate sectors to the famous celebrities;
everyone seems to be their target. While writing this article, I am
still thinking to rearrange the list of hacking attacks because every
attack was a disaster and it is not an easy job to give them a rank.
P { margin-bottom: 0.08in; }
-
Heartbleed Bug
Heartbleed was not an actual hacking
attack but heartbleed is a bug/vulnerability in the popular OpenSSL
software that led many hackers to exploit the servers. Heatbleed was
the serious security threat even six months after of its discovery.
One the POC of heartbleed is that the
hackers exploited it to steal4.5 Million patient records; Community Health Systems, the renowned
hospital operator in U.S was the victim of this hacking attack.
-
Shellshock
ShellShock vulnerability was bigger
than HeartBleed Bug. It was affecting Linux and Mac OS X, Shellshock
was targeting the kind of machine that runs most of the servers
around the globe. Hackers created their botnet that exploited the
shellshock vulnerability, some of the famous target was:
-
Neiman Marcus Hack
More than 1.1 million customers were
affected in the hack of high-end retailer Neiman Marcus. The
sophisticated, self-concealing malware was “clandestinely”
installed on the department store operator’s system. The software
then actively tried to collect or “scrape” payment card
data from July 16 to Oct. 30, the company explained.
-
Ebay
In May, eBay revealed that hackers had
managed to steal personal records of 233 million users. The hack took
place between February and March, with usernames, passwords, phone
numbers and physical addresses compromised. The notorious Syrian
Electronic Army had claimed the responsibility of this attack but
Ebay or any other authentic source did not confirm it.
-
South Korea Credit card hack
South Korea credit card hack was the
nightmare for the
infosec security professionals. Credit card details
from almost half of all South Koreans have been stolen and sold to
marketing firms. The data was stolen by a computer contractor working
for a company called the Korea Credit Bureau that produces credit
scores. 20 million South Koreans or 40% of the country’s population
was the victim of this attack.
-
Home Depot
The payment system of one of the
largest home improvement retailer was hacked, the corporation said
that the hacking attack was bigger than the one that struck Target
Corp. last year. In addition to the 56 million credit-card accounts
that were compromised, Home Depot said around 53 million customer
email addresses were stolen as well.
-
JPMorgan credit card hack
The JPMorgan Chase & Co breach is
being called the worst known compromise in history, affecting
approximately 76 million households and 7 million small businesses.
Contact information, including name, address, phone number and e-mail
address, as well as internal JPMorgan Chase information about the
users, was compromised.
-
iCloud Hacks – Celebrities Photos
This is one of the famous hacking
attack where hackers have posted the nude pictures of celebrities on
the Internet. The privacy of many celebrities were invaded when a
hacker obtained personal photographs from various digital devices,
and began spreading them across the Internet, all the photographs
were stolen from iCloud. Apple said it was a targeted attack and none
of the cases they have investigated has resulted from any breach in
any of Apple’s systems including iCloud(R) or Find my iPhone.
-
Sony hacks
On November 24, 2014, personally
identifiable information about Sony Pictures Entertainment (SPE)
employees and their dependents, e-mails between employees,
information about executive salaries at the company, copies of
unreleased Sony films, and other information, was obtained and
released by a hacker group going under the moniker “Guardians of
Peace” or “GOP”.
-
Regin
On November, Symantec has discovery
piece of software called Regin, which it had found lurking on
computers and stealing data in Ireland, Russia, Saudi Arabia and
several other countries. Regin may have been created by Western state
to spy on governments, it can steal password, take snapshot and even
recover the deleted files. Researcher claimed that Regin is more
advanced than Stuxnet, which was developed by US and Israel
government hackers in 2010 to target the Iranian nuclear programme.
The European Union and a Belgian telecommunications company were also
the target of Regin.
Cybercrime and hacking attack have
reached new heights. At the end of 2014, we should start working to
create security awareness in order to prevent the hacking attacks in
future. We need more advance protection system and the training to
think smarter than hackers; yes we can do this because this is the
only option that we have.
