Seven Major Hacks That Changed How We View Cyber Security 2023
In This article we will learn Seven Major Hacks That Changed How We View Cyber Security.
Seven Major Hacks :
1) Locky the worst ransomware ever
Attacker: Unknown
Loss: Wipe hard drive or pay ransom
Infected entity: An end user who opens mail from unknown sources
Year: 2014-2016
Description:
Locky is ransomware that installs itself on a victim’s computer once a user opens and runs a macro from a Word document. Renames the file and adds a .locky extension to the end. It sets a wallpaper that displays an image warning that if the user wants to get the decryption key, they should pay an amount between 0.5 and 1 BTC.
Solution:
Several removal tools are mentioned at https://www.symantec.com/security_response/writeup.jsp?docid=2016-021706-1402-99&tabid=3
Lesson Learned:
Never open mail from unknown sources, never run/open untrusted or unknown file in the system.
Reference:
https://www.symantec.com/connect/blogs/locky-ransomware-aggressive-hunt-victims
Another attack has a lesson for large giant enterprises to help them manage the panic situation.
2) Cool SONY hack
Attacker: Anonymous
Financial loss: $171 million
Infected entity: SONY and its 77 million users
Year: 2011
Description:
In June 2011, Sony PlayStation was compromised and an attacker stole the user database with their full name, credit card information, etc. After that, the company tried to modify the network to recover from the attack, but it failed. In the end, there was only one option left – a public disclosure of the attack. After the disclosure, users tried to file a lawsuit against SONY for not properly maintaining data security.
Lesson Learned:
Never panic under attack, disclosure should be made immediately.
Reference:
https://www.theatlantic.com/technology/archive/2011/06/44-days-cost-sony-171-million/351363/
https://hotforsecurity.bitdefender.com/blog/top-5-corporate-losses-due-to-hacking-1820.html
Another widespread malware attack warns the user to be vigilant and watchful when visiting websites, opening emails, running unknown files, etc.
3) The ILOVEYOU worm
Forwards: Reonel Ramones and Onel de Guzman
Financial loss: $8 billion and $15 billion to eliminate
Infected entity: Millions of Windows PCs
Year: 2000-2002
Also Read:Everything you need to know about Ethical Hacking as a Career by Blackhat Pakistan 2023
Description:
ILOVEYOU earned the title of the most virulent virus. In this infection, the attacker sends a vbs file called ILOVEYOU, also known as a “love letter”, as an attachment. Once the victim opens the file, it creates a copy of itself with a random file type. It also spreads by sending a similar email to all the people present in the victim’s Windows directory. Almost 10% of the entire internet system was affected by this worm.
Lesson Learned:
Do not open attachments from unknown sources.
Reference:
https://cs.wikipedia.org/wiki/ILOVEYOU
http://searchsecurity.techtarget.com/definition/ILOVEYOU-virus
A great lesson for people who take pictures of nudes, have simple passwords or believe that cloud storage is ahead of us.
4) iCloud hacking
Striker: Tristan
Financial loss: This time it was more of a kind of reputational loss for celebrities and Apple.
Infected entity: iCloud services
Year: 2014-2016
Description:
The attacker with the handle Tristan copied the top 100 nude celebrities and videos from Apple’s iCloud service. Celebrities like Jennifer Lawrence, Mary Elizabeth, etc. had nude photos posted on a forum called 4chan. The attacker claimed to have more explicit celebrity nudes in exchange for some bitcoins.
It’s not over yet; the attacker posted other nudes of celebrities such as Emma Watson and Amanda Seyfried on Reddit and 4chan. The attacker claims that he has published only the tip of the iceberg and many more such installments are expected to be online soon.
Solution:
Apple has denied claims of hacking.
Lesson Learned:
Never share your password with anyone, never use a simple password. Never record the files because the hackers had some files that were deleted from the phone memory.
Reference:
http://thehackernews.com/2017/03/fappening-emma-watson.html
http://thehackernews.com/2014/09/reported-apple-icloud-hack-leaked_1.html#search
Now you will read about the biggest DDOS attack using botnets.
5) The biggest DDOS attack with Mirai
Attacker: Mirai Malware Anonymous Group
Financial loss: Many websites were not accessible.
Infected entity: hosting provider OVH (France), 152,000 IOT devices (botnets), DYN
Year: 2016
Description:
OVH was reported to have the largest DDOS attack with a peak of 799 Gbps. The DDOS was driven by a number of IOT devices such as camera, Smart TV and other smart devices that were infected with Mirai malware. On October 21, 2016, a large portion of the website and services were unavailable to a large number of users in Europe and North America. This time Mirai was launched in DYN, which is responsible for resolving domains and IP addresses over the Internet.
Solution:
VAC capable of withstanding DDoS attacks with peaks of up to 5 Tbps without OVH slowing down the network. DYN implemented a different protection mechanism.
Lesson Learned:
Change your default credentials and make sure you’re safe and compliant before going online. Are you ready for a DDOS?
Reference:
OVH Official Statement https://www.ovh.com/us/news/articles/a2367.the-ddos-that-didnt-break-the-camels-vac
http://securityaffairs.co/wordpress/51726/cyber-crime/ovh-hit-botnet-iot.html
Being good or bad is not important, what is important is to be sure that you are doing good or evil.
6) NSA Equation group tools leak
Attacker: The Shadow Brokers
Financial loss: NA
Infected Entity: Initially the NSA, but actually many businesses as the NSA used these tools to compromise their network. One million Windows systems were found to be affected.
Year: 2016-2017
Description:
The NSA Equation group had a zero-day exploit for network devices such as CISCO, Fortinet, Juniper, Netscreen that was released by The Shadow Brokers in 2016 can be seen at https://www.exploit-db.com/author/? and =8712. It also had exploits for Windows XP, Windows Server 2003, Windows 7 and 8, Windows 2012 and others that were released in 2017 can be seen at https://github.com/misterch0c/shadowbroker. The DoublePulsar backdoor was used by the NSA to gain access to important servers and monitor activity using the EternalBlue exploit, both of which are publicly available to script kids. Snowden says the Russian will be responsible for the event https://twitter.com/snowden/status/765515087062982656?lang=en
Solution:
The relevant vendors have patched all zero-day vulnerabilities used by the NSA to exploit. Because exploits are available, vulnerable products can still be exploited.
Lesson Learned:
Patch the system often, always check for backdoors, isolate sensitive data.
Reference:
https://cs.wikipedia.org/wiki/Equation_Group
The ultimate hack that appeared in history with perfect accuracy that also involves millions of dollars. Read ahead.
7) Swift bank hack Bangladesh
Attacker: Lazarus’ group
Financial loss: $951 million
Infected entity: Banks
Year: 2015-2016
Description: SWIFT helps the messaging system to transfer currencies between global banks, it does not involve direct money transfer, but settles payments between financial institutions. SWIFT is used by many financial institutions and banks. Unauthorized access and weak security controls allowed the attacker’s malware to send malicious fraudulent messages to the system stating that a US bank needed to settle money from the Bank of Bangladesh to an account in the Philippines. The malware also hampered responsiveness, making it difficult to detect. Technical analysis is performed by the BEA system.
Solution:
SWIFT has issued a patch and will be checking banks for compliance.
Lesson Learned:
Always follow the standards. Authorization checks are very important.
Reference:
https://en.wikipedia.org/wiki/2015%E2%80%932016_SWIFT_banking_hack
