Professional Documents
Culture Documents
Indiscriminate attacks
These attacks are wide-ranging, global and do not seem to discriminate among governments
and companies.
World of Hell
Red October, discovered in 2012, was reportedly operating worldwide for up to five years
prior to discovery, transmitting information ranging from diplomatic secrets to personal
information, including from mobile devices.[1]
Destructive attacks
Vulcanbot
Shamoon, a modular computer virus, was used in 2012 in an attack on 30,000 Saudi
Aramco workstations, causing the company to spend a week restoring their services.[3][4]
Wiper – in December 2011, the malware successfully erased information on hard disks at
the Oil Ministry's headquarters.[5][6]
Cyberwarfare
These are politically motivated destructive attacks aimed at sabotage and espionage.
July 2009 cyberattacks, against South Korea and the United States
Operation Olympic Games, against Iranian nuclear facilities, allegedly conducted by the
United States
Government espionage
2008 cyberattack on United States, cyber espionage targeting U.S. military computers
Cyber attack during the Paris G20 Summit, targeting G20-related documents including
financial information
GhostNet
Moonlight Maze
Google – in 2009, the Chinese hackers breached Google's corporate servers gained access
to a database containing classified information about suspected spies, agents, and
terrorists under surveillance by the US government.[8]
A six-month-long cyberattack on the German parliament for which the Sofacy Group is
suspected took place in December 2014.[11]
Between July 7, 2021, to July 14, 2021, the Indian government email infrastructure was
compromised thrice with hackers accessing emails of several top officials including that of
Ajay Prakash Sawhney, the secretary to the Ministry of Electronics and Information
Technology[16]
Corporate espionage
Operation Aurora
Operation Socialist, A GCHQ operation by the United Kingdom to obtain information from
Belgian telecom company Belgacom on call information
Nitro cyberattacks
These attacks relate to stealing login information for specific web resources.
2011 PlayStation Network outage, 2011 attack resulting in stolen credentials and
incidentally causing network disruption
Vestige (online store) – in 2010, a band of anonymous hackers has rooted the servers of
the site and leaked half a gigabyte's worth of its private data.[17]
IEEE – in September 2012, it exposed user names, plaintext passwords, and website
activity for almost 100,000 of its members.[18]
LivingSocial – in 2014, the company suffered a security breach that has exposed names, e-
mail addresses and password data for up to 50 million of its users.[19]
Adobe – in 2013, hackers obtained access to Adobe's networks and stole user information
and downloaded the source code for some of Adobe programs.[20] It attacked 150 million
customers.[20]
RockYou – in 2009, the company experienced a data breach resulting in the exposure of
over 32 million user accounts.
Yahoo! – in 2012, hackers posted login credentials for more than 453,000 user
accounts.[21] Again in January 2013[22] and in January 2014[23]
2017 Equifax data breach - In 2017, Equifax Inc. announced that a cyber-security breach
occurred between May to mid July of that year. Cyber criminals had accessed
approximately 145.5 million U.S. Equifax consumers' personal data, including their full
names, Social Security numbers, credit card information, birth dates, addresses, and, in
some cases, driver's license numbers.[26]
2016 Indian Banks data breach - It was estimated 3.2 million debit cards were
compromised. Major Indian banks- SBI, HDFC Bank, ICICI, YES Bank and Axis Bank were
among the worst hit.[27]
2014 JPMorgan Chase data breach, allegedly conducted by a group of Russian hackers
Goodwill Industries – in September 2014, the company suffered from a credit card data
breach that affected the charitable retailer's stores in at least 21 states. Another two
retailers were affected.[28][29]
Home Depot – in September 2014, the cybercriminals that compromised Home Depot's
network and installed malware on the home-supply company's point-of-sale systems likely
stole information on 56 million payment cards.[30]
StarDust – in 2013, the botnet compromised 20,000 cards in active campaign hitting US
merchants.[31]
Target – in 2013, approximately 40 million credit and debit card accounts were impacted in
a credit card breach.[32][33][34] According to another estimate, it compromised as many as
110 million Target customers.[35]
Visa and Mastercard – in 2012, they warned card-issuing banks that a third-party payments
processor suffered a security breach, affecting up to 10 million credit cards.[36][37]
MasterCard – in 2005, the company announced that up to 40 million cardholders may have
had account information stolen due to one of its payment processors being
hacked.[39][40][41][42]
By May, three healthcare payer organizations had been attacked in the United States in
2014 and 2015: Anthem, Premera Blue Cross and CareFirst. The three attacks together
netted information on more than 91 million people.[43]
Ransomware attacks
Hacktivism
See also
Cyberwarfare by China
References
1. Goodin, Dan (January 14, 2013). "Massive espionage malware targeting governments undetected for
5 years" (https://arstechnica.com/security/2013/01/red-october-computer-espionage-network-may-h
ave-stolen-terabytes-of-data/) . Ars Technica. Retrieved November 8, 2014.
