Outgoing 2015 continued a series of high-profile hacker attacks in 2014 and forced us to discuss the principles of collective cyber security and the use of cyber weapons. Hacking of military departments and the administration of the US president and the leakage of correspondence of high-ranking Kremlin officials revealed gaps in the cyber security of the largest countries at the state level. The technology department of remembered computer hacking, which was remembered in 2015. The year began with the hacking of US military command accounts in social networks by the Cyberhalifat group associated with the terrorist organization Islamic State, whose activities are banned in Russia and other countries of the world. In the very hacking there was nothing complicated, but it had an extremely negative impact on the discussion about the control of special services for users in social networks. The US was accused of hacking Russian hackers, which could have a negative impact on the already difficult relations between the two countries.
Humpty Dumpty sits in the Kremlin
Grouping “Anonymous International” posted in the network the next batch of documents, which she presented as correspondence from the internal. In Russia, similar in meaning was the breaking of the e-mail of Dmitry Medvedev’s press secretary, Natalia Timakova, by the hacking group Anonymous International, also known as the Humpty Dumpty. As a result of the hacking, letters were written by Timur Prokopenko, deputy head of the presidential administration’s internal policy department, with reports on the results of efforts to counter opposition actions, and 500 messages from the personal correspondence of Prime Minister Dmitry Medvedev were put up for sale. This hacking was the beginning of a discussion about the need to take the Russian segment of the Internet under the control of the authorities. Computer security professionals identify hacks that can have a significant impact on the protection of users, companies, and institutions in the future. “The main event of the year is the hacking of the Italian cyber group Hacking Team, which develops spyware for orders of special services and law enforcement agencies,” said leading virus analyst ESET Russia Artem Baranov.
The source code for zero-day exploits and other tools for the implementation of cyber-campaigns flowed into the network. The incident was the most large-scale in history in terms of the amount of leakage of confidential information of this kind. “Another resonant event is a targeted attack on Kaspersky Lab using Duqu 2 malware,” says Baranov.”The attack used zero-day vulnerabilities, which allow to automatically installing malicious software with a valid digital signature.”
US cracked antiviruses
A former employee of the NSA Edward Snowden revealed the hacking of popular antiviruses by US and British special services. Their goal was to develop viruses and models. In addition, Baranov notes the placement in the Apple App Store of malicious applications, indistinguishable from legitimate. The hackers managed to make this operation by distributing the Xcode compilation tool on Chinese websites. As a result, software developers for iOS did not suspect that the programs they compiled are supplied with malicious code. Prior to this cyber attack, the App Store was considered the most secure of all existing application stores.
The head of the analytical center of the company in the field of providing corporate computer security Zecurion Vladimir Ulyanov identifies the next five world burglaries. Hacking of the company Anthem, one of the largest American insurers. Because of server, hacking, the personal data of 80 million people fell into the hands of intruders.
“It’s really a big scale,” Ulyanov says. “Plus, the latest data and the leakage of those very” social security numbers “that are more important for Americans than plastic card numbers.” In fact, hackers have all the information for the so-called “identity theft”. In October 2015, hackers gained access to the personal data of 15 million T-Mobile subscribers. “The piquancy of the situation is that the leak occurred through the partner T-Mobile, the company Experian (on its server the information was stored),” says Ulyanov. – Meanwhile, Experian is one of the largest companies that specialize in risk management. In addition, it is often chosen as a monitoring agency to minimize the risks of identity theft in such incidents. ”
CIA directors cracked addicts
The hacking of the personal mail of CIA Director John Brennan led to the publication of six letters containing secret information on WikiLeaks and caused bewilderment.
In November this year, a group of hackers reported the hacking of the corporate FBI portal, through which agents exchange information from many countries. As a result, hackers received information about the names and whereabouts of more than 9 thousand employees. This is very sensitive information for the FBI. Hacking the personnel management of the US was much more serious than originally thought. According to preliminary data, hackers received personal data from about 4-5 million employees, but when investigating the incident it was found that the victims are much more – about 18 million people. Early in the year, a Morgan Stanley employee stole data from 350,000 customers. Here the consequences are shocking. Shares immediately fell by several percent, which is equivalent to a billion-dollar decline in capitalization. “In Russia, a fresh incident – an ex-employee of” Yandex “tried to sell the source code of the search engine, estimated at several billion rubles. It is important that this is not a hacker attack (from outside), but an insider attack (from the inside), says Ulyanov. –
It is amazing how easily an employee was able to carry out confidential information, the basis of the business of such a giant company as Yandex. In addition, it was only by a lucky chance that the incident did not lead to billions (according to the company’s estimates) losses. ”
Another event is the leak of personal data of 300,000 customers of the bank “St. Petersburg”. Ulyanov believes that the incident in the media is surprising for Russia. Usually, such things by all truths and crooks tend to be silenced, since there are no direct sanctions for leakage. However, this is still a tangible blow to the reputation.
