Jump to content

List of cyberattacks

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 115.186.224.234 (talk) at 00:27, 10 December 2015 (Cyberwarfare). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A cyber-attack is any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system.

This article contains a list of cyber-attacks.

Indiscriminate attacks

These attacks are wide-ranging, global and do not seem to discriminate among governments and companies

  • Operation Shady RAT
  • Stuxnet
  • World of Hell
  • Red October, discovered in 2012, was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices.[1]

Destructive attacks

These attacks relate to inflicting damage on specific organizations

Cyberwarfare

These are politically motivated destructive attacks aimed at sabotage and espionage

Government espionage

These attacks relate to stealing information from/about government organizations

Corporate espionage

These attacks relate to stealing data from corporations related to proprietary methods or emerging products/services

Stolen e-mail addresses and login credentials

These attacks relate to stealing login information for specific web resources

  • 2011 PlayStation Network outage, 2011 attack resulting in stolen credentials and incidentally causing network disruption
  • Gawker - in 2010, a band of anonymous hackers has rooted the servers of the site and leaked half a gigabyte's worth of its private data.[8]
  • IEEE - in September 2012, it exposed user names, plaintext passwords, and website activity for almost 100,000 of its members.[9]
  • LivingSocial - in 2014 the company suffered a security breach that has exposed names, e-mail addresses and password data for up to 50 million of its users.[10]
  • RockYou - in 2009, the company experienced a data breach resulting in the exposure of over 32 million user accounts.
  • Yahoo! - in 2012, hackers posted login credentials for more than 453,000 user accounts.[11] Again in January 2013[12] and in January 2014[13]

Stolen credit card and financial data

  • 2014 JPMorgan Chase data breach, allegedly conducted by a group of Russian hackers
  • MasterCard - in 2005, the company announced that up to 40 million cardholders may have had account information stolen due to one of its payment processors being hacked.[14][15][16][17]
  • VISA and MasterCard - in 2012, they warned card-issuing banks that a third-party payments processor suffered a security breach, affecting up to 10 million credit cards.[18][19]
  • Subway - in 2012, two Romanian men admitted to participating in an international conspiracy that hacked into credit-card payment terminals at more than 150 Subway restaurant franchises and stole data for more than 146,000 accounts.[20]
  • StarDust - in 2013, the botnet compromised 20,000 cards in active campaign hitting US merchants.[21]
  • Target - in 2013, approximately 40 million credit and debit card accounts were impacted in a credit card breach.[22][23][24] According to another estimate, it compromised as many as 110 million Target customers.[25]
  • Goodwill Industries - in September 2014, the company suffered from a credit card data breach that affected the charitable retailer’s stores in at least 21 states. Another two retailers were affected.[26][27]
  • Home Depot - in September 2014, the cybercriminals that compromised Home Depot's network and installed malware on the home-supply company's point-of-sale systems likely stole information on 56 million payment cards.[28]
  • By May, three healthcare payer organizations had been attacked in the United States in 2015: Anthem, Premera Blue Cross and CareFirst. The three attacks together netted information on more than 91 million people.[29]

