A timeline of security related events
WannaCry Ransomware targets computers running the Microsoft Windows. WannaCry encrypts victims files and demands ransom payments in the Bitcoin cryptocurrency
Tesco Bank Breach
9,000 customers of Tesco Bank had £2.5m stolen from their accounts.
The Sony Pictures Entertainment Hack
The Sony Pictures Entertainment hack was comprised of the release of confidential data belonging to Sony Pictures Entertainment. The data included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of (previously) unreleased Sony films, and other information. The hackers called "Guardians of Peace" claimed to have performed the attack. They demanded that Sony cancel the release of the film "The Interview". It is believed that the hack was sponsored by North Korea, however, there is still some skepticism due to some doubts about the evidence.
POODLE (Padding Oracle On Downgraded Legacy Encryption
The POODLE attack forces encrypted communications between clients and servers using secure protocols like TLS to downgrade to older insecure ones (SSL 3.0). A POODLE attack can potentially allow the interception of “secure” traffic. All major browsers have patched the vulnerability. The patch issued disabled SSL 3.0 to prevent the POODLE attack.
This is a serious bug in Bash (command-line shell for Unix-based OS’s) disclosed on September 24th, 2014. This bug was present in a tremendous amount of Unix based systems. Attackers can exploit the ShellShock vulnerability to gain unauthorized access to a system and execute commands at their will. Attackers exploited Shellshock within hours of being disclosed by creating botnets using the compromised computers to execute large distributed denial-of-service attacks and vulnerability scanning. The Shellshock vulnerability is often compared to heartbleed in severity.
Home Depot Credit Card Breach
Home Depot, beating Target broke the world record for the number of credit cards stolen. A total of 56 million customer credit cards, debit cards, and email address accounts were exposed. The breach was performed using a similar variant of the point of sale (POS) Malware used for the Target breach.
Windows XP Support Ended
Support for the Microsoft Windows XP Operating System was ended, which also means no more security updates or bug fixes will ever be released.
The Heartbleed vulnerability is a serious security vulnerability disclosed in April 2014 in the OpenSSL cryptographic library. The vulnerability allows interception of information typically protected under normal conditions via SSL/TLS. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret/private keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. Note: anyone who has not changed their private keys after the vulnerability was patched still has the potential to be vulnerable because the attacker could have already obtained your private keys while they were vulnerable.
Target Credit Card Breach
Target broke the world record for the number of stolen credit cards. 40 million credit and debit cards were stolen, and 70 million records were stolen which was comprised of names, addresses, email address, and phone numbers of Target shoppers.
Discovered in June 2010, and is considered the first known account of Cyber Warfare. Stuxnet was a computer worm that was designed to attack PLCs or programmable logic controllers. PLCs are used for automating machinery, power plants, waste treatment facilities,
automobiles, pumps, and centrifuges. Stuxnet used 4 zero days in the Microsoft Windows operating system to target the Siemens boxes/software
controlling Iranian centrifuges (can be used to enrich uranium/nuclear fuel). The worm caused nearly one-fifth of the Iranian centrifuges
to spin past their rated capacity, destroying themselves.
Stuxnet is typically introduced to the target environment through USB flash drives, and then propagates across the network scanning for the “specific” Siemens box it was programmed to target. If the “specific” Siemens box it was looking for was not detected, it will remain dormant on the PC and will just infect any non-infected flash drives plugged into the PC. If the “specific” Siemens box was detected the Stuxtnet worm will execute the attack on that Siemens box(a PLC).