Cyber Attacks: The Internet suddenly looks so scary!
As billions of people connect with each other through the Internet, the World Wide Web grows each day. Our dependency on the Internet increases our vulnerability to cybernetic attacks. A number of websites now require our personal information. These include a social networking website like Facebook, a video sharing website like YouTube, a cab aggregator such as Uber or an e-commerce platform such as Amazon. Each website has its own data requirements which we provide due to over-dependence on their services. This information includes our names, address, contact details and even bank credentials. Such data, if accessed by someone with bad intentions, could possess a big threat to our privacy.
Cybernetic attacks are becoming common, with the number of attacks rising severely every year. According to a report, the year 2016 witnessed over 758 malicious attacks varying in shapes and sizes. It means an attack was launched almost every 40 seconds, making it a huge global concern. 2017 was no better as major cybernetic attacks rocked the world. Ransomware, was among the most popular ones in 2017, cost the world billions in money. These attacks can leak out import data, be it of a person or a whole industry, which can be fatal. The consequences can be lethal, including ransom demands, impersonation, financial frauds and even disabling basic amenities like power and water to bring a city or state to a halt. Below is the list of 5 such cybernetic attacks, which affected the world in one way or another.
# Yahoo Data Breach
The attack began in 2013, but the announcement was made in 2014 when Yahoo was in talks with Verizon for a takeover. In a rather unpleasant experience, a public announcement was made by Yahoo that it had suffered a data breach, affecting the data of over 500 million accounts. It was one of the biggest data breaches in the world, if not the biggest. Names, telephone numbers and passwords were retrieved by the hackers, putting privacy to risk. While Yahoo assured users that banking data was not accessed by the vigilantes, it recommended its users to change their details and stay safe.
The result? Yahoo received 4.5 billion USD from Verizon, instead of $4.8 billion as Verizon dropped 300 million USD from its initial buyout. Another report was released which stated that 1 billion accounts had been affected by the hack in 2013. Yahoo also stated that it might be an act of state-sponsored hackers and is probing the leak. Back in October 2017, Yahoo came forward with another number, the final tally of breached accounts stood at 3 billion, a number far greater than predicted. This made it one of the biggest accounts breach of all.
# WannaCry Ransomware Cyber Attack
How will you feel if some program locked you out of your own computer, encrypted your important data and then asked for money to decrypt it and provide re-access to your machine? One will not feel good when this happens, but it was quite the cruel reality that many had to face last year. Ransomwares have been popular for a long time now and have caused a nuisance for a lot of firms lately. The biggest of them all occurred in 2017, named the WannaCry ransomware. No matter how funny the name sounds, the recipients of the ransomware were far from breaking into a laugh. The Ransomware earned the tag of the ‘Worst Ransomware Ever’ after just 4 days of its existence, where it affected almost 300,000 machines around the globe.
Most ransomware affects the machines and asks for a sum of money in cryptocurrency such as Bitcoin, due to its untraceable nature and ease of digital access. However, WannaCry went a step further and deployed worms, which scanned the networks connected to the machine and affected them as well, thus increasing its reach swiftly and effectively. Many prominent organizations were left kneeling after the attack, as it led to complete shutdowns and data breaches all around the globe. The National Health Service in the United Kingdom was one of the worst receivers, with one-third of its services going down. The ransomware affected many other organizations as well, including Honda, FedEx, Hitachi, Renault and Vivo. A private investigator found a kill-switch to the ransomware, ending its reign of terror shortly, which otherwise could have brought the world to a screeching halt.
# eBay Data Breach
eBay, a billion dollar firm that has always been in the news for its unique items, was in the news again for all the wrong reasons. In May 2014, users of eBay received an advisory which suggested them to change their passwords. Through this, the news of a data breach and shocked the user base of the website, along with many others. Rivers of questions flowed which were waiting to be answered. eBay came forward and attributed the data breach to hackers getting access to the login credentials of three corporate employees. It was also stated that the hackers had access for over 200 days, but they were not able to access the database during most of it. The database breach occurred in March 2014, compromising over 145 million.
Although eBay confirmed that the database had no financial information stored in it, the hackers made off with a database of 145 million users, which contained their name, email address, phone number, date of birth and an encrypted password. Although the hackers got access to the passwords, it was rather unclear if they would be able to decrypt it, citing eBay’s algorithm and encryption techniques. The database also had no relation to PayPal, its payment partner and the PayPal data was in another system, as stated by officials. Even though it was the last heard of the data breach, many users were sent into a frenzy.
# Vulcanbot Trojan Attack
Although it was not one of the attacks which shook the whole world, it surely uprooted a country. Vulcanbot Trojan was a botnet which surfaced in Vietnam in late 2009 and early 2010 and seemed to have a political motive behind it. The Vietnamese Professional Society was affected and lost control, where the botnet displaced the Vietnamese Keyboard Driver (VPSKeys) and replaced it with an unoriginal version. Though to be backed by the government, the Trojan sent DDoS attacks towards the bloggers who were criticizing the bauxite mining in Vietnam, which was a prominent activity back then. The attack affected 15,000 computers, bringing heavy criticism towards the government. The machines affected the primary machine while also participating in DDOs attacks on other machines, owned by bloggers and activists against the mining.
While Denial of Service Attack (DDoS) attacks are common, the string of politically motivated cybernetic attacks sparked a new controversy which made rounds around the globe. People started looking for similar patterns in their country and began framing conspiracy theories. The high-tech and carefully-aimed attack also brought forward the doubts that foreign agencies were involved in this as well, which were to profit from the mining, which benefited some big names from China. Similar attacks were also seen later in the country, but Vulcanbot was the biggest directed attacked the country witnessed.
# The GitHub DDoS Attack
On February 28, 2018, widely popular code sharing website GitHub suffered a massive Denial of Service (DDoS) attack, which shut the website down for almost 10 minutes. The attack brought forward traffic amounting to 1.3 terabytes per second, which roughly amounts to 1331 gigabytes per second. Once the website went down, it called for help from Akamai Prolexic, its dedicated DDoS mitigation service. Akamai stood against the attacks using its general DDoS defence infrastructure, which was assisted by the newly implemented specific mitigation infrastructure, which works against attacks that originate from Memcached servers. Using Memcached servers, hackers can cause havoc without the need to distribute any malware nor does it require a botnet maintenance.
The February 28 attack was not the first time that the website suffered an attack, but thankfully it did not bring forward any huge data breach. In a 2015 cybernetic attack that was believed to have originated from China, GitHub and internet freedom group Great Fire were on the receiving end. The attack was aimed at suppressing Internet freedom voices, as China suffers from extreme Internet censorship. The websites remained down for five days and suffered huge losses in web hosting fee due to the high amounts of traffic it received through the DDoS attack. While the 2015 attack was impressive for resources offered in the year, the 2018 attack was well handled by the website. DDoS attacks like the one on GitHub can be motivated from political reasons, but the real reason still remains unclear.