3. Perloth, Nicole (October 24, 2012). "Cyberattack On Saudi Firm Disquiets U.S." (https://www.nytimes.c
om/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html) New York Times.
pp. A1. Retrieved October 24, 2012.
4. Goodin, Dan (August 16, 2012). "Mystery malware wreaks havoc on energy sector computers" (http
s://arstechnica.com/security/2012/08/shamoon-malware-attack/) . Ars Technica. Retrieved
November 8, 2014.
5. "Iranian Oil Sites Go Offline Amid Cyberattack" (https://www.nytimes.com/2012/04/24/world/middlee
ast/iranian-oil-sites-go-offline-amid-cyberattack.html) . The New York Times. April 23, 2012.
Retrieved November 8, 2014.
6. Goodin, Dan (August 29, 2012). "The perfect crime: Is Wiper malware connected to Stuxnet, Duqu?" (h
ttps://arstechnica.com/security/2012/08/wiper-malware-stuxnet-duqu/) . Ars Technica. Retrieved
November 8, 2014.
7. https://www.facebook.com/ellennakashimapost ; https://www.facebook.com/profile.php?
id=729171040 . "Secret CIA assessment says Russia was trying to help Trump win White House" (ht
tps://www.washingtonpost.com/world/national-security/obama-orders-review-of-russian-hacking-dur
ing-presidential-campaign/2016/12/09/31d6b300-be2a-11e6-94ac-3d324840106c_story.html) .
Washington Post. Retrieved 2019-04-01.
8. Goodin, Dan (May 21, 2013). "Chinese hackers who breached Google reportedly targeted classified
data" (https://arstechnica.com/security/2013/05/chinese-hackers-who-breached-google-reportedly-t
argeted-classified-data/) . Ars Technica. Retrieved November 8, 2014.
9. Goodin, Dan (August 9, 2012). "Nation-sponsored malware with Stuxnet ties has mystery warhead" (ht
tps://arstechnica.com/security/2012/08/nation-sponsored-malware-has-mystery-warhead/) . Ars
Technica. Retrieved November 8, 2014.
10. Sanders, Sam (June 4, 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At
Risk" (https://www.npr.org/sections/thetwo-way/2015/06/04/412086068/massive-data-breach-puts-
4-million-federal-employees-records-at-risk) . NPR.
14. Holland, Martin. "Angeblich versuchter Hackerangriff auf Bundestag und Parteien" (https://www.heis
e.de/newsticker/meldung/Angeblich-versuchter-Hackerangriff-auf-Bundestag-und-Parteien-332826
5.html) . Heise. Retrieved 21 September 2016.
19. Goodin, Dan (April 27, 2013). "Why LivingSocial's 50-million password breach is graver than you may
think" (https://arstechnica.com/security/2013/04/why-livingsocials-50-million-password-breach-is-gr
aver-than-you-may-think/) . Ars Technica. Retrieved November 8, 2014.
21. Goodin, Dan (July 12, 2012). "Hackers expose 453,000 credentials allegedly taken from Yahoo service
(Updated)" (https://arstechnica.com/security/2012/07/yahoo-service-hacked/) . Ars Technica.
Retrieved November 8, 2014.
22. Goodin, Dan (January 31, 2013). "How Yahoo allowed hackers to hijack my neighbor's e-mail account
(Updated)" (https://arstechnica.com/security/2013/01/how-yahoo-allowed-hackers-to-hijack-my-neig
hbors-e-mail-account/) . Ars Technica. Retrieved November 8, 2014.
23. Goodin, Dan (January 31, 2014). "Mass hack attack on Yahoo Mail accounts prompts password reset"
(https://arstechnica.com/security/2014/01/mass-hack-attack-on-yahoo-mail-accounts-prompts-pass
word-reset/) . Ars Technica. Retrieved November 8, 2014.
24. "Exclusive: Elite hackers target WHO as coronavirus cyberattacks spike" (https://www.reuters.com/art
icle/us-health-coronavirus-who-hack-exclusive/exclusive-elite-hackers-target-who-as-coronavirus-cyb
erattacks-spike-idUSKBN21A3BN) . Reuters. 24 March 2020.
25. "WHO reports fivefold increase in cyber attacks, urges vigilance" (https://www.who.int/news-room/de
tail/23-04-2020-who-reports-fivefold-increase-in-cyber-attacks-urges-vigilance) . World Health
Organization. Retrieved 29 April 2020.
