10 Biggest Hacking Attacks of 2014
It is very difficult to decide whether it was the biggest hacking attack or the worst hacking attack that created a sense of insecurity in the mind of common users, 2014 is about to end (well happy new year and holidays) and the echo of the hacking attack carried out in this year, will be listened in the next year or may be in many years after.
2014 was the year of cyber criminals and hackers, their unstoppable hacking attack has shocked the world's population; from corporate sectors to the famous celebrities; everyone seems to be their target. While writing this article, I am still thinking to rearrange the list of hacking attacks because every attack was a disaster and it is not an easy job to give them a rank.
Heartbleed Bug
Heartbleed was not an actual hacking attack but heartbleed is a bug/vulnerability in the popular OpenSSL software that led many hackers to exploit the servers. Heatbleed was the serious security threat even six months after of its discovery. One the POC of heartbleed is that the hackers exploited it to steal4.5 Million patient records; Community Health Systems, the renowned hospital operator in U.S was the victim of this hacking attack.
Shellshock
ShellShock vulnerability was bigger than HeartBleed Bug. It was affecting Linux and Mac OS X, Shellshock was targeting the kind of machine that runs most of the servers around the globe. Hackers created their botnet that exploited the shellshock vulnerability, some of the famous target was:
- Akamai
- United States Department of Defense
- NAS (network attached storage system)
Neiman Marcus Hack
More than 1.1 million customers were affected in the hack of high-end retailer Neiman Marcus. The sophisticated, self-concealing malware was "clandestinely" installed on the department store operator's system. The software then actively tried to collect or "scrape" payment card data from July 16 to Oct. 30, the company explained.
Ebay
In May, eBay revealed that hackers had managed to steal personal records of 233 million users. The hack took place between February and March, with usernames, passwords, phone numbers and physical addresses compromised. The notorious Syrian Electronic Army had claimed the responsibility of this attack but Ebay or any other authentic source did not confirm it.
South Korea Credit card hack
South Korea credit card hack was the nightmare for the infosec security professionals. Credit card details from almost half of all South Koreans have been stolen and sold to marketing firms. The data was stolen by a computer contractor working for a company called the Korea Credit Bureau that produces credit scores. 20 million South Koreans or 40% of the country's population was the victim of this attack.
Home Depot
The payment system of one of the largest home improvement retailer was hacked, the corporation said that the hacking attack was bigger than the one that struck Target Corp. last year. In addition to the 56 million credit-card accounts that were compromised, Home Depot said around 53 million customer email addresses were stolen as well.
JPMorgan credit card hack
The JPMorgan Chase & Co breach is being called the worst known compromise in history, affecting approximately 76 million households and 7 million small businesses. Contact information, including name, address, phone number and e-mail address, as well as internal JPMorgan Chase information about the users, was compromised.
iCloud Hacks - Celebrities Photos
This is one of the famous hacking attack where hackers have posted the nude pictures of celebrities on the Internet. The privacy of many celebrities were invaded when a hacker obtained personal photographs from various digital devices, and began spreading them across the Internet, all the photographs were stolen from iCloud. Apple said it was a targeted attack and none of the cases they have investigated has resulted from any breach in any of Apple's systems including iCloud(R) or Find my iPhone.
Sony hacks
On November 24, 2014, personally identifiable information about Sony Pictures Entertainment (SPE) employees and their dependents, e-mails between employees, information about executive salaries at the company, copies of unreleased Sony films, and other information, was obtained and released by a hacker group going under the moniker "Guardians of Peace" or "GOP".
Regin
On November, Symantec has discovery piece of software called Regin, which it had found lurking on computers and stealing data in Ireland, Russia, Saudi Arabia and several other countries. Regin may have been created by Western state to spy on governments, it can steal password, take snapshot and even recover the deleted files. Researcher claimed that Regin is more advanced than Stuxnet, which was developed by US and Israel government hackers in 2010 to target the Iranian nuclear programme. The European Union and a Belgian telecommunications company were also the target of Regin.
Cybercrime and hacking attack have reached new heights. At the end of 2014, we should start working to create security awareness in order to prevent the hacking attacks in future. We need more advance protection system and the training to think smarter than hackers; yes we can do this because this is the only option that we have.