Hacktivism

References

  1. ^ Dan Goodin (January 14, 2013). "Massive espionage malware targeting governments undetected for 5 years". Ars Technica. Retrieved November 8, 2014.
  2. ^ Perloth, Nicole (October 24, 2012). "Cyberattack On Saudi Firm Disquiets U.S." New York Times. pp. A1. Retrieved October 24, 2012.
  3. ^ Dan Goodin (August 16, 2012). "Mystery malware wreaks havoc on energy sector computers". Ars Technica. Retrieved November 8, 2014.
  4. ^ "Iranian Oil Sites Go Offline Amid Cyberattack". The New York Times. April 23, 2012. Retrieved November 8, 2014.
  5. ^ Dan Goodin (August 29, 2012). "The perfect crime: Is Wiper malware connected to Stuxnet, Duqu?". Ars Technica. Retrieved November 8, 2014.
  6. ^ Dan Goodin (May 21, 2013). "Chinese hackers who breached Google reportedly targeted classified data". Ars Technica. Retrieved November 8, 2014.
  7. ^ Dan Goodin (August 9, 2012). "Nation-sponsored malware with Stuxnet ties has mystery warhead". Ars Technica. Retrieved November 8, 2014.
  8. ^ Gawker rooted by anonymous hackers, December 13, 2010, Dan Goodin, The Register, retrieved at 2014-11-08
  9. ^ Dan Goodin (September 25, 2012). "Trade group exposes 100,000 passwords for Google, Apple engineers". Ars Technica. Retrieved November 8, 2014.
  10. ^ Dan Goodin (April 27, 2013). "Why LivingSocial's 50-million password breach is graver than you may think". Ars Technica. Retrieved November 8, 2014.
  11. ^ Dan Goodin (July 12, 2012). "Hackers expose 453,000 credentials allegedly taken from Yahoo service (Updated)". Ars Technica. Retrieved November 8, 2014.
  12. ^ Dan Goodin (January 31, 2013). "How Yahoo allowed hackers to hijack my neighbor's e-mail account (Updated)". Ars Technica. Retrieved November 8, 2014.
  13. ^ Dan Goodin (January 31, 2014). "Mass hack attack on Yahoo Mail accounts prompts password reset". Ars Technica. Retrieved November 8, 2014.
  14. ^ Eric Bangeman (June 20, 2005). "CardSystems should not have retained stolen customer data". Ars Technica. Retrieved November 8, 2014.
  15. ^ "Lost Credit Data Improperly Kept, Company Admits". The New York Times. June 20, 2005. Retrieved November 8, 2014.
  16. ^ Eric Bangeman (June 23, 2005). "Scope of CardSystems-caused credit card data theft broadens". Ars Technica. Retrieved November 8, 2014.
  17. ^ Jonathan M. Gitlin (July 22, 2005). "Visa bars CardSystems from handling any more transactions". Ars Technica. Retrieved November 8, 2014.
  18. ^ Dan Goodin (April 1, 2012). "After the hack: FAQ for breach affecting up to 10 million credit cards". Ars Technica. Retrieved November 8, 2014.
  19. ^ Dan Goodin (March 30, 2012). ""Major" credit-card breach hits Visa, MasterCard (Updated)". Ars Technica. Retrieved November 8, 2014.
  20. ^ Dan Goodin (September 18, 2012). "Two men admit to $10 million hacking spree on Subway sandwich shops". Ars Technica. Retrieved November 8, 2014.
  21. ^ Dan Goodin (December 4, 2013). "Credit card fraud comes of age with advances in point-of-sale botnets". Ars Technica. Retrieved November 8, 2014.
  22. ^ Cyrus Farivar (December 19, 2013). "Secret Service investigating massive credit card breach at Target (Updated)". Ars Technica. Retrieved November 8, 2014.
  23. ^ Dan Goodin (December 20, 2013). "Cards stolen in massive Target breach flood underground "card shops"". Ars Technica. Retrieved November 8, 2014.
  24. ^ Dan Goodin (February 5, 2014). "Target hackers reportedly used credentials stolen from ventilation contractor". Ars Technica. Retrieved November 8, 2014.
  25. ^ Dan Goodin (January 16, 2014). "Point-of-sale malware infecting Target found hiding in plain sight". Ars Technica. Retrieved November 8, 2014.
  26. ^ Sean Gallagher (September 18, 2014). "Credit card data theft hit at least three retailers, lasted 18 months". Ars Technica. Retrieved November 8, 2014.
  27. ^ http://krebsonsecurity.com/2014/07/banks-card-breach-at-goodwill-industries/
  28. ^ Robert Lemos (September 19, 2014). "Home Depot estimates data on 56 million cards stolen by cybercriminals". Ars Technica. Retrieved November 30, 2014.
  29. ^ Dance, Scott (20 May 2015). "Cyberattack affects 1.1 million CareFirst customers". Baltim. Sun.