It all began with a seemingly innocuous experiment.
In November 1988, Robert Tappan Morris, a graduate student at Cornell University created a self-replicating computer program to ascertain the size of the internet i.e. the number of devices connected to it. The program was supposed to travel from computer to computer and ask each machine to send a signal back to the main server which would keep count.
Sadly, things did not go as planned.
The program encountered an error and morphed into a worm (Morris worm). Before spreading to a machine, the worm checked if the machine was already infected. If it was, the worm would re-infect it 1 in 7 times. This caused many machines to get infected several times. A machine with too many Morris worm processes ran out of computing resources and began to malfunction.
The Morris worm caused denial-of-service (DoS) to 10% of the 60,000 machines on the internet. It took 72 hours for the researchers at Purdue and Berkeley to stop the worm from causing further damage.
Robert Morris was convicted under the 1986 Computer Fraud and Abuse Act and sentenced to three years of imprisonment, 400 hours of community service and a $10,000 fine.
The experiment not only caused widespread damage but also laid the foundation for the distributed denial-of-service attacks we often hear of today.
Cyberwarfare is on an all-time high. Cybercriminals are developing sophisticated methods to target anything ranging from your personal systems to an entire computer network. If recent studies are to be believed, hackers, on an average, attack the internet every 39 seconds.
To paint a better picture of the damage done by cyberattacks, we have compiled a list of some notable cyberattacks that wildfired into worldwide threats. Let us discuss them one by one.
While the cyberattacks date back to 2013-14, it was in September 2016 that Marissa Mayer, then Yahoo CEO announced the company had been the victim of the largest data breach ever in 2014, possibly by a ‘state-sponsored’ actor. The attack exposed the names, email addresses, date of births and telephone numbers of around 500 million users.
A couple of months later in December 2016, Yahoo admitted that in a separate attack in 2013, over 1 billion user accounts were compromised. In addition to names, email addresses, DOBs and telephone numbers, security questions and answers were also compromised this time.
In October 2017, Yahoo revised the estimate, saying all of its 3 billion accounts were compromised in the attacks. In June 2018, Yahoo was eventually sold to Verizon Communications for $4.48 billion. But the disclosure of the breaches did significant damage to Yahoo’s reputation- Yahoo’s sale price was slashed by a whopping $350 million.
In September 2017, Equifax, a noted consumer credit reporting agency, announced something particularly vexing for its customers- an application vulnerability on one of their websites resulted in a massive data breach compromising the data of its American, British and Canadian customers.
The breach exposed the personal data including names, date of births, social security numbers and addresses of 143 million customers in addition to 200,000 credit card numbers.
The breach was discovered in July 2017 but Equifax believed it started as early as mid-May.
Equifax uses an open-source framework Apache Struts for its online disputes web application. In March 2017, the Apache Software Foundation discovered a vulnerability in the application and released information regarding it. Equifax, however, did nothing to patch its system.
Two months after the vulnerability was disclosed, hackers attacked the portal accessing highly sensitive customer information from 51 databases bit by bit in a span of 76 days.
The company’s delay in disclosing the breach drew flak from all quarters. Equifax, however, claimed it needed time to gather information on the extent of damage done.
3) Adult Friend Finder
In what is referred to as the largest data breach of 2016, over 400 million accounts from six databases belonging to FriendFinder Networks Inc. were compromised. FriendFinder is the company that runs some of the most prominent adult-oriented social websites.
The bulk of these accounts came from Adult Friend Finder. The hackers stole 20 years of personal data including names, email addresses and passwords.
It was later discovered that the attackers cashed in on Local File Inclusion (LFI) to implement the breach. LFI is a web application vulnerability that hackers can exploit to read sensitive information and execute system commands remotely.
Interestingly, this was the second time Friend Finder users had their accounts compromised; the first time being in May 2015, when personal information of 4 million accounts was made public on a forum accessible only through Tor.
4) Marriott International
In November 2018, Marriott International, world’s third largest hotel chain, disclosed that hackers had access to the reservation systems of many of its hotel chains since 2014, exposing sensitive information of its 500 million customers.
As per the records, an unauthorized party had accessed the reservation database of Starwood properties (that included several renowned hotel chains) in July 2014 and had been there till the breach was detected.
Marriot acquired Starwood properties in 2016 but kept Starwood’s reservation system separate from its own. As a result, the attack did not affect Marriot’s reservation system.
In addition to personal information, hackers had stolen credit card details of over 100 million customers although it is not certain if the hackers were able to decrypt the card information. The breach was attributed to Chinese intelligence groups seeking to gather data on US citizens.
In May 2014, the e-commerce giant reported a cyberattack that exposed the names, addresses, date of births and passwords of its 145 million users. As per eBay, the attackers cracked some employee login credentials in order to gain access to its corporate network. They had complete inside access for 229 days; during this time they were able to make their way to the customer database.
Thankfully, the breach did not affect the financial information of users as it was stored separately. The cyberattack may have diminished user activity but had little impact on eBay’s earnings.
Discovered in November 2018, the intrusion exposed the user information of 100 million Quora accounts. The compromised data included names, email addresses, encrypted passwords, data imported from other networks, public content and actions (questions, answers, comments and upvotes) as well as non-public content and actions (direct messages, downvotes and answer requests ). Users who had posted anonymously were, however, not affected as the site did not collect data from these users.
According to Quora CEO Adam D’Angelo, the attack happened on account of unauthorized access to one of their systems by a ‘malicious third-party’.
In response to the attack, Quora immediately launched an investigation. As a security measure, it logged out all users and forced all accounts to reset their passwords.
