The unequal evolution of hacking and security.
Remember the days when a team devoted to nothing other than protecting our identities and credit card information was more than sufficient security? When Sony’s data banks were impenetrable, the government’s websites were unassailable and everything on our phones was ours alone as long as it was safe and sound in your pocket? That faraway time known as … June? Here’s a look at the largest and most overt hacks of the last year.
In the last few months, Sony has been hacked 3 times with a grand total of around 100 million users’ personal information and credit card information compromised. The most recent intrusion cost them 93,000 Playstation Network accounts due to frustrated users turning off their services. At one point, the Playstation Network, the online interface central to the Playstation 3’s function, was down for almost two months.
The U.S. Senate
In June, the hacker group that continually harassed Sony (Lulzsec) broke into the Senate’s website and posted some of the Senate’s internal data on a public site. Luckily, the data was reportedly not especially sensitive. The Senate deputy at arms made the statement, "Although this intrusion is inconvenient, it does not compromise the security of the Senate's network, its members or staff, specifically, there is no individual user account information on the server supporting Senate.gov that could have been compromised."
A Nuclear Power Plant
Late last year a mysterious virus was found in the computer system of an Iranian government nuclear power plant. Initial confusion stirred over the fact that the computer network within the power plant was not connected to the Internet. Fortunately, the network was entirely isolated. Apparently, the Stuxnet worm was released to thousands of computers in the power plant, at first doing nothing but eventually making its way toward systems that control power grids. Some claimed it was the most sophisticated piece of malware ever created. It was suggested that no non-governmental organization could have created the worm and that several might have had to work in collaboration to accomplish it. The reported purpose of the worm was to cause issues with the workings of power plants in such a subtle way that the staff would believe everything was functioning properly, while the worm would send out false information to confirm it.
In June, Citi announced that it had discovered a breach in their security in May, waiting weeks before informing their customers. Over 200,000 accounts were compromised, although the credit cards numbers and social security numbers were apparently not touched. Citi coughed up 2 million dollars when they had to order new credit cards for 100,000 members.
International Monetary Fund
The IMF was apparently the target of a “spear phishing” attack, which sends emails with infected links to specific people while under the guise of their email contacts. The extent of the breach wasn’t specified, but the IMF believes the attack could have come from a nation state.
And Last But Not Least
Operation Payback was a series of hacks throughout 2010, starting with attacks on various organizations attempting to take down or sue the torrenting website The Pirate Bay. This soon evolved into attacks on companies that refused to process donations for the notorious Wikileaks website, starting with Mastercard, then Visa, then Amazon (who claimed their site failure was due to a power outage). Operation Payback systematically took down each site with denial of service attacks (DDoS).
Be Aware, Be Cautious, React Quickly
While it is increasingly difficult to keep up with hackers, know that there are things you can do to either prevent, or put a stop to the theft of your identity. Being aware that these things are happening is a huge part of prevention. If you are abreast of recent hacking threats, you can more quickly respond to them. Take the initiative if a company that holds your information has been compromised. Call your bank and ask them if they know about the breach, and tell them to be more zealous about monitoring your account activity.