Here we are, one year older and one year wiser when it comes to cyber security software, but unfortunately it seems those who mean to undermine cyber security systems have also grown. While there seemed to be a lot more high profile attacks on government and private business in 2011, those that took place in 2012 were no fewer in number and no less malicious, while affecting just about every industry including government, banking and finance, social networks and even security companies themselves. Each of these breaches underscores the increased need for IT cyber security software audit controls to combat and detect cyber security threats.
Let’s take a look back at some of the bigger cyber security threats of 2012:
- Anonymous Attacks… Everything: the hacker group Anonymous did not rest on its "laurels" from 2011. After two dozen hacks were attributed to the group last year including highly-publicized ones on Sony, Bank of America and Facebook, the group spent a good deal of its time this year attacking government agencies. Attributed to Anonymous this year were takedowns of websites belonging to the Boston (MA) Police Department, the Vatican, the Chinese government, the CIA and accessing the email system of the government of Syria. But its efforts weren’t only aimed at government agencies. Anonymous breached the membership database of the Westboro Baptist Church on two separate occasions and on one of those occasions distributed the personal information of its members, while in a similarly politically motivated attack it stole more than five million emails from the private intelligence firm Statfor and handed them over to the whistle-blowing site, Wikileaks.
- Government Won’t be Outdone: While Anonymous set its sights largely on governments this year, the fear of conspiracy-theorists around the globe came to fruition in May when the government of the United Kingdom was forced to admit that nearly 1,000 civil servants had accessed personal social security records without proper authority. The unauthorized accesses dated back to 2010 according to the information released.
- Mac Attack: Malware-averse Macs were introduced to an eye-opening infection this year via the Flashback Trojan. More than 600,000 Mac machines were reported to have been infected by Flashback which stole user passwords and data through web browsers and Internet applications such as Skype. One characteristic of Flashback that made it more virulent than most Trojans is that it was known to have self-installed, without any human user intervention. Later in the year, Apple suffered yet another breach when the UDID codes for the company’s iOS 6, which are used by developers for analytics, were stolen by Anonymous from a company in Florida and leaked on the Web. Undaunted, Apple released iOS 6 a few weeks later, but sans the UDID codes.
- Zappos Gets Zapped: Amazon.com-owned retailer, Zappos, suffered what may have been the largest breach of an online consumer site this year with over 24 million users affected. In the hack, an internal network server was compromised leaving vulnerable customer account information, including email addresses and the last four-digits of credit card numbers. The attack then also scrambled passwords of users to cover their tracks.
- DNSChanger Dud: Sometimes malware doesn’t even need to follow through with its malicious intent to create havoc. DNSChanger malware reportedly had taken hold of more than 45,000 computers worldwide before it was detected. Its "claim to infamy" was that it would change the DNS settings of the computers on which it resided and then publish advertisements that generated revenue for the perpetrators of the malware attack. DNSChanger also reportedly had the ability to kill a system’s access to the Web if the malware network were to be shut down, a threat that caused Facebook and Google to join in on alerting their users to the potential dangers. In the end, no Web access was lost as a result of DNSChanger and disaster was averted, but it did use up significant resources in ensuring it would not live up to its claims.
- Norton Source Code Theft: In January, cyber security software giant Symantec confirmed that versions of its source code had been stolen and that its own servers were breached back in 2006. The thefts meant that source code for a spate of security applications — including Norton Antivirus Corporate Edition, Norton Internet Security, pcAnywhere, and Norton GoBack had been compromised.
- Stuxnet Continues: Although its origins date back a couple of years, the Stuxnet worm this year was reported to have been launched against Iran’s nuclear facility, bringing down its network and causing a mini-meltdown. Stuxnet also spawned a new variant this year known as Flame, which has been blamed for nearly two-thirds of network malware infections in the Middle East this year.
- Master Mess for MasterCard and Visa: In March, more than 1.5 million credit and debit card owners had their credit card numbers exposed in a breach at payments processor Global Payments. It turned out that only the card numbers were exposed; no names or social security numbers were affected, thereby rendering the credit card numbers more or less useless to the hacker. Nevertheless, Global Payments got hit with a remediation price tag of $84 million.
- Pass the Password: Within a few days of each other in June, LinkedIn, eHarmony and online social music network Last.fm were all hit by breaches in which user passwords were stolen. In the LinkedIn attack, nearly 6.5 million passwords were stolen, while 1.5 million were stolen from eHarmony. Even though the LinkedIn passwords were stolen in their hashed format, readily-available password cracking tools were able to easily crack over a million of the passwords thus showing the ongoing apathy toward password management. The company spent $1 million to rectify the problem and another $3 million to upgrade its cyber security efforts. Both companies promptly issued password reset emails to their customers. These breaches were followed in July by a SQL-injection hack of Yahoo’s password database in which hackers downloaded 450,000 login credentials. While the attackers in the Yahoo case released that they meant the hack as a "wake up call" for Yahoo’s security measures, the attack led to Yahoo being sued for negligence. The Yahoo and Google password breaches would later be blamed for public cloud storage provider Dropbox getting hacked in August for the second time in two years.
- Inside Jobs: Not all of the year’s high-profile breaches were perpetrated by Anonymous or other outsiders. In a number of cases, insiders were responsible for perpetrating the crime. Leading among the insider breaches was the theft of literally terabytes of classified information from the Swiss intelligence agency, NDB. NDB’s theft was about as low-tech as one gets — a disgruntled employee walked out with multiple hard drives containing the information. Switzerland wasn’t the only government affected by an inside job. In South Carolina, 3.6 million Social Security numbers and nearly 400,000 credit and debit card numbers belonging to state residents were stolen by gaining insider access to the state’s Department of Revenue’s systems through employee login credentials. The breach has already cost the state more than $14 million in reparations and that figure continues to rise. Meanwhile, on the retail side, at 63 of more than 700 stores owned by book-selling giant Barnes and Noble rogue pin pads were discovered, which enabled thieves to access not only credit and debit card numbers of the company’s customers, but also the pin numbers associated with those card numbers. All of the inside jobs reinforce the need for increased identity and access management efforts in today’s world of business.
While I will not attempt to predict what 2013 will bring, it is apparent that companies need to focus on improving cyber security software, including a focus on identity and access management systems and audit controls. Failure to do so will result in a continued rise in cyber security threats.
Watch Ryan Ward, Chief Innovation Officer at Avatier, describe how to return identity and access management to the business user with Avatier’s Identity Access Management software.
Get the Top 10 Identity Manager Migration Best Practices Workbook
Start your migration from legacy software with the Top 10 Identity Manager Migration Best Practices Workbook. Use this workbook to think through your information security risk before you transition to next generation identity manager software.