The World Economic Forum (WEF) Global Risk Report considers Aadhaar data breach as the largest in the world. Aadhaar, the Indian government ID database, reportedly suffered multiple breaches that compromised the accounts of its 1.1 billion registered users. It was only in January 2018 that the cybersecurity experts discovered the criminals were selling access to the database at a rate of 500 INR for 10 minutes.
In the period between August 2017 and January 2018, Aadhaar numbers, names, phone numbers and addresses of 1.1 billion registered users were found susceptible to data breach. As per a report by The Tribune, anonymous sellers on WhatsApp were targeting village-level enterprise operators hired by the ministry of electronics and information technology to sell access to UIDAI data.
8) First American Financial Corp.
In what can be considered the biggest breach of 2019, over 800 million mortgage documents were left exposed on account of a vulnerability on First American Financial Corp website that allowed anyone with a web browser to access the documents. First American, an eminent real estate title insurance firm based out of the USA, patched the vulnerability in May 2019 after a real estate developer Ben Shoval discovered the flaw and notified a security researcher Brian Krebs of it.
Before the flaw was fixed, any user with access to the link to any document hosted on the website could change a single digit in the URL and access others’ files. These files did not require a password or any other kind of authentication. These documents included highly sensitive information including bank account numbers and statements, mortgage and tax records, social security numbers and transaction receipts dating all the way back to 2003.
So far, there have not been any reports of hackers accessing and misusing the data for personal gains.
9) Heartland Payment Systems
At the time of breach in 2008, Heartland Payment Systems was a prominent payment processing company that processed over 100 million payment card transactions per month for 175,000 merchants. The breach was identified in January 2009 when Visa and MasterCard notified Heartland of shady transactions from the accounts it had processed.
The breach started with a SQL injection attack in late 2007. The hackers spent months trying to access the payment processing system and eventually installed a spyware program that captured card data as the payments were processed.
The cyberattack had severe consequences. Heartland was considered out of compliance with the Payment Card Industry Data Security Standard and barred from processing payments of prominent credit card merchants till May 2009. The company also paid $145 million in compensation for fraudulent payments.
The perpetrators were eventually apprehended. Albert Gonzalez, a Cuban American along with two Russian accomplices were indicted in 2009. In March 2010, Gonzalez who allegedly masterminded the operation was sentenced to 10 years in federal prison.
10) Target Stores
Target, the US retail giant, suffered a massive data breach in December 2013. The breach exposed the personal data of 70 million customers and banking data of over 40 million customers. The attack was, however, not discovered by Target. It was the US security services that detected some aberrant bank transactions and warned the brand. The hacker group located somewhere in Eastern Europe had accessed Target’s point-of-sale payment card readers through a third-party vendor and collected around 110 million debit and credit card numbers.
The event had repercussions-Target CIO resigned in March 2014, its CEO in May 2014. The cost of the breach was estimated to be around $162 million.
As per Target, it has made significant security improvements since the breach. In 2017, however, a settlement was announced that gave Target 180 days to develop and maintain a comprehensive security system. As per Tom Kellermann, CEO of Strategic Cyber Ventures, the security measures implemented by Target are grossly inadequate and focus more on keeping the attackers out and not on improving response.
Though the breach was first announced in October 2013, Adobe was not aware of the extent of the breach then. The company originally reported that the hackers had stolen nearly 3 million encrypted credit card records in addition to login data for an undetermined number of accounts.
Adobe later discovered that the attackers had accessed usernames and encrypted passwords for over 38 million active users. After several weeks of investigation, it was discovered that the hackers had also stolen customer names, IDs, passwords along with debit and credit card information.
The cyberattack cost Adobe dearly-the company had to pay a whopping $1.1 million as legal fees. An estimated $1 million was paid to users to settle claims of violating the Customer Records Act.
12) Sony’s PlayStation Network
One of the most well-known cyberattacks that wildfired into worldwide threats includes Sony’s PlayStation data breach in April 2011 when the personal data of over 77 million users was compromised. 12 million credit card details were stolen. After the breach was discovered, PlayStation network as well as Sony Entertainment Network was closed for around a month.
The breach compelled Sony to pay 15 million dollars as compensation in addition to hefty legal fees. They also had to refund customers whose bank accounts were illegally used. Like in many other data breaches, the hackers exploited SQL Injection to steal sensitive information. Had Sony been vigilant enough, the breach could have been averted.
In November 2014, one of its subsidiaries Sony Pictures Entertainment was infected by a computer worm. Hackers who identified themselves as ‘Guardians of Peace’ stole 100 terabytes of data from the company including film scripts, emails and personal data of around 47,000 employees.
The attack was linked to the North Korean government who had expressed disapproval over ‘The Interview’, a Sony-backed film centered on an assassination plot against the North Korean leader Kim Jong Un.
In light of the attack, Sony cancelled the broadcast of several films and paid an estimated $8 million as compensation to its employees and former employees.
The Final Word
These breaches show that even the best brands on the planet are vulnerable to cyberattacks. They may have leveraged the latest technologies to secure their data, but hackers always remain a step ahead- they exploit the same technologies to subvert the security mechanisms and misuse the data to their advantage.
In view of these developments, there are certain steps you need to take to minimize security threats:
Use a strong username-password combination for all accounts. Choose a different password for every account.
Delete the accounts you don’t use any longer.
Do not divulge too much personal information on third-party applications.
Seeking secure hosting solutions for your enterprise? We are there to help. At Go4hosting, we offer the best cloud server hosting solutions to safeguard your business from cyberattacks. For details, connect with our cloud experts today.