The Biggest Hacks of the 2010s

Many security and hacking researchers play an integral role in fighting fraud. You probably know the names of some of them, like Charlie Miller and Chris Valasek, whose work has helped automakers recognize vulnerabilities in their vehicles’ designs. But there are thousands more people out there who don’t make headlines for their efforts to improve security. We wanted to understand more about these researchers’ findings, so we posed a simple question to them: What’s the biggest or most interesting hack you’ve seen this year?

The Sony Hack

In December 2014, a group going by the name Guardians of Peace claimed credit for hacking into Sony Pictures Entertainment’s network and making off with 100 terabytes of data. They then threatened to release sensitive company information if their demands were not met. The hackers’ high profile quickly led to speculation that North Korea was behind the attack.

The hack highlighted the growing number of cyber-espionage attacks on corporations and some, like former National Security Agency chief Michael Hayden, claimed that this meant we were in a new Cold war. But others argued that the Sony hack was actually about extortion and had more in common with the mafia than countries spying on one another.

The ‘Celebgate’ Hack

In 2014, a group of hackers gained access to more than 100 iCloud accounts and began stealing private photos from prominent celebrities. In September of that year, images stolen from the actresses Jennifer Lawrence, Kirsten Dunst, and Kate Upton were published on websites like Reddit and 4chan.

The FBI launched an investigation into the attack but it had no leads. In June 2015, a 36-year-old Pennsylvania man was charged with hacking and extortion offenses. The accused has pleaded not guilty to the charges.

The Home Depot Hack

In September 2014, US retail giant Home Depot announced that hackers had stolen an estimated 56 million debit and credit card numbers from its database in what was then the biggest data breach in history.

The data was stolen using a variant of the infamous BlackPOS malware that has been responsible for numerous other large-scale thefts, including cyber-attacks on Target and P.F. Chang’s China Bistro in 2013.

Researchers claim they found evidence linking the group behind the attack to Russia’s largest security firm Kaspersky Lab argued in a report published less than a year after the attack that the hackers who attacked Home Depot were likely working at the behest of Russian intelligence.

The Carbanak Hack

In February 2015, security firm Kaspersky Lab revealed details about its investigation into what it called the Carbanak cyber gang. The group of hackers had breached the networks of at least 100 banks in 30 countries, enabling them to transfer more than $1 billion out of the accounts of small-to-medium-sized businesses.

Kaspersky Lab said that it took nearly a year for investigators to piece together what was going on due to the sophistication of the attack, which used spear-phishing emails and malware that evaded antivirus scans.

In May 2015, a suspect believed to have been involved with the Carbanak cyber gang was arrested in Alicante, Spain by local law enforcement officials.

The Spamhaus Attack

In March 2013, the DNS provider EveryDNS was hit by what was then one of the biggest DDoS attacks ever recorded. The target was spam-fighting organization Spamhaus and it nearly overwhelmed the Dutch company’s servers with 300Gbps worth of Web traffic.

A month later CloudFlare reported that had been hit with a similar-sized attack, but that its mitigation techniques had been able to handle the load.

As a result of these attacks and others like them, companies have begun using more intelligent methods to protect their online assets. Just last week, for example, Cisco announced a DDoS protection service designed specifically to help defend against large network-layer attacks.

The Home Depot Hack

In September 2014, US retail giant Home Depot announced that hackers had stolen an estimated 56 million debit and credit card numbers from its database in what was then the biggest data breach in history.

The data was stolen using a variant of the infamous BlackPOS malware that has been responsible for numerous other large-scale thefts, including cyber-attacks on Target and P.F. Chang’s China Bistro in 2013.

Researchers claim they found evidence linking the group behind the attack to Russia’s largest security firm Kaspersky Lab argued in a report published less than a year after the attack that the hackers who attacked Home Depot were likely working at the behest of Russian intelligence.

hack

The Carbanak Hack

In February 2015, security firm Kaspersky Lab revealed details about its investigation into what it called the Carbanak cyber gang. The group of hackers had breached the networks of at least 100 banks in 30 countries, enabling them to transfer more than $1 billion out of the accounts of small-to-medium-sized businesses.

Kaspersky Lab said that it took nearly a year for investigators to piece together what was going on due to the sophistication of the attack, which used spear-phishing emails and malware that evaded antivirus scans.

In May 2015, a suspect believed to have been involved with the Carbanak cyber gang was arrested in Alicante, Spain by local law enforcement officials.

The Spamhaus Attack

In March 2013, the DNS provider EveryDNS was hit by what was then one of the biggest DDoS attacks ever recorded. The target was spam-fighting organization Spamhaus and it nearly overwhelmed the Dutch company’s servers with 300Gbps worth of Web traffic.

A month later CloudFlare reported that had been hit with a similar-sized attack, but that its mitigation techniques had been able to handle the load.

As a result of these attacks and others like them, companies have begun using more intelligent methods to protect their online assets. Just last week, for example, Cisco announced a DDoS protection service designed specifically to help defend against large network-layer attacks.

Nick Martin
Latest posts by Nick Martin (see all)

Leave a Reply

Your email address will not be published.