Data story

#1:  Cyber espionage attacks

Summary:  The major effort attack US and other countries to steal data and IP had catapulted cyber espionage to the top of many companies’ priority list.

Details:  Several countries, notably China, are using cyber espionage to catch up with Western competitors as well as establish military parity.  In a rare interview, SkyNews UK captured on film a Chinese businessman who described how he works with the government to hack his Western competitors:

The conference also highlighted the murky connections between hackers and the Chinese government.

One man who identified himself as a policeman said: “We’re here to see if they have anything we can use. If there is, then we’ll get in touch with them, and take the next step.”

The cost has been tremendous.  In fact, this will likely go down as quote of the year:

Exploitation of sensitive data has generated “the greatest transfer of wealth that’s gone on in history,” Gen. Keith Alexander, chief of U.S. Cyber Command.

Significance:

• Governments, especially China, are living up to their objectives which were outlined in “Unrestricted Warfare” (cover above).  One of the key components of the book was “network warfare.”
• The cost has been tremendous.  The office of Counter Intelligence released a report saying that between $2 and $400 billion in losses occurred due to cyber espionage.  (We detailed this report previously).

#2:  Military and Government Websites Up For Sale

(Click to BIGGIFY).

Summary:  Hacker builds a business on SQL injection vulnerabilities alone.

Details:  Tons of websites were constantly scanned for SQL injection vulnerabilities.  Dozens of sites were exploited and the admin credentials were sold to other hackers.  For example, for the price of an iPad, $499, you could have access to a military website.

Why Significant?  SQL injection has proved to be the costliest, most prevalent vulnerability in history.  This site best illustrates this just how widespread SQL injection has become as a hacker developed a way to monetize the vulnerability.

#3:  Sony

Sony stock performance:  Nov 2010-Nov 2011.

Summary:  Hacktivists broke into Sony worldwide, stealing about 100M data records (about 12M unencrypted).

Details:  Sony’s video game online network was breached which led to the theft of names, addresses and credit card data.

Why Significant? 

• By volume, the largest data breach of the year.
• Has kept a permanent drag on Sony’s stock.
• SQL injection made it onto the agenda of board rooms worldwide.
• This breach forever shifted the purpose of hacktivism from defacement to data theft.  The hacker’s intent wasn’t to embarrass a company, but rather to bring it down.

#4:  Phone Hacking in the UK

Summary:  Reporters from the UK’s News of The World hacked into the voicemail of several people, including a murder victim, to gather information.

Details:  http://en.wikipedia.org/wiki/News_International_phone_hacking_scandal

Why Significant?  Insiders became hackers and brought down a newspaper and seriously damaged the News Corporation.  More importantly, this episode showed how hacking becomes part of our everyday lives–reminding us that hacking doesn’t require strong knowledge of computer systems.

#5: PBS

Summary: Hacktivists broke into the PBS website and exposed thousands of usernames and passwords as well as defaced the news site, resurrecting dead rapper Tupak Shakur.

Details: Imperva has dissected this breach when it happened.

Why Significant: Brought hacktivism to the media, hacking wasn’t just a “corporate” issue anymore. Anyone could be a target. After this event, hacktivism was no longer a temporary blip on the radar, it became something that had staying power.  Anonymous was anything but.

Why Significant:

• Another example of automated Facebook hacking.
• Highlights the weaknesses in Facebook defenses.  In this case, “the defense known as the Facebook Immune System, which is designed to automatically flag fake profiles, did little to thin the army of socialbots used in the study. While about 20 percent of them were blocked, the closures were the result of feedback from other users who reported spam.”

#8:  Cyworld

Summary:  About 35M records were taken from South Korea’s largest social networking site.

Details: The records taken included phone numbers, email addresses, names and encrypted information about the sites’ members.  It is believed a foreign government took the data.

Why Significant:  This breach highlights what a significant data repository social networking has become.  In this case, it is presumed that a foreign government found the data useful enough to take it all. What does this say about Facebook’s value to government and private hackers?

#9:  300,000 Medical Records Put Online

Summary:  About 300,000 detailed medical records sat on the Internet unsecured for several months.

Details:  Insurance forms, Social Security numbers and doctors’ notes. Among the files were summaries that spelled out, in painstaking detail, a trucker’s crushed fingers, a maintenance worker’s broken ribs and one man’s bout with sexual dysfunction.

Why Significant: This is significant for several reasons:

• Highlights the persistent interest in taking medical records.  According to Privacy Clearinghouse, medical records are a consistent “favorite” every year for hackers and insiders.
• This breach illustrates how to use medical records:
  • Criminals:  Blackmail and public humiliation.
  • Noncriminals:  “The information can also be used by insurance companies to inflate rates, or by employers to deny job applicants.”
• Foreshadows issues with broader digitization of electronic health records.  Obamacare requires digital health records by 2014–but are we ready from a security standpoint?

http://blog.imperva.com/2011/11/top-11-data-breaches-from-2011-9.html