Hackers put up for sale 10 million Russians
Unknown hackers hacked and abducted a Russian dating site. Data on 20 million users, including about 10 million Russians, are on sale.
“Russian” three, according to Ulyanov, closes hacking dating service topface (this is a domestic project, although popular abroad). The user bases (about 20 million people, about half of which are Russian accounts) were found on sale in one of the underground forums. TopFace owners contacted the seller, the base was removed from the sale, and the hacker was paid compensation for the detection of the vulnerability.
In the opinion of Denis Makrushin, Kaspersky Lab’s anti-virus expert, the top break-ins according to the degree of danger are as follows:
The financial targeted threat of Carbanak is an unprecedented cybercrime operation, in which criminals kidnapped a billion US dollars. Cyber-robbery lasted two years and affected about 100 financial organizations around the world (the investigation was completed in 2015. Experts believe that this high-profile incident is an international group of cybercriminals from Russia, Ukraine, a number of other European countries, as well as China.
“This robbery marks a new stage,” says Makrushin.”Now, cybercriminals can steal money directly from banks, not from users.”
As experts found out, the largest sums of money were stolen during the invasion of the banking network: for each such raid, cybercriminals stole up to $ 10 million. On average, the robbery of one bank from infecting the first computer in the corporate network to stealing money and folding activities took hackers from two to four months.
How Russian and Ukrainian hackers stole a billion
A group of hackers from Russia and Ukraine stole about a billion rubles. Among the victims were banks and financial institutions in Russia and around the world.
Another dangerous grouping – Equation – has been interacting with other influential groups for many years, such as Stuxnet and Flame.
“Attacks Equation at the moment, perhaps the most sophisticated of all known incidents,” – said Makrushin.
One of the modules of malicious software allows you to change the firmware of hard disks. Since 2001, the Equation group has managed to infect the computers of thousands of victims in Iran, Russia, Syria, Afghanistan, the United States, and other countries. The victims’ activities are governmental and diplomatic institutions, telecommunications, aerospace, energy, and others.
Hacking the dating site, Ashley Madison, according to Makrushin, was quite non-trivial: hackers declared war on a large company, and in this war, they were able to win.
“As a result of hacking, there were a lot of details about the site’s audience,” the expert says.”Information was published about almost every registered user, and this entailed a wave of blackmail from other cybercriminals who demanded a ransom for not disclosing information to spouses.”
Vladimir Ulyanov agrees that the hacking is interesting even not because more than 30 million users flowed into the network, including personal correspondence, but by the fact that among the compromised there were addresses of high-ranking sources, and the service took money for removing accounts and history and like it turned out, did not delete anything.
What else hackers can crack?
Hacker attacks on services and sites today no one surprises. However, with the development of technology, attackers can hack even the most.
“What was so afraid of before, finally became a harsh reality: the car’s on-board systems were hacked, with the brakes, transmission, steering, and dash functions being” edited “from the other end of the country via Wi-Fi,” says Makrushin.
As two hard-hitting automotive hackers, Charlie Miller and Chris Valasek demonstrated, Chrysler’s on-board information and entertainment system Jeep Cherokee is not isolated from the critical functions of the dashboard, allowing attackers to gain control over them.
“This is a kind of elementary error that shows how the venerable automaker, apparently, has well saved on the very basics of information security,” the expert said.
Spies crack Sims
Edward Snowden spoke about the largest hacking of networks of mobile operators around the world in the history of mobile communications.
Add to this list, according to the editors, can be the largest data leak from the Netherlands Company Gemalto, the manufacturer of SIM cards for the largest mobile operators, information about which in February 2015 disclosed by a former employee of the NSA Edward Snowden. Because of the leak, a large number of SIM cards were compromised, which allows US and British special services to monitor, listen to telephone conversations, and intercept text messages, and mobile Internet traffic. The company itself has refuted the leak. Nevertheless, the method described by Snowden, which consists of the routine monitoring of the correspondence of relevant employees, sending sensitive information in clear form simply in letters, allows you to obtain data about SIM cards even without serious hacking.