Although most hackers are amateur hobbyists, some hackers do not cause generally terrible damage and cause economic and emotional damage. Victim companies lose millions in repair and restitution costs; Victims lose their jobs, their bank accounts, and even their relationships.
What are some examples of large-scale hacks that wreaked havoc? What are the biggest hacks in history?
By 'bigger' I mean 'more damaging'. This is a list of notable hacks from the last 20 years. As you read this list, you'll no doubt re-examine your own passwords.
1. Ashley Madison Hack 2015: 37 million users
The Impact Team hacking group broke into Avid Life Media's servers and copied the personal data of 37 million Ashley Madison users. The hackers then revealed this information to the world through various websites.
This hack is memorable not only because of the high publicity of the impact, but because the hackers also gained some fame as vigilantes.
2. The Conficker worm 2008: Still infecting a million computers per year
While this resilient malware program has not caused irreparable damage, this program refuses to die; It is hidden and then vilely copied to other machines. Even more alarming, this worm continues to open backdoors for future hackers to break into infected machines.
The Conficker worm program (also known as the “Downadup” worm) replicates across all computers. It hides to a) turn your computer into a zombie bot to send spam, or b) read credit card numbers and passwords through a keylogger, and transmit said data to programmers.
Conficker/Downadup is a very smart computer program. In self-defense, disable antivirus software.
Conficker is notable due to its recoverability and reach; It still travels all over the Internet 8 years after its discovery.
3. Stuxnet Worm 2010: Iran Nuclear Program Blocked
A worm program that was less than a megabyte in size was released into Iran's nuclear refinery plants. Once there, he secretly took over Siemens' SCADA control systems. This cunning worm sent more than 5000 of the 8800 uranium centrifuges spinning out of control, then suddenly stopped and then restarted, all the while reporting that everything was fine.
This chaotic manipulation went on for 17 months, secretly ruining thousands of uranium samples, and causing staff and scientists to doubt their own work. During all that time, no one knew that they were being deceived and at the same time were being vandalized.
This devious and silent attack caused far more damage than simply destroying the refining centrifuges; The worm led thousands of specialists astray for a year and a half, spending thousands of hours of work and millions of dollars on uranium resources.
The worm was named 'Stuxnet', a keyword that was found in the internal comments of the code.
This hack is memorable: a nuclear program of a country that has been in conflict with other world powers and the US was attacked; He also deceived all nuclear personnel for a year and a half, as he carried out his unpleasant acts in secret.
4. Home Depot Hack 2014: More than 50 million credit cards
By exploiting a password from one of its store clerks, Home Depot hackers achieved the largest retail credit card breach in human history. Through careful tinkering with Microsoft's operating system, these hackers managed to penetrate the servers before Microsoft could patch the vulnerability.
Once they broke into the first Home Depot store near Miami, the hackers made their way across the continent. They secretly observed the checkout operations of more than 7000 of Home Depot's self-service checkout and shipping registers. They collected credit card numbers every time customers paid for their purchases at Home Depot.
This hack is worth mentioning as it went against a monolithic corporation and millions of trusted customers.
5. Spamhaus 2013: the largest DDoS attack in history
A denial of service attack is a flood of data. Using dozens of hijacked computers that repeat signals at high speed and volume, hackers flood and overload computer systems on the Internet.
In March 2013, this particular DDoS attack was large enough that it slowed down the entire Internet across the planet, shutting it down completely in many places for hours in some places.
The authors used hundreds of DNS servers to 'mirror' signals repeatedly, amplifying the flooding effect and sending up to 300 gigabits per second of flooding data to each server on the network.
The target at the center of the attack was Spamhaus, a nonprofit professional protection service that tracks and blacklists spammers and hackers. Spamhaus' servers, along with dozens of other exchange servers were flooded in this 2013 DDoS attack.
This DDoS hack is notable because of the magnitude of its repetition brute force: it overloaded Internet servers with a volume of data that had never been seen before.
6. eBay Hack 2014: 145 million users
Some people say this is the worst violation of public trust in online retail. Others say it was not so harsh because only personal data was breached, not financial information.
Whichever way you choose to measure the severity of this incident, millions of online shoppers have had their password-protected data compromised.
This hack is particularly memorable because it was very public, and because eBay was shown to be a very weak company in security due to its slow and lackluster response to the public.
7. JPMorgan Chase Hack, 2014: (76 + 7) million accounts
In mid-2014, suspected Russian hackers broke into the largest bank in the US and breached 7 million small business accounts and 76 million personal accounts. Hackers infiltrated all 90 JPMorgan Chase server computers and viewed account holders' personal information.
Interestingly, no money was stolen from these account holders. JPMorgan Chase is not willing to share all the results of its internal investigation. What they say is that the hackers stole contact information, such as names, addresses, email addresses, and phone numbers. They claimed there is no evidence of access to account numbers or passwords.
This hack is notable because it perpetuated people's vital information where they store their money.
8. The Melissa 1999 virus: 20% of the world's computers Infected
A New Jersey man released this Microsoft virus onto the Web, where it penetrated Windows computers. The Melissa virus posed as a Microsoft Word attachment with a note “Important message from [X person].” Once the user clicked on the attachment, Melissa would activate and instruct the resident Microsoft Office machine to send a copy of the virus as a mass email to the first 50 people in the user's address book.
The virus itself did not destroy files or steal passwords or information; rather, their goal was to flood email servers with pandemic-like emails.
In fact, Melissa shut down some businesses for days as network technicians rushed to clean their systems and purge the virus.
This virus/hack is notable because it took advantage of people's gullibility and the weakness of the current state of antivirus scanners on corporate networks. It also left Microsoft Office as a vulnerable system.
9. LinkedIn 2016: 164 million accounts
In a very small breach that took four years to reveal, the social media giant admits that the passwords and login details of 117 million of its users were stolen in 2012, then sold on the digital black market. in 2016.
The reason this hack is significant is because of the time it took the company to realize the damage suffered by the hack. Four years is a long time to find out you've been robbed.
10. Anthem Health Care Hack 2015: 78 million users
The second largest health insurer in the US even had its databases compromised through a covert attack that spanned weeks. The details of the penetration of this attack were not voluntarily clarified by Anthem, but they do state that no medical information was stolen, only contact information and login information.
No damage has been identified so far by any of the users involved. Experts predict that the information will one day be sold on online internet black markets.
In response to this, Anthem is providing free credit monitoring to its members. Anthem is also considering encryption of all data for the future.
The Anthem hack is memorable for its optics: another monolithic corporation that fell victim to a few clever computer programmers.