Pages

Monday, 15 August 2016

8 DANGEROUS DATA BREACHES THAT SHOULD FREAK YOU OUT


wps947B.tmp
8 Dangerous Data Breaches That Should Freak You Out
By K. Thor Jensen,
PC Magazine, 13 August 2016.

Last month, the media was all abuzz about the Democratic National Committee email hack and subsequent Wikileaks dump, which revealed bias against Bernie Sanders. Donald Trump even weighed in and said that he hoped Russia would continue to compromise American networks and further weaken Hillary Clinton, which is pretty intense. Information warfare is more serious than ever, and governments and companies are on guard.

Unfortunately, being vigilant just isn't cutting it. Over the last few decades, we've seen some of the most secure servers in the world breached by black hats. In this feature, we'll spotlight the intrusions and leaks that caused serious damage, whether it be financial or informational.

1. SWIFT Hack

wps3918.tmp

We're still in the early days of cyber warfare, with armies trying to figure out the best way to gain strategic advantage in this electronic battlefield. Most Western nations are operating pretty much under the Geneva conventions, not performing overt attacks on other countries' infrastructure or materials. And then there's countries like North Korea, who security experts believe were behind an incursion that funneled $81 million out of a bank in Bangladesh using the SWIFT money transfer system.

This was by most accounts the first act of cyber warfare that had a direct financial impact, and with North Korea occupying a precarious place in the world's economy, it's not surprising that they'd look for other ways of bringing in funds. The hack used custom malware to spoof SWIFT messages and hide them from inspectors, and it was exceptionally well-constructed, even altering printed and PDF records to conceal the illegal transactions.

2. Anthem

wps913C.tmp

Financial data breaches are bad, but you can always get a new debit card. When your health information gets stolen, though, you have way less in the way of options. That's why the Anthem hack of 2015 was such a big deal. The insurance giant saw tens of millions of client accounts compromised, with birthdates and other personal information released onto the black market.

Thankfully, the files that were illegally accessed did not contain medical case information, however the vulnerability of Anthem's systems caused some serious panic in the healthcare sector. The company had a US$100 million insurance policy in events of data theft, and analysts believe that just notifying the victims will eat up a significant amount of that money.

3. Gundremmingen Nuclear Plant

wpsDE72.tmp

In an increasingly networked world, the danger of hackers being able to compromise more than just data is all too real. That became clear in April of 2016 when IT staff at the Gundremmingen nuclear plant north of Munich discovered that their systems were infected with malware that could have given outside forces access to a system used for moving highly radioactive nuclear fuel rods.

Luckily for the population of Europe, the compromised machines weren't connected to the Internet, so they couldn't receive instructions from the malware's creators. The W32.Ramnit and Conficker programs were also discovered on a number of Flash drives throughout the facility, indicating that they probably came in on physical media and infected systems that way.

Another high-profile hack of a nuclear firm, Stuxnet, was reportedly orchestrated by the US and Israeli governments, an incident that is the subject of a new movie.

4. JP Morgan Chase

wps2C84.tmp

Some of these hacks are dangerous because they strike at a very precise vulnerability, while others earn a place for the sheer scale of the breach. That second category is epitomized by the 2014 JP Morgan compromise, which saw a staggering 76 million households exposed. We expect financial institutions to be vigilant in protecting their data - after all, the Western economy would grind to a halt without them - so when Chase admitted that the intrusion was as big as it was it raised a number of red flags.

Analysts revealed that the breach was committed on a single server that had not been upgraded to two-factor authentication. JP Morgan Chase spends an estimated US$250 million yearly on computer security, but when you're an organization of that scale there are guaranteed to be systems that fall through the cracks.

5. Weapon Designs Hack

wps77E5.tmp

In 2013, cyber warfare became all too real for the Defense Department, when hackers allegedly in the employ of China managed to breach a server and make off with high-tech weapon designs. It sounds like a plotline out of a spy movie, but it really happened, and the ramifications were felt all over the world. Weapons design is one of the ways the West keeps ahead of the competition in the global game of chess that is diplomacy, and losing ground there could be seriously detrimental.

Some of the designs that were swiped include the PAC-3 Patriot missile system, the latest version of our long-running defensive weapon, as well as the Aegis system that the Navy uses for the same purpose. Many military aircraft plans were also stolen, including the F-35 Joint Strike Fighter, the most expensive combat plane ever constructed.

6. Hacking Team


wpsF0B0.tmp

The scary thing about cyber warfare is how level the playing field is. A lone terrorist with an Internet connection can do just as much damage as some of the biggest governments on Earth, if they know how to leverage their access. And things get even worse when the companies that make tools for governments to wage information war get compromised themselves.

That's what happened in 2015 when Hacking Team, creators of the Remote Control Systems monitoring software, saw their systems breached and their products released to the world. Some of the most powerful spyware ever built was now available for use by any repressive government or force, free of charge. Thankfully, the release of the code prompted antivirus and other security companies to create new countermeasures, but the damage had already been done.

7. Syrian Rebel Phone Malware

wps447E.tmp

When a corrupt government wants to crack down on opposing forces, they have a lot of ways to do it. Excessive force is always a favorite, but it can be tough to pick out actual rebels from innocent civilians. The Syrian army, battling a number of rebel groups, decided to take things to the next level with the aid of an old-fashioned "honeypot" scam, where hackers posing as women persuaded fighters to download malware onto their phones.

Investigators going through another data breach uncovered a 7.7GB file that contained Skype chats, images and documents ripped from the Android phones of a number of Syrian rebels catfished by the government. The data they got from these incursions included battle plans, troop lists, and information on alliances the rebels were courting. All of this data made a huge difference in the crackdown on the rebel forces.

8. Office of Personnel Management

wpsAA30.tmp

We expect the federal government to have top-of-the-line information security - after all, the data they store about us could be used to completely destroy our lives if it got out. But when the Office of Personnel Management was compromised by Chinese hackers in 2015, it proved that even they have room for improvement. The leak released personal information from a staggering 21.5 million government employees and contractors past and present, including Social Security numbers and fingerprints.

That would be bad enough, but what truly put this data breach into the hall of fame was the realization that the hackers made off with incredibly sensitive security clearance documents that contain psychological evaluations, family connections, and tons more material perfect for blackmail.

Top image credit: bykst/Pixabay.

[Source: PC Magazine. Edited. Top image added.]

No comments:

Post a Comment

Please adhere to proper blog etiquette when posting your comments. This blog owner will exercise his absolution discretion in allowing or rejecting any comments that are deemed seditious, defamatory, libelous, racist, vulgar, insulting, and other remarks that exhibit similar characteristics. If you insist on using anonymous comments, please write your name or other IDs at the end of your message.