Hello soldiers of the cyber resistance,
You are tuning in to CRR, Cyber Resistance Radio.
Today in our fourth podcast we talk about 9 of the biggest hacks & security incidents of the year 2016.
It was quite a year for the information security professional.
Now that 2017 just started let’s take a look back on 2016 and talk about some big security incidents that took place.
#1 Let’s start with Yahoo, one of the first internet companies, coming from the 90’s internet era.
What happened ?
Well 500 million user accounts have been hacked in 2016, making it the biggest theft of user credentials ever in the history of technology. To make it even worse, the actual hack took place in 2014 and was discovered two years later. In other words, hackers had access to this data freely for over 2 years without anyone knowing…
You thought it could not get any worse….. well you are wrong. Back in 2013 a billion user credentials have been stolen from Yahoo, twice as much. Another free reminder to use strong and unique passwords once again. Also it is important to use a different password for every website or service you use, so if hackers gain access to your credentials on 1 website, they cannot use this information to guess the rest of all the common websites. This is the least you can do to make the life of hackers a little bit more complicated.
Moving on to ransomware in 2016.
2016 really became the year of ransomware, many users have been targeted by ransomware.
And the intensity and aggressiveness of the software only increased.
Only thing they had in common is the fact they wanted bitcoins to unlock your encrypted files. After payment many users still ended up with erased files.
So make sure you have back-ups and a strong firewall (like forcepoint or the open-source pfsense) running as a gateway on your network. Is there still hope ?
Yes, intel predicts that the height of this ransomware epidemic is behind us now.
Moving on, how many of you still remember the DDOS of Dyn, the DNS provider that got attacked by a humongus botnet. Botnets are active for many years already but the news that this attack was carried out by a relatively new wave of devices, internet of things devices, that was new to most people.
Who would have thought that Webcams and DVR’s could be infected with malware and then attack one the most crucial services on the internet making it unreachable for millions of people, that was unheard off.
An army of stupid smart devices attacked the internet, what is happening in the world ?
Moving on, apple stops supporting Quicktime. Well that is not a big problem there are many media-players out there that do a better job…. what is the problem then ?
Well there are several vulnerabilities in its software and apple never came with small decent patches to repair its media player. In other words, if you still use Quicktime in 2017, it’s time to remove it once and for all.
Can you guess what comes next ? Well that was the hint, distributed guessing….
Why would you brute-force credit card information if you can also guess what information you need in order to get what you need ?
Researches of the Newcastle University found out that hackers use malicious browser bots to guess the credit card information of people. The guessing is done on the basis of the first 6 digits of the credit card and combine them on the basis of the bank and the brand of the credit card. The Luhn algorithm is at the basis of this all. Guessing is done in about 2 seconds.
After this the security code at the back of the credit card has to be guessed. This is done in 4 seconds, if you also need residence info of the card holder then you can add another 2 seconds to the magic of guessing.
What cybercriminals accomplished is the following, use this technique to attack about 400 webshops that accept creditcard payments. Some webshops give you 50 or more, some even limitless attempts to try out credit card information on their sites… might be a good idea to limit that number, right ? This allows bots to keep on trying combinations on credit card information, long enough until it works. This process even excels with the guessing is distributed over various sites simultaneously. And there you have it, distributed guessing.
Number 6 the DNC hack.
As an American you will have heard about it, but i will give a quick explanation; DNC stands for Democratic National Commitee. In the election year 2016, this hack had people fired and countries acquitted.
What happened ?
DNC got hacked and wikileaks published about 20.000 e-mail with attachments from DNC employees. The publishing on these documents brought to light several scandals, the hack was claimed by someone calling himself / herself Guccifer 2.0. The Americans were quick to accuse the Russians.
What really happened is something, I am afraid we will never know in these times of political unrest and instability in the USA, Europe and the far East. Time will tell.
Number 7 the iphone from the attackers in San Bernardino.
In december 2015 islamic terrorists attacked people in San Bernardino, California. One of the attackers carried an iphone which the FBI wanted to crack in order to get more background information on the attackers. The government asked for cooperation from Apple. Apple refused, in their defense it would be dangerous if the government would interfere with their software security, and this case would then be used again in the future. Eventually a security firm claimed it could crack the iphone and then went to work together with the FBI to retrieve information from the device.
I think it was a political move from the Apple to defend the digital rights of civilians, even if they have terrorists motives, if they FBI or other companies wanted to crack the iphone, they would already have the resources. This should be information that will be kept from the public, but information professionals already know, everything can be cracked when you try hard enough.
Moving on the the last security incident of this list,
THE NSA got hacked, the national security agency got hacked by a hackers collective calling themselves “shadow brokers”
They claimed to have stolen hacking tools from the NSA. These tools had the capability to infect firmware of various companies in order to spy on them. Since the tools only infected the firmware of the hardware, a clean install of the target system would not fix anything. Basically rendering an infected system useless.
Eventually the group decided to sell the tools to the highest bidder, but there was little or no interest.
Last security incident i will talk about is the SWIFT hack. What started as a 81 million dollar malware attack on a bank in Bangladesh ended up as a hack on the society for worldwide interbank financial telecommunications software. Eventually attacking even more banks in the process. In July of 2016 SWIFT called upon external security experts to stop the hack.
So 2016 was quite a big year for hackers and hacking, this results in plenty of work in the information security field, if you want to stay on the right side that is…
Thanks for tuning in and catch you guys next time.
Stay safe, turn off your television, tune in to our podcast and arm yourself with knowledge.