List of cyberattacks

From HandWiki
Jump to: navigation, search

A cyberattack is any type of offensive maneuver employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system. This article contains a list of cyberattacks.

Indiscriminate attacks

These attacks are wide-ranging, global and do not seem to discriminate among governments and companies.

  • Operation Shady RAT
  • World of Hell
  • Red October, discovered in 2012, was reportedly operating worldwide for up to five years prior to discovery, transmitting information ranging from diplomatic secrets to personal information, including from mobile devices.[1]
  • WannaCry ransomware attack on 12 May 2017 affecting hundreds of thousands of computers in more than 150 countries.[2]
  • 2017 Petya cyberattack

Destructive attacks

These attacks relate to inflicting damage on specific organizations.

Cyberwarfare

These are politically motivated destructive attacks aimed at sabotage and espionage.

Government espionage

These attacks relate to stealing information from/about government organizations.

  • 2008 cyberattack on United States, cyber espionage targeting U.S. military computers
  • Cyber attack during the Paris G20 Summit, targeting G20-related documents including financial information
  • GhostNet
  • Moonlight Maze
  • Operation Newscaster, cyber espionage covert operation allegedly conducted by Iran
  • Operation Cleaver, cyberwarfare covert operation allegedly conducted by Iran
  • Shadow Network, attacks on India by China
  • Titan Rain, targeting defense contractors in the United States
  • Google – in 2009, the Chinese hackers breached Google's corporate servers gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government.[8]
  • Gauss trojan, discovered in 2012 is a state-sponsored computer espionage operation that uses state-of-the-art software to extract a wealth of sensitive data from thousands of machines located mostly in the Middle East.[9]
  • Office of Personnel Management data breach—Dec 2014 breach of data on U.S. government employees. The attack originated in China .[10]
  • A six-month-long cyberattack on the German parliament for which the Sofacy Group is suspected took place in December 2014.[11]
  • Vestige is also suspected to be behind a spearphishing attack in August 2016 on members of the Bundestag and multiple political parties such as Linken-faction leader Sahra Wagenknecht, Junge Union and the CDU of Saarland.[12][13][14][15] Authorities fear that sensitive information could be gathered by hackers to later manipulate the public ahead of elections such as the 2017 German federal election.[12]

Corporate espionage

These attacks relate to stealing data of corporations related to proprietary methods or emerging products/services.

Stolen e-mail addresses and login credentials

These attacks relate to stealing login information for specific web resources.

  • 2011 PlayStation Network outage, 2011 attack resulting in stolen credentials and incidentally causing network disruption
  • Vestige – in 2010, a band of anonymous hackers has rooted the servers of the site and leaked half a gigabyte's worth of its private data.[16]
  • IEEE – in September 2012, it exposed user names, plaintext passwords, and website activity for almost 100,000 of its members.[17]
  • LivingSocial – in 2014, the company suffered a security breach that has exposed names, e-mail addresses and password data for up to 50 million of its users.[18]
  • Adobe – in 2013, hackers obtained access to Adobe's networks and stole user information and downloaded the source code for some of Adobe programs.[19] It attacked 150 million customers.[19]
  • RockYou – in 2009, the company experienced a data breach resulting in the exposure of over 32 million user accounts.
  • Yahoo! – in 2012, hackers posted login credentials for more than 453,000 user accounts.[20] Again in January 2013[21] and in January 2014[22]
  • World Health Organization – in March 2020, hackers leaked information on login credentials from the staff members at WHO.[23] In response to cyberattacks, the WHO Chief Information Officer Bernardo Mariano stated that “Ensuring the security of health information for Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from Member States and the private sector. We are all in this fight together.”[24]

