Dear readers, over the next three posts, we will be short profiling the biggest cyber attacks in history in terms of their harm and financial damage they wrecked. Here is the part two, profiling no.18 to no. 10. So tighten your seat belts and get ready for some surprising facts.
Iran was subjected to cyber attacks on June 2010 when its nuclear facility in Natanz was infected by Stuxnet, a cyber worm that was believed to be a combined effort of Israel and the United States, though no one claimed responsibility for its inception. The worm destroyed Tehran’s 1000 nuclear centrifuges and set back the country’s atomic program by at least two years, as it spread beyond the plant and infected over 60,000 computers as well. The Iranian government was also accused of its own cyber attacks to the United States, Israel and other countries in the Gulf Arabs, including their alleged involvement in the hacking of American banks in 2012.
17. OPI ISRAEL
A coordinated cyber attack by anti-Israel groups and individuals, #opiIsrael is a DDoS assault that was timed for April 7, 2012, the eve of Holocaust Remembrance Day with the aim of erasing Israel from the internet. Websites targeted by these hactivists include financial and business sectors, educational institutions, non-profit organizations, newspapers, and privately-owned businesses in Israel.
16. OPERATION AURORA
Yahoo was also subjected to cyber attacks that originated from China in an action called ‘Operation Aurora.’ This operation was conducted by the Elderwood Group, which was based in Beijing and has ties with the People’s Liberation Army, using advanced persistent threats that began in mid-2009 to December 2009. This was disclosed in a blog posted by Google on January 12, 2010 and has been aimed at a number of organizations besides Yahoo, which also include Rackspace, Juniper Networks and Adobe Systems to gain access and modify their source code repositories.
15. THE SPAMHAUS PROJECT
Considered as the biggest cyber attack in history, Spamhaus, a filtering service used to weed out spam emails, was subjected to cyber attacks wherein home and business broadband router owners became unsuspecting participants when their routers have been threatened. Thousands of Britons used Spamhaus on a daily basis determine whether or not to accept incoming mails. On March 18, 2013, Spamhaus added Cyberbunker to its blacklisted sites and Cyberbunker and other hosting companies retaliated by hiring hackers to put up botnets, which also exploited home and broadband routers, to shut down Spamhaus’ system.
Citigroup, one of the largest financial giants in the world, provides an ample incentive for hackers to organize an attack due to the vast amount of wealth and sensitive information that flows through the company daily. In 2011, over 200,000 customer information from contact details to account numbers were compromised, which resulted in $2.7 million loss for the company.
13. HEARTLAND PAYMENT SYSTEMS
The trusted payment processor Heartland Payment Systems also fell into the trap set by Albert Gonzales of the Shadowcrew fame, which were responsible for phishing out over 100 million individual card numbers, costing Heartland more then $140 million dollars in damages incurred in 2008. Besides the damages incurred, it also besmirched the company’s motto, “The highest standards – The Most Trusted Transactions.” However, this proved to be Gonzales’ last ruse as he was found guilty of his crimes and was sentenced to 20 years in prison.
12. HANNAFORD BROS
In 2007, Hannaford Bros, a grocery retailer, suffered a four-month long breach wherein over 4.2 million credit and debit card numbers and other sensitive data were stolen by a group of hackers that installed malware on the stores’ servers, instead of the company’s databases. This was masterminded by Albert Gonzales, who also hacked TJX, Heartland Payment Systems, BJ’s Wholesale Club, Barnes & Noble, DSW, Boston Market, and Sports Authority. Gonzales was behind the Shadowcrew.com where stolen account numbers and counterfeit documents were auctioned out to the 4,000 users who registered on the site, and also offers tutorials and how-to’s in using cryptography in magnetic strips on credit cards – a virtual playground for thieves.
11. OPERATION SHADY RAT
An ongoing series of cyber attacks that started in mid-2006, Operation Shady Rat have hit at least 72 organizations worldwide including the International Olympic Committee, the United Nations, businesses, and defense contractors. Discovered by Dmitri Alperovitch, Vice President of Threat Research of McAfee in 2011, it was assumed that the People’s Republic of China was behind this. The operation was derived from the common security industry acronym for Remote Access Tool (RAT) and was behind the cyber attack on the 2008 Summer Olympics.
TJX, a Massachusetts-based retailing company and owner of TJ Maxx and Marshalls, was just one of the many retailer companies hacked by Albert Gonzales and a group of hackers from the Shadowcrew. They were able to siphon 45 million credit and debit card information, which they used to fund their million-dollar shopping spree of electronic goods from Wal-Mart. The data breach has resulted in $250 million in damages as Gonzales and 10 of his crew seek their targets while wardriving and looking for vulnerabilities in wireless networks along US Route 1 in Miami.