Attacks/Breaches
12/27/2013
11:06 AM
Connect Directly
RSS
E-Mail
50%
50%

9 Notorious Hackers Of 2013

This year's hacking hall of shame includes members of Anonymous and the Blackhole cybercrime gang, plus state-sponsored groups.
Previous
1 of 10
Next

From DDoS attacks to NSA hacks

(Source: Peggy Reimchen)
(Source: Peggy Reimchen)

Who should make the list of the world's most notorious hackers in 2013?

If recent years are any guide, crime-committing hacktivists should loom large. In 2011, LulzSec stormed on to the scene, pulling off 50 days of hacks that mixed technical savvy with PR acumen. But by 2012, the leaders of LulzSec had been arrested, as had many participants in high-profile Anonymous operations, thanks to a concerted effort by the FBI and its counterparts overseas. By the end of 2013, some of the best-known domestic hackers with political aims either were in jail or, in the case of some people arrested in Britain, had already served time and were on parole.

Policing hacks launched from non-allied countries has always been a different story, given the Department of Justice's inability to arrest, extradite, or sometimes even identify suspects operating from certain countries. For example, many crimeware toolkit-driven campaigns that use bots to steal personal financial details and then remove millions of dollars from banks are run from Russia or former Soviet satellites that have no extradition treaty with the United States.

Foreign attackers who hold a political grudge against the United States likewise remain tough to stop. Last year, a group of foreign attackers -- backed by the Iranian government, US government officials have alleged -- launched Operation Ababil, a series of distributed denial-of-service (DDoS) attacks against US banks. Those attacks continued into their fourth wave in 2013, making them the longest-running series of online attacks in history. Despite the timing and the targets being revealed in advance, targeted banks often had difficulty blunting the DDoS attacks.

Also on the overseas tip, US officials increased their denunciation of state-sponsored Chinese hackers in 2013. Though China had long been suspected of hacking businesses and government agencies, government officials began publicly pointing the hack-attack finger after the security firm Mandiant published evidence of what it said was an elite PLA military online hacking team, which it had linked to the theft of intellectual property from US businesses, as well as the theft of US military secrets.

Hacking has long been defined -- loosely, anyway -- in terms of white, black, and gray hats, referring to hackers who pursue ethical computer security research (white hats), people who hack solely for their own gain or at the expense of others (black hats), and people who fall somewhere in the middle (gray hats). Clearly, Chinese APT attacks, crimeware toolkits, bank DDoS exploits, and other leading hack attacks were evidence of black-hat behavior.

But the world turned a lot more gray beginning in the middle of 2013, after Edward Snowden, a National Security Agency contractor, fled to China and began leaking 1.7 million secret NSA documents. Those disclosures, which are ongoing, have begun to pull back the curtain on America's massive online surveillance apparatus. For example, we've learned that the agency hacked into tens of thousands of PCs abroad, as well as hacking into Internet backbone communications or technology giants' datacenters directly, to allow the agency to eavesdrop on foreign and domestic communications.

Who are the good guys and bad guys now? Click the image above for this year's list of the most notorious hackers.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
1/6/2014 | 7:40:57 AM
Re: Have to agree
I really thought this would be addressed when we the country got a CIO... Then we had the summer of Anonymous attacking sites and we never really got a main stream explanation of what was going on or why.  I think part of it is just a lack or understanding by the media and the attitude toward attacks on web sites is that it's just childish pranks.  
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/3/2014 | 7:52:40 AM
Re: Have to agree
That's a great question. There's really no shortage of public news and information for anyone who wants to learn more and stay on top of the situation. It's the age-old dilemna of how to raise security awareness. You would think our leaders would take it upon themselves to have at least a basic understanding of digital security issues. Yet even security professionals struggle with the issue. Ira Winkler wrote a great piece about it recently: Why Security Awareness is Like an Umbrella. 
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
1/3/2014 | 7:14:28 AM
Re: Have to agree
I guess the question then would be how do we raise awareness without overblowing the situation.  We don't want to make them all out to be public enemy number one but we do need to draw enough attention that people are aware of what is possible, what is happening and hopefully educate themselves on how to avoid it.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/2/2014 | 10:33:17 AM
Re: Have to agree
I tend to agree with you @jg, that outside the security community, the general public is unaware of most of the notorious hackers and why they are important. What's worse, I don't have a lot of confidence that our public leaders (elected and appointed) truly get what they need to know to develop policies that protect us.
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
12/30/2013 | 8:32:36 AM
Re: Have to agree
I don't think the NSA are doing themselves any favors but I also wonder how many people would recognize any of the other individuals listed.  We all know about Snowden because he's been a daily news story but what about Sabu? Aside from those that were burned when the started working with the government to turn in other hackers and IT folks who follow things like this does anyone know who he is or why he was news worthy?
Whoopty
50%
50%
Whoopty,
User Rank: Strategist
12/30/2013 | 6:00:03 AM
Have to agree
Have to agree with the NSA being at the #1 spot. The revelation of its involvement in worldwide sureillance was the biggest rug pulling on internet privacy that's ever come to light. 
virsingh211
50%
50%
virsingh211,
User Rank: Apprentice
12/30/2013 | 3:36:03 AM
Re: 10
I would like thank author for including Edward Snowden in blog, Snowden was one to change my thinking towards hacker, he revealed the spying that is taking place. Many consider him a villain. I, on the other hand, hold him up in the hero category for one simple reason, His disclosure of classified documents unveiled the NSA's mass surveillance program. I was reading an article on WSJ which says Snowden Will Speak More in 2014, source: http://blogs.wsj.com/washwire/2013/12/29/snowden-will-speak-more-in-2014-adviser-says/.

 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Apprentice
12/28/2013 | 11:36:06 PM
10
A suggestion for the tenth: Those behind the Target hack on customer credit card numbers.  We're still somewhat in the dark about that.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.