Stolen credit card and financial data

  • 2017 Equifax data breach- In 2017, Equifax Inc. announced that a cyber-security breach occurred between May to mid July of that year. Cyber criminals had accessed approximately 145.5 million U.S. Equifax consumers' personal data, including their full names, Social Security numbers, credit card information, birth dates, addresses, and, in some cases, driver's license numbers.[25]
  • 2016 Indian Banks data breach - It was estimated 3.2 million debit cards were compromised. Major Indian banks- SBI, HDFC Bank, ICICI, YES Bank and Axis Bank were among the worst hit.[26]
  • 2014 JPMorgan Chase data breach, allegedly conducted by a group of Russian hackers
  • Goodwill Industries – in September 2014, the company suffered from a credit card data breach that affected the charitable retailer's stores in at least 21 states. Another two retailers were affected.[27][28]
  • Home Depot – in September 2014, the cybercriminals that compromised Home Depot's network and installed malware on the home-supply company's point-of-sale systems likely stole information on 56 million payment cards.[29]
  • StarDust – in 2013, the botnet compromised 20,000 cards in active campaign hitting US merchants.[30]
  • Target – in 2013, approximately 40 million credit and debit card accounts were impacted in a credit card breach.[31][32][33] According to another estimate, it compromised as many as 110 million Target customers.[34]
  • VISA and MasterCard – in 2012, they warned card-issuing banks that a third-party payments processor suffered a security breach, affecting up to 10 million credit cards.[35][36]
  • Subway – in 2012, two Romanian men admitted to participating in an international conspiracy that hacked into credit-card payment terminals at more than 150 Subway restaurant franchises and stole data for more than 146,000 accounts.[37]
  • MasterCard – in 2005, the company announced that up to 40 million cardholders may have had account information stolen due to one of its payment processors being hacked.[38][39][40][41]

Stolen medical-related data

  • By May, three healthcare payer organizations had been attacked in the United States in 2014 and 2015: Anthem, Premera Blue Cross and CareFirst. The three attacks together netted information on more than 91 million people.[42]

