Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10 Biggest Information Security Stories Of 2012

From John McAfee's escape from Belize to the privacy debacle that compromised CIA director Petraeus' career, 2012 had no shortage of security shockers.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
On the information security front, 2012 has featured nonstop takedowns and arrests, breaches and data dumps, and hacktivist-launched distributed denial-of-service (DDoS) attacks.

Early in the year, notably, hackers breached Stratfor, while the FBI arrested alleged Anonymous and LulzSec ringleaders. By year's end, hacktivists were still out in force -- this time supporting Syrian rebels and targeting picket-happy Westboro Baptist Church. In between, there were a plethora of hacks, defacements, leaks, arrests, mass surveillance, privacy violations and numerous other high-profile information security happenings.

Here are the highlights from 2012:

1. Feds Bust Alleged LulzSec, Anonymous Ringleaders.

Hacktivist group LulzSec dominated headlines in 2011 for its 50-day hacking and defacement spree, as well as witty press releases. After those attacks, U.S. and U.K. law enforcement officials began arresting alleged LulzSec participants, many of whom were also accused of participating in attacks launched under the banners of Anonymous and AntiSec. But LulzSec leader Sabu appeared to elude the authorities.

[ Want to read about more 2012 security escapades? See 9 Ways Hacktivists Shocked The World In 2012. ]

That turned out to not be the case, when in March 2012 the FBI arrested a handful of alleged LulzSec and Anonymous leaders -- accused of launching attacks against PBS, Sony, Stratfor and more. Court documents unsealed after those arrests revealed a stunning turn of events, and what many hacktivists would soon label as betrayal. In fact, Sabu -- real name Hector Xavier Monsegur -- had been cooperating with the FBI since being secretly arrested in June 2011. In short order, the former LulzSec leader apparently had helped the bureau identify his alleged former comrades, leading to their arrests.

2. DDoS Attackers Reach New Heights With Bank Attacks.

How do you define a DDoS attack? Many hacktivists label it as a form of online protest, while law enforcement agencies say disrupting websites remains a punishable offense, and have the arrests and convictions to prove it. Regardless, attackers have continued to push DDoS attacks to new levels of packet-overwhelming power, leading security experts to warn that so-called Armageddon attacks -- which disrupt not only a targeted site, but every service provider in between -- might soon become reality.

A glimpse of that new reality has been seen in the DDoS attacks launched by Muslim hacktivists against U.S. banks. After compromising numerous servers with DDoS toolkits, the attackers have been able to overwhelm leading Wall Street firms' websites, despite the attackers revealing in advance which sites they'll target, and when. The bank attacks reveal that with advance planning and a good DDoS toolkit, attackers might soon be able to disrupt any website they choose.

3. Escape From Belize: AV Founder John McAfee Turns Fugitive.

The security-related world turned surreal in November, when eccentric security expert John McAfee, who'd founded and later sold the McAfee antivirus firm, announced that he was on the run from authorities in Belize. McAfee claimed the government was trying to frame him for a murder after he refused to honor its shakedown request.

McAfee's freedom proved short-lived when his location was revealed through an information security error: Journalists traveling with him posted an iPhone snap with McAfee, but failed to remove the GPS coordinates that had been automatically included in the image. Soon, the dual American and British citizen was arrested by Guatemalan authorities, requested asylum, faked a heart attack, had his asylum request refused, and was deported to Miami, where's he's now reportedly laying low.

4. Espionage Malware Is All Around.

What do Stuxnet, Duqu, Flame, Gauss and Mini-Flame all have in common? They're all examples of espionage malware, and they were all designed at least in part by the United States. That conclusion can be drawn because unnamed U.S. government officials this year confirmed that Stuxnet was the product of a U.S. cyber-weapons program.

Because security researchers who studied Stuxnet have found evidence that it's related to Duqu, as well as to Flame and Gauss, it's clear that the United States hasn't shied away from using malware to spy on its opponents. Which means that the opposite, of course, is also likely to be true.

5. Attackers Turn To Wire Transfers.

Malware also has long been a favorite tool of criminals, because they can use it to make money, most often by stealing people's bank credentials and transferring money to dummy accounts, from which money mules withdraw the funds via ATMs. Although such attacks aren't new, the sophistication and success rate of the related malware appears to be on the increase. In September, notably, the FBI, Financial Services Information Sharing and Analysis Center, and the Internet Crime Complaint Center released a joint warning that criminals have been targeting bank account information using "spam and phishing e-mails, keystroke loggers, and remote access trojans (RATs)," as well as variants of the Zeus financial malware. Individual heists have bagged up to $900,000 in one go. U.S. officials have claimed that the Iranian government is sponsoring the attacks.

 

Recommended Reading:

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...