10 Biggest Cyber Attacks In June
Ripe For The Picking: A Big Month For Cyber Attacks
To say June has been a busy month for cyber attacks would be an understatement. Hackers launched calculated, targeted attacks on a wide variety of companies and organizations, from federal law enforcement agencies to high-profile banks to video game makers. Motives for the attacks ranged from political hacktivism protesting state laws to the desire to inflict public humiliation to old fashioned data theft.
The number of victims in the attacks reached millions of people. But all of the attacks featured on this month’s list garnered national attention and served as a strong reminder to commercial business and government entities that no one is immune.
Here are 10 of this month’s most notable cyber attacks.
Google put China on the defensive after fingering the world’s most populous nation as the source of a sophisticated phishing attack targeting many high profile Gmail account holders, including senior U.S. government officials, Chinese political activists, officials in South Korea and other Asian countries, as well as military personnel and journalists.
Google said that the phishing campaign, executed by stealing users' passwords, was launched in an effort to infiltrate users' Gmail accounts and monitor their activity.
During that attack, victims were compelled to open an e-mail appearing to come from someone they knew. The e-mail message used social engineering techniques with highly personalized content to entice them to click on links that took them to malicious sites impersonating the Gmail login screen.
Sony felt the sting of yet another data breach when hackers broke into the computer networks of Sony Pictures and exposed the personal information of more than one million customers.
Hacker group LulzSec, which claimed responsibility for the attack, said that they exploited security vulnerabilities on the Sony Pictures Web site with an easily executed SQL injection attack.
Altogether, the hackers said that they accessed personally identifying information, including passwords, e-mail addresses, home addresses, dates of birth and all Sony opt-in data associated with the accounts of more than one million users.
The LulzSec hackers also said that they compromised all admin details of Sony Pictures, as well as 75,000 "music codes" and 3.5 million music coupons, while breaking into other tables from Sony BMG in the Netherlands and Belgium.
It was only a matter of time before the banking industry was hit where it hurts. Citigroup became another victim in the recent spate of corporate hacks when its systems were targeted by miscreants who compromised the accounts of more than 200,000 bank card holders. The Citigroup hack, which was initially detected in early May but revealed in June, affected about 1 percent of its 21 million card holders.
Citigroup said it was working with law enforcement officials to determine details of the incident and planned to issue replacement credit cards to customers possibly affected by the breach.
Altogether, the compromised information included customer names, account numbers, and other contact information such as e-mail addresses. However, other personally identifying information, such as customer dates of birth, social security numbers, card expiration dates and CVV codes, were not compromised in the hack, Citi said.
International Monetary Fund
Hackers reportedly linked to a foreign government targeted a spear phishing attack at the International Monetary Fund.
The cyber attack resulted in the theft of what the IMF called ’a large quantity’ of data, which allegedly included documents and e-mails. The reported attack initially prompted the IMF to temporarily disable its network connections with the World Bank.
The IMF diligently embarked on an investigation following the attack. Meanwhile, a BBC report suggested that hackers gained entry via a spear phishing attack, indicated by the presence of ’suspicious file transfers.’ The BBC reported that the IMF attack appeared to originate from a specific PC that was infected with data stealing malware.
Bloomberg cited anonymous sources revealing that the intrusion was thought to be state-based, but didn’t specify which nation perpetrated the attack.
It may come as a surprise, but this month not all cyber attacks could be attributed to LulzSec. The renowned hacking group ’Pakistan Cyber Army,’ launched cyber attacks against the European arm of Acer , which compromised the data of about 40,000 users, along with source code stored on the server.
The stolen data appeared to include purchase histories, names, e-mail addresses, and partial addresses and phone numbers for a limited number of customers stored on acer-euro.com.
While its motives weren’t clear, the Pakistan Cyber Army said that it planned to publicly release the stolen customer data.
Some of the attacks occurred as the result of targeted phishing campaigns, while in other cases the hackers gained entry by exploiting easy-to-spot vulnerabilities in the company's Web site applications.
Video game maker Sega also reeled this month from a hack that exposed names, birth dates, e-mail addresses and encrypted passwords of 1.3 million Sega Pass online network members. However, the video game maker added that none of the stolen passwords were stored in plain text and that credit card numbers and other personal payment card data were not affected by the breach.
Sega set about resetting all customer passwords and took Sega Pass offline. Sega advised users not to attempt to log into Sega Pass until the game was restored back online, and told users who relied on the same Sega Pass login credentials for other accounts to immediately change their passwords.
Details of the breach remain unclear. However, the hacker group LulzSec, thought to have been behind the attack, later denied it was involved.
In one of the month’s least reported hacks, Groupon India, known in that country as SoSasta.com, suffered a hack that exposed the e-mail addresses and plain-text passwords for 300,000 users, as well as the SQL file index on Google.
SoSasta, which offers services in 11 major Indian cities -- Kolkata, Hyderabad, Pune, Ahmedabad, Delhi/NCR, Chandigarh, Jaipur, Nagpur, Mumbai, Chennai and Bengaluru -- contacted customers via e-mail that they had been affected by the breach.
In the e-mail, SoSasta said that it had been ’alerted to a security issue’ and recommended that users change their passwords, especially if they used the same passwords for other sites.
SoSasta said, however, that the breach did not compromise any customer credit or debit card data.
Arizona Department of Public Safety
LulzSec went for the jugular again when it released more than 700 documents pilfered from the Arizona Department of Public Safety.
The published documents included hundreds of private intelligence bulletins, training manuals, personal e-mails, classified documents, personnel logs and videos that contained sensitive information on drug cartels, gangs, informants, border patrol operations and the names and addresses and other personal information about members of the Arizona Highway Patrol. LulzSec said the documents were released to protest Arizona’s Senate Bill 1070, the law that expanded law enforcement’s ability to apprehend and punish illegal immigrants.
’Every week we plan on releasing more classified documents and embarrassing personal details of military and law enforcement in an effort not just to reveal their racist and corrupt nature but to purposefully sabotage their efforts to terrorize communities fighting an unjust ’war on drugs,’’ LulzSec said.
LulzSec continued its high-profile hacking spree with an attack against the U.S. Senate's Web site. LulzSec said that they had successfully hacked into the U.S. Senate’s Web site, Senate.gov, and posted ’basic information on the file systems,’ including user names and the Web server config files.
In addition, LulzSec published a list of directory names from the server, but did not appear to post any proprietary or personally identifying information, government officials said.
LulzSec punctuated its cyber attack with a taunt, posted to its Web site. ’This is a small, just-for-kicks release of some internal data from Senate.gov—is this an act of war, gentlemen? Problem?’
Under the U.S. Computer Fraud and Abuse Act, the hack could potentially carry of sentence anywhere between five and 20 years in prison, if the attackers were apprehended and convicted.
FBI Affiliate InfraGard/CIA
Political hacktivism proved to be alive and well as LulzSec launched an attack against InfraGard, a small affiliate of the Federal Bureau of Investigation, in response to the U.S. government’s recent declaration that it would treat hacking as an act of war.
’It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama have recently upped the stakes with regard to hacking,’ LulzSec said in a Pastebin.org blog. ’So, we just hacked an FBI affiliated Web site and leaked its user base.’
LulzSec exposed InfraGard e-mail, login credentials and other personally identifying information for about 180 employees.
Later in the month, LulzSec hackers knocked down the CIA’s public facing Web site, forcing it to go offline for several hours, although no user data appeared to be stolen. Exact motives for the hack were unclear.