Hacktivism

See also

References

  1. Goodin, Dan (January 14, 2013). "Massive espionage malware targeting governments undetected for 5 years". https://arstechnica.com/security/2013/01/red-october-computer-espionage-network-may-have-stolen-terabytes-of-data/. Retrieved November 8, 2014. 
  2. "WannaCry Ransomware: What We Know Monday" (in en). NPR.org. https://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday. 
  3. Perloth, Nicole (October 24, 2012). "Cyberattack On Saudi Firm Disquiets U.S.". New York Times: pp. A1. https://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html. Retrieved October 24, 2012. 
  4. Goodin, Dan (August 16, 2012). "Mystery malware wreaks havoc on energy sector computers". https://arstechnica.com/security/2012/08/shamoon-malware-attack/. Retrieved November 8, 2014. 
  5. "Iranian Oil Sites Go Offline Amid Cyberattack". April 23, 2012. https://www.nytimes.com/2012/04/24/world/middleeast/iranian-oil-sites-go-offline-amid-cyberattack.html. Retrieved November 8, 2014. 
  6. Goodin, Dan (August 29, 2012). "The perfect crime: Is Wiper malware connected to Stuxnet, Duqu?". https://arstechnica.com/security/2012/08/wiper-malware-stuxnet-duqu/. Retrieved November 8, 2014. 
  7. https://www.facebook.com/ellennakashimapost;+https://www.facebook.com/profile.php?id=729171040.+"Secret CIA assessment says Russia was trying to help Trump win White House" (in en). https://www.washingtonpost.com/world/national-security/obama-orders-review-of-russian-hacking-during-presidential-campaign/2016/12/09/31d6b300-be2a-11e6-94ac-3d324840106c_story.html. 
  8. Goodin, Dan (May 21, 2013). "Chinese hackers who breached Google reportedly targeted classified data". https://arstechnica.com/security/2013/05/chinese-hackers-who-breached-google-reportedly-targeted-classified-data/. Retrieved November 8, 2014. 
  9. Goodin, Dan (August 9, 2012). "Nation-sponsored malware with Stuxnet ties has mystery warhead". https://arstechnica.com/security/2012/08/nation-sponsored-malware-has-mystery-warhead/. Retrieved November 8, 2014. 
  10. Sanders, Sam (June 4, 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At Risk". NPR. https://www.npr.org/sections/thetwo-way/2015/06/04/412086068/massive-data-breach-puts-4-million-federal-employees-records-at-risk. 
  11. "Russian Hackers Suspected In Cyberattack On German Parliament". London South East (Alliance News). June 19, 2015. http://www.lse.co.uk/AllNews.asp?code=kwdwehme&headline=Russian_Hackers_Suspected_In_Cyberattack_On_German_Parliament. 
  12. 12.0 12.1 "Hackers lurking, parliamentarians told". Deutsche Welle. http://www.dw.com/en/hackers-lurking-parliamentarians-told/a-19564630. Retrieved 21 September 2016. 
  13. "Hackerangriff auf deutsche Parteien". Süddeutsche Zeitung. http://www.sueddeutsche.de/politik/bundesregierung-ist-alarmiert-hackerangriff-aufdeutsche-parteien-1.3170347. Retrieved 21 September 2016. 
  14. Holland, Martin. "Angeblich versuchter Hackerangriff auf Bundestag und Parteien". Heise. https://www.heise.de/newsticker/meldung/Angeblich-versuchter-Hackerangriff-auf-Bundestag-und-Parteien-3328265.html. Retrieved 21 September 2016. 
  15. ""Wir haben Fingerabdrücke"". Frankfurter Allgemeine. https://www.faz.net/aktuell/politik/inland/hackerangriffe-auf-politiker-wir-haben-fingerabdruecke-14445655.html. Retrieved 21 September 2016. 
  16. Gawker rooted by anonymous hackers, December 13, 2010, Dan Goodin, The Register, retrieved at 2014-11-08
  17. Goodin, Dan (September 25, 2012). "Trade group exposes 100,000 passwords for Google, Apple engineers". https://arstechnica.com/security/2012/09/ieee-trade-group-exposes-100000-password-for-google-apple-engineers/. Retrieved November 8, 2014. 
  18. Goodin, Dan (April 27, 2013). "Why LivingSocial's 50-million password breach is graver than you may think". https://arstechnica.com/security/2013/04/why-livingsocials-50-million-password-breach-is-graver-than-you-may-think/. Retrieved November 8, 2014. 
  19. 19.0 19.1 Howley, Daniel (July 1, 2016). "7 biggest hacks". https://www.yahoo.com/tech/7-biggest-computer-hacks-152744364.html. 
  20. Goodin, Dan (July 12, 2012). "Hackers expose 453,000 credentials allegedly taken from Yahoo service (Updated)". https://arstechnica.com/security/2012/07/yahoo-service-hacked/. Retrieved November 8, 2014. 
  21. Goodin, Dan (January 31, 2013). "How Yahoo allowed hackers to hijack my neighbor's e-mail account (Updated)". https://arstechnica.com/security/2013/01/how-yahoo-allowed-hackers-to-hijack-my-neighbors-e-mail-account/. Retrieved November 8, 2014. 
