ICANN said it is investigating a recent intrusion into its systems and believed a “spear phishing” attack was initiated in late November 2014 involving email messages that were crafted to appear to come from its own domain being sent to members of its staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.
A statement from ICANN last week said, “In early December 2014, it discovered that the compromised credentials were used to access other ICANN systems besides email such as Centralized Zone Data System (czds.icann.org); ICANN GAC Wiki (gacweb.icann.org); ICANN Blog (blog.icann.org) and ICANN WHOIS (whois.icann.org) information portal. No impact was found to either of these systems.”
ICANN joins a long list global companies including European Central Bank, CNN, Sony Pictures Entertainment, eBay, Twitter, Skype, Snap chat, iCloud, Linux OpenSUSE, Forbes, Tesco, German Aerospace Centre, KT Corp, AOL Mail, Bangalore City Police, 4Chan, Avast, Israeli defence contractors, Sony Play station Network, Home depot, Infected ATMs, United States Postal Services, Drop box, Snapsaved, etc.
Timelines of major cyber attacks showed that on January 1, 2014, Skype’s Twitter account, Facebook page and blogs were hacked into to protest the NSA surveillance resulting in the leak of contact information of its outgoing CEO, Steve Ballmer.
On January 2, hackers going by the name Snapchat DB posted usernames and phone numbers of 4.6 million Snapchat users.
On January 7, hackers going by the name H4x0r HuSsy hacked into the official forums of Linux distro OpenSUSE defacing it and compromising account details of 79,500 registered users. Again, on January 24, Syrian Electronic Army attacks many accounts belonging to CNN such as CNN’s Facebook page and Twitter account, along with several CNN Blogs; January 26 saw hackers defacing 2,618 Indian websites; February 2, computer networks of three major medical device makers were breached by suspected China-based hackers and February 14, websites of Forbes and Tesco and email accounts were.
Tesco stated that around 2,200 of its accounts were compromised. March 6, KT Corp, South Korea’s largest telecom service provider was breached by hackers who accessed bank details, employment information and home addresses of around 16 million customers.
April 15, Germany’s Aerospace centre based in Cologne was attacked by hackers. The Trojans were so advanced that they would self destruct if detected. April 15, eBay said that hackers raided its network, accessing some 145 million users’ records, leaking names, email addresses, home addresses, phone numbers and date of birth.
April 19, Pakistani hackers attacked BJP websites of Bihar and LK Advani’s personal website and that of the Bangalore City Police. April 22, AOL Mail was hacked into and genuine user accounts were used to send spam messages. Around 50 million users were urged to change their passwords. April 30, 4chan, the image-based message board was hacked into. The hacker had gained access to the administrative functions due to software vulnerability.
On May 25, Avast’s security forum was hacked into culminating in the release of details such as hashed passwords, usernames and email addresses of about 400,000 people. June 10, names, addresses, social security numbers of Twitter staff members were leaked on the internet. On June 11, Twitter was overrun by a worm, which makes users tweet a self-propagating code. Due to this 84,700 users tweet the same message at the same time, thereby reaching a millions of followers.
June 16, Evernote’s forum was hacked and company sends an email to around 164,600 members to change their passwords. Compromised data comprises profile details, password hashes, email addresses and birth dates. July 24, European Central Bank website hacked and personal information of employees and customers stolen. Hacker claims to have a database of 20,000 email addresses, telephone numbers, and addresses of people who had registered for an ECB conference.
July 28, Israeli defence contractors responsible for the ‘Iron Dome’ missile shield, were hacked. The targets namely Elisra Group, Israel Aerospace Industries and Rafael Advanced Defence Systems were attacked and sensitive security documents pertaining to the Iron Dome were robbed. July 30, Tor Project, which allows one to surf anonymously protecting your location as well as browsing habits, was hacked.
August 24, hackers going by the name Lizard Squad hack into Sony’s PlayStation Network using DDoS attacks making the plane carrying Sony Online Entertainment president John Smedley to be diverted after posting through their twitter account that the American Airlines flight had explosives on board.
August 31, the iCloud accounts of several Hollywood celebs were hacked and nude photographs were released online. It first appeared on image-message board 4han and was later propagated via Reddit communities. September 2, US departmental store Home Depot payment systems were compromised by hackers across 2,200 stores in the US and Canada compromising 56 million debit and credit cards details.
September 17, eBay is attacked and any user who clicks on a product listing gets automatically redirected to another site (which looks like eBay) which is meant to steal user credentials. October 7, Kaspersky Labs and Interpol uncover Tyupin, a malware designed to target ATM machines so that they can be remotely controlled by hackers. Around 50 ATMs around Eastern Europe and Russia are attacked leading to the theft of over 50 million Euros.
October 7, Popular cloud sharing service, Dropbox is attacked by hackers, who exploited third-party apps resulting in close to seven million accounts being compromised. October 9, Snapsaved, a third party application that lets users save Snapchat images and videos is hacked leading to a 13GB dump of stolen images and videos surfacing online.
November 10, hackers exposed personal details including names, addresses and social security numbers of 600,000 USPS employees along with high profile customers. November 24, 2014, Sony Pictures Entertainment was hacked by the hacker group Guardians of Peace exposing personal details of film celebs and staff.
Source: Leadership.ng
No comments:
Post a Comment
Please leave your comment