The end of 2013 is near, so instead of making a review of the most important information security stories of the week, this time we’ll take a look at the top news stories of the year.
Some call him a traitor, others a whistleblower. No matter what you call him, Edward Snowden’s leaks have revealed some interesting and important things about the activities of intelligence agencies, particularly the United States National Security Agency (NSA).
So far, we’ve learned that the NSA and others, such as Britain’s GCHQ, are basically spying on everyone everywhere. Phone calls, emails, and other communications are intercepted by the spy agencies. Of course, they don’t just target individuals, but also major organizations, as we’ve learned in the case of the Belgacom attack.
The journalists who have been covering the Snowden leaks say there’s a lot more to come.
Chinese Cyber Espionage
Chinese hackers, whether they’re sponsored by the government or other entities, have made a lot of headlines.
First, actors that are not necessarily related to the government have shown that they’re highly resourceful when it comes to stealing an organization’s secrets. For instance, the NetTraveler campaign is said to have made over 350 high-profile victims in 40 countries.
When it comes to cyber espionage operations allegedly sponsored by the Chinese government, China always makes the same statement: “we’re not involved, we don’t approve of hacking.”
The most important espionage campaign allegedly run by the Chinese military is APT1, the campaign first analyzed by IT security firm Mandiant. After a while, the Chinese government got sick of simply denying any involvement so it started making accusations of its own.
The Adobe breach, in which around 150 million passwords and source code have been stolen, is probably the biggest hack of the year. While the company says that many of the compromised credentials are associated with invalid or test accounts, there are still a lot of victims.
In late November, weeks after news of the breach surfaced, Adobe still hadn’t notified all the impacted individuals.
Meanwhile, services have been launched to help users determine if their credentials have been compromised.
In the past, experts often warned that ransomware would become more and more popular among cybercriminals. Recently, the emergence of a threat dubbed CryptoLocker has demonstrated just how efficient such malware can be.
CryptoLocker, which is said to have infected at least 250,000 computers, encrypts files and holds them for ransom until a “fine” is paid by the victim. The main problem is that, once the files are encrypted, it’s impossible to recover them, unless the victim has made backups.
Spamhaus DDOS Attack
As far as distributed denial-of-service (DDOS) attacks are concerned, a record has been broken this year. The biggest attack in Internet history, which peaked at around 300 Gbps, was aimed at the systems of Spamhaus. A couple of months later, authorities arrested a man suspected of being responsible for it.
Meanwhile, DDOS attacks are launched not only by hacktivists who want to raise awareness of a certain matter, but also cybercriminals who want to make a profit by extorting organizations, or ones hired to take out the competition.
Syrian Electronic Army Attacks
One of the most well-known hacktivist collectives in the world is undoubtedly the Syrian Electronic Army. The targets of the group, which supports the al-Assad regime, are all entities that speak ill of Syria’s president and the government.
Their list of targets includes media organizations such as Vice, the Global Post, Fox, The New York Times, CNN, The Washington Post, Time, The New York Post, Reuters, Sky News, the Financial Times, and The Associated Press.
They’ve also hacked Barack Obama’s social media accounts, various high-profile websites in Qatar, and companies whose databases stored information valuable to the hacktivists (e.g. Truecaller, Viber, Tango).
US authorities are very concerned about the SEA. The FBI and even the Army have published reports on the group’s activities.
Target Data Breach
Last, but certainly not least, we have the Target breach. 40 million payment cards have been compromised in the incident, and as days go by, it seems to become worse.
For instance, in its latest statement, the retailer has admitted that the hackers also stole PIN data. While the PINs are said to be encrypted, and while the company is confident that the encryption key has not been compromised, at least one major US bank is concerned.