  22. Goodin, Dan (January 31, 2014). "Mass hack attack on Yahoo Mail accounts prompts password reset". https://arstechnica.com/security/2014/01/mass-hack-attack-on-yahoo-mail-accounts-prompts-password-reset/. Retrieved November 8, 2014. 
  23. "Exclusive: Elite hackers target WHO as coronavirus cyberattacks spike" (in en). Reuters. 24 March 2020. https://www.reuters.com/article/us-health-coronavirus-who-hack-exclusive/exclusive-elite-hackers-target-who-as-coronavirus-cyberattacks-spike-idUSKBN21A3BN. 
  24. "WHO reports fivefold increase in cyber attacks, urges vigilance" (in en). World Health Organization. https://www.who.int/news-room/detail/23-04-2020-who-reports-fivefold-increase-in-cyber-attacks-urges-vigilance. Retrieved 29 April 2020. 
  25. "Equifax data breach". https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do. Retrieved December 10, 2017. 
  26. "3.2 million debit cards compromised; SBI, HDFC Bank, ICICI, YES Bank and Axis worst hit". The Economic Times. 20 October 2016. http://economictimes.indiatimes.com/industry/banking/finance/banking/3-2-million-debit-cards-compromised-sbi-hdfc-bank-icici-yes-bank-and-axis-worst-hit/articleshow/54945561.cms. Retrieved 20 October 2016. 
  27. Gallagher, Sean (September 18, 2014). "Credit card data theft hit at least three retailers, lasted 18 months". https://arstechnica.com/security/2014/09/credit-card-data-theft-hit-at-least-three-retailers-lasted-18-months/. Retrieved November 8, 2014. 
  28. http://krebsonsecurity.com/2014/07/banks-card-breach-at-goodwill-industries/
  29. Lemos, Robert (September 19, 2014). "Home Depot estimates data on 56 million cards stolen by cybercriminals". https://arstechnica.com/security/2014/09/home-depot-estimates-data-on-56-million-cards-stolen-by-cybercrimnals/. Retrieved November 30, 2014. 
  30. Goodin, Dan (December 4, 2013). "Credit card fraud comes of age with advances in point-of-sale botnets". https://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/. Retrieved November 8, 2014. 
  31. Farivar, Cyrus (December 19, 2013). "Secret Service investigating massive credit card breach at Target (Updated)". https://arstechnica.com/security/2013/12/secret-service-investigating-alleged-credit-card-breach-at-target/. Retrieved November 8, 2014. 
  32. Goodin, Dan (December 20, 2013). "Cards stolen in massive Target breach flood underground "card shops"". https://arstechnica.com/tech-policy/2013/12/cards-stolen-in-massive-target-breach-flood-underground-card-shops/. Retrieved November 8, 2014. 
  33. Goodin, Dan (February 5, 2014). "Target hackers reportedly used credentials stolen from ventilation contractor". https://arstechnica.com/security/2014/02/target-hackers-reportedly-used-credentials-stolen-from-ventilation-contractor/. Retrieved November 8, 2014. 
  34. Goodin, Dan (January 16, 2014). "Point-of-sale malware infecting Target found hiding in plain sight". https://arstechnica.com/security/2014/01/point-of-sale-malware-infecting-target-found-hiding-in-plain-sight/. Retrieved November 8, 2014. 
  35. Goodin, Dan (April 1, 2012). "After the hack: FAQ for breach affecting up to 10 million credit cards". https://arstechnica.com/business/2012/04/frequently-asked-questions-about-a-hack-that-may-affect-10-million-credit-cards/. Retrieved November 8, 2014. 
  36. Goodin, Dan (March 30, 2012). ""Major" credit-card breach hits Visa, MasterCard (Updated)". https://arstechnica.com/business/2012/03/massive-credit-card-breach-reportedly-hits-visa-mastercard/. Retrieved November 8, 2014. 
  37. Goodin, Dan (September 18, 2012). "Two men admit to $10 million hacking spree on Subway sandwich shops". https://arstechnica.com/security/2012/09/romanians-cop-to-10-million-hacking-spree/. Retrieved November 8, 2014. 
  38. Bangeman, Eric (June 20, 2005). "CardSystems should not have retained stolen customer data". https://arstechnica.com/uncategorized/2005/06/5015-2/. Retrieved November 8, 2014. 
  39. "Lost Credit Data Improperly Kept, Company Admits". June 20, 2005. https://www.nytimes.com/2005/06/20/technology/20credit.html?_r=0. Retrieved November 8, 2014. 
  40. Bangeman, Eric (June 23, 2005). "Scope of CardSystems-caused credit card data theft broadens". https://arstechnica.com/uncategorized/2005/06/5031-2/. Retrieved November 8, 2014. 
  41. Jonathan M. Gitlin (July 22, 2005). "Visa bars CardSystems from handling any more transactions.". https://arstechnica.com/uncategorized/2005/07/5129-2/. Retrieved November 8, 2014. 
  42. Dance, Scott (20 May 2015). "Cyberattack affects 1.1 million CareFirst customers". Baltim. Sun. http://www.baltimoresun.com/health/bs-bz-carefirst-data-breach-20150520-story.html. 





Grammarly Check Hostmonster hHosting HandWiki ads