27. "3.2 million debit cards compromised; SBI, HDFC Bank, ICICI, YES Bank and Axis worst hit" (http://eco
nomictimes.indiatimes.com/industry/banking/finance/banking/3-2-million-debit-cards-compromised-
sbi-hdfc-bank-icici-yes-bank-and-axis-worst-hit/articleshow/54945561.cms) . The Economic Times.
20 October 2016. Retrieved 20 October 2016.
28. Gallagher, Sean (September 18, 2014). "Credit card data theft hit at least three retailers, lasted 18
months" (https://arstechnica.com/security/2014/09/credit-card-data-theft-hit-at-least-three-retailers-l
asted-18-months/) . Ars Technica. Retrieved November 8, 2014.
29. http://krebsonsecurity.com/2014/07/banks-card-breach-at-goodwill-industries/
30. Lemos, Robert (September 19, 2014). "Home Depot estimates data on 56 million cards stolen by
cybercriminals" (https://arstechnica.com/security/2014/09/home-depot-estimates-data-on-56-million
-cards-stolen-by-cybercrimnals/) . Ars Technica. Retrieved November 30, 2014.
31. Goodin, Dan (December 4, 2013). "Credit card fraud comes of age with advances in point-of-sale
botnets" (https://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-
point-of-sale-botnet/) . Ars Technica. Retrieved November 8, 2014.
32. Farivar, Cyrus (December 19, 2013). "Secret Service investigating massive credit card breach at
Target (Updated)" (https://arstechnica.com/security/2013/12/secret-service-investigating-alleged-cre
dit-card-breach-at-target/) . Ars Technica. Retrieved November 8, 2014.
33. Goodin, Dan (December 20, 2013). "Cards stolen in massive Target breach flood underground "card
shops" " (https://arstechnica.com/tech-policy/2013/12/cards-stolen-in-massive-target-breach-flood-u
nderground-card-shops/) . Ars Technica. Retrieved November 8, 2014.
34. Goodin, Dan (February 5, 2014). "Target hackers reportedly used credentials stolen from ventilation
contractor" (https://arstechnica.com/security/2014/02/target-hackers-reportedly-used-credentials-st
olen-from-ventilation-contractor/) . Ars Technica. Retrieved November 8, 2014.
35. Goodin, Dan (January 16, 2014). "Point-of-sale malware infecting Target found hiding in plain sight" (h
ttps://arstechnica.com/security/2014/01/point-of-sale-malware-infecting-target-found-hiding-in-plain-
sight/) . Ars Technica. Retrieved November 8, 2014.
36. Goodin, Dan (April 1, 2012). "After the hack: FAQ for breach affecting up to 10 million credit cards" (htt
ps://arstechnica.com/business/2012/04/frequently-asked-questions-about-a-hack-that-may-affect-10
-million-credit-cards/) . Ars Technica. Retrieved November 8, 2014.
37. Goodin, Dan (March 30, 2012). " "Major" credit-card breach hits Visa, MasterCard (Updated)" (https://a
rstechnica.com/business/2012/03/massive-credit-card-breach-reportedly-hits-visa-mastercard/) .
Ars Technica. Retrieved November 8, 2014.
38. Goodin, Dan (September 18, 2012). "Two men admit to $10 million hacking spree on Subway
sandwich shops" (https://arstechnica.com/security/2012/09/romanians-cop-to-10-million-hacking-
spree/) . Ars Technica. Retrieved November 8, 2014.
39. Bangeman, Eric (June 20, 2005). "CardSystems should not have retained stolen customer data" (http
s://arstechnica.com/uncategorized/2005/06/5015-2/) . Ars Technica. Retrieved November 8, 2014.
41. Bangeman, Eric (June 23, 2005). "Scope of CardSystems-caused credit card data theft broadens" (htt
ps://arstechnica.com/uncategorized/2005/06/5031-2/) . Ars Technica. Retrieved November 8,
2014.
42. Jonathan M. Gitlin (July 22, 2005). "Visa bars CardSystems from handling any more transactions" (htt
ps://arstechnica.com/uncategorized/2005/07/5129-2/) . Ars Technica. Retrieved November 8,
2014.
43. Dance, Scott (20 May 2015). "Cyberattack affects 1.1 million CareFirst customers" (http://www.baltim
oresun.com/health/bs-bz-carefirst-data-breach-20150520-story.html) . Baltim. Sun.
Retrieved from
"https://en.wikipedia.org/w/index.php?
title=List_of_cyberattacks&oldid=1038084221"