Today we look at the biggest enterprise intrusions of 2014:
- Introduction – Hackers Rampaging
- Sony – Head Hanging in Shame
- European Union – Government Spy Machine Regin
Introduction – Hackers Rampaging
Human beings are funny. Although we all want peace and security, we also gravitate toward death and destruction. Sometimes it is because we feel compassion for the victims. Sometimes we are trying to learn from bad examples and figure out what organizations seem vulnerable. And sometimes, we are mesmerized by the raw carnage. Perhaps all three of those explain our obsession with computer hacks.
Hacks aren’t just captivating, though. As Kim Zetter reports in Wired, data breaches at enterprises are progressively growing and becoming more sophisticated.
They are also becoming more sinister. When hackers infiltrated Sony Pictures, they did more than abscond with sensitive personal data. They performed a sort of digital terrorism on the inside of the studio’s network on their way out the door, deleting the contents of servers and leaving the IT team clamoring to recover.
Kim explains that this data-destruction type of attack is not new: “Digital destruction of this sort was first seen in Saudi Arabia and Iran when computers used in the oil industries were struck in 2012 with data-and system-destroying malware.” The Sony breach was actually a completely different and more ominous animal. In that scenario, data was handed over to the public, resulting in financial losses to the company – such as the need to repair the system. Sony’s stock has taken a hit.
Many in the security world are concerned that the nature of the Sony hack could be an omen of a developing slash-and-burn security environment. Come what may, we all know that there will be many data breaches in 2015 as well.
Here are Kim’s five most terrible hacks that occurred last year:
Sony – Head Hanging in Shame
On the Monday before Thanksgiving, the staff of Sony Pictures got to work, logged in to their computers, and were greeted with a graphically challenged red skeleton that looked like it was made by a 13-year-old who was really into death metal. The skeleton page warned that information would be released soon. The intrusion was so comprehensive that system engineers had to temporarily knock everyone out of the various systems, including email, VPN, and Wi-Fi.
The first public notice that the hack had taken place occurred when an ex-employee posted a screenshot of the skeleton on Reddit. The splash page credited the attack to an organization that calls itself the Guardians of Peace and that many believe to be a front for the North Korean government – which South Korea has reported to have 6000 cyber-soldiers and the capacity to wage nuclear war on the US.
The GoP then posted huge datafiles on the Internet, containing more than 40 GB of private personal and business data, including:
- HIPAA protected health records
- employee assessments and earnings
- movie star paychecks and Social Security numbers
- Various complete movies that have not yet been officially released.
Unfortunately for the studio, this may just be the beginning “since the hackers claim to have stolen more than 100 terabytes of data, including entire databases and email spools, but have so far released only a small fraction of this.”
You may know that Sony has been a bit of a punching bag for hackers over the years. In 2011, the hacktivists of Anonymous and LulzSec invaded four different Sony subsidiaries – BMG, Pictures, Online Entertainment, and the PlayStation Network. The latter two hacks resulted in the exposure of the personal information of 100 million people (three-quarters of them via PlayStation, the reason it got so much press).
European Union – Government Spy Machine Regin
Regin improves, just from a sheer power perspective, on the intrusive capabilities of Stuxnet and Flame. Regin is a government espionage application that successfully breached three organizations in 2011 and 2013 – a Belgian telecommunications provider, a Belgian cryptography firm, and the European Union – without being detected until last year.
Regin is not only useful for spying. It can take over complete networks instead of individual servers. Designed to be invisible to users over a long span of time, the tool is believed to have been developed by the United Kingdom intelligence bureau GCHQ, possibly in conjunction with the National Security Administration (NSA, a benevolent and mild-mannered organization that feeds homeless families and worries about its retirement pension). Kim explains why this thing is not okay: “Its most disturbing feature is a component designed to target GSM base stations in a way that could give the attackers control over a telecom’s entire mobile network.”
Well, there was no shortage of hack attacks in 2014, so we will look at five more incidents in a subsequent piece. In the meantime, check out our fully audited and certified solutions.
By Kent Roberts