Currently set to No Index

2014 Hacker Attacks: There Were More Than You Know

While the world was in an uproar about the alleged North Korea hack on Sony Pictures, many other organizations were compromised as a result of loopholes and deficiencies in their web security. Many of these attacks did not receive as much publicity as the North Korea and Sony Pictures fiasco did. Here is a brief look at some of the other cyber attacks that were going on around the same time.

Who Were the Biggest Hacks of 2014?

Rackspace

Rackspace was the victim of a several hour DDoS (Distributed Denial of Service) attack that left its DNS servers at their London, North Virginia, and Chicago data centers overwhelmed. Company engineers noticed that its DNS requests weren’t resolving at around 12:54 AM EST on December 22, 2014, as a result of the DNS attack. To fix the issue, Rackspace engineers began reducing the amount of services that were running on the affected servers which may have caused some of their legitimate traffic to be blocked.

Approximately 12 hours later, Rackspace had restored much of its DNS service, but not without complications. A small percentage of DNS services that were routing legitimate and DDoS traffic had been blacklisted, and the resolution required further investigation and tweaking by engineers. The complete breach was resolved later on that day.

To prevent further complications from this attack, Rackspace began implementing a Root Cause Analysis to gain better insight and information on what lead to the DDoS attack so they can take the necessary precautions to prevent this type of incident from happening again in the future.

ICANN Network

An unknown hacker used email spoofing to compromise ICANN (Internet Corporation for Assigned Names and Numbers) in November 2014. The hacker gained access to the company’s internal systems using the credentials of an employee. During the attack, emails were created to look as if they came from ICANN’s domain and sent out to other employees in the organization. The emails may have contained links to bogus websites, which encouraged employees to type in their security credentials, thus providing the hacker with access to their usernames, passwords and other types of confidential information.

RELATED:   Connecting With Free Online Cybersecurity Tools and Educational Resources

Employee names, email addresses and other personal data are stored in ICANN’s Centralized Zone Data System (CZDS) and were compromised as a result of the breach. In addition to the CZDS being breached, ICANN’s blog, GAC Wiki, and WHOIS were all compromised as well.

To resolve the breach, ICANN disabled and reset all passwords and advised its employees to take extra precautions with other online accounts that they have used the same username and password for.

JP Morgan Chase

In what may be forever known as the attack that should have never happened, JP Morgan had to deal with the aftermath of a cyber-attack that reportedly affected at least 83 million of its customers and small business clients. Had JP Morgan implemented a security update to add a two-step authentication process to its servers, the security breach could have been prevented.

The bank states that this situation was very limited in its scope and the only information compromised was email passwords, addresses, and phone numbers. To determine the extent of the breach, JP Morgan is currently in the process of running an internal review to discover any other remaining and potential loopholes that could create security problems in the future. As of this moment, the origin of the attack is not known.

RELATED:   ResellerChoice Offers Perks to New Clients

PlayStation Network and Xbox Live

On December 7th, 2014, PSN servers were down. Hacker group Lizard Squad informed the world on Twitter that it was responsible for the attack on PlayStation Network. While Lizard Squad is known for using DDoS attacks on their targets, officials at Sony are not sure if the attack is DDoS in nature. The PlayStation Network was previously taken offline back in August 2014 by the same group. Lizard Squad is also claiming responsibility for the attack that left Xbox Live servers down for several hours on December 1, December 5, and again on December 25, 2014.

PSN’s attack comes right on the heels of a previous attack on Sony in which a large amount of private company information was exposed to the public, via the internet. At the current time, not much information is available on how the attacks were resolved, but both PlayStation Network and Xbox Live Networks are up and running.

Challenges These Companies Face

Security breaches and cyber attacks are on the rise. While no company is completely safe, large companies are far more likely to be compromised because they have access to more sensitive data that hackers want. Large companies are experiencing an increasing number of security breaches and are often left scrambling in embarrassment to clean up the mess that these breaches create.

RELATED:   How to Install ModSecurity in CentOS

Some of the most world’s popular companies such as JP Morgan Chase, ICANN and Xbox are not quite prepared for the methods that hackers use to infiltrate their systems. While careful consideration must be given to each organization’s infrastructure, it is apparent that drastic and revolutionary security measures need to be taken sooner than later. As companies resort to adding more software and technology into their infrastructures, more effort needs to be given to identifying the vulnerabilities that software and technology create.

Evolution of Cyber-Attacks

The face of cyber-attacks has evolved. Now hackers use many different tactics including spear-phishing, DDoS, USB devices and other fraudulent methods to compromise some of the world largest and most well-known organizations. These attacks don’t happen all at once; instead they happen persistently. Once hackers gain access to a system, they lurk and systematically steal information for extended periods of time. In many cases, an organization can be compromised using an employee’s credentials while the employee and the company remain unaware of the breach.

There is a problem with the way that organizations are dealing with these attacks. Companies are scrambling and playing catch up when hackers are steadily evolving their tactics to remain ahead of the game. A deeper look needs to be given to software and security protocol to determine where the risks exist so that solutions can be created to get rid of the loopholes. Organizations should invest more of their resources to implement a host of security strategies and measures to protect its vulnerabilities and its customers.

Top image ©GL Stock Images

whg_banner.new.10k

How to Find a Successful Name For Your New Blog?
How to Find a Successful Name For Your New Blog?

One of the most important decisions you can make to ensure your blog is among the best is to select a name. While there are more than 500 million blogs available...

How-to Start a Blog – Review of the Best 10 Blogging Platforms
How-to Start a Blog – Review of the Best 10 Blogging Platforms

If you want to start a blog as fast as possible, then you need to consider choosing a blogging platform. Thankfully, there are some excellent free and paid blogging platforms...

How Referral Marketing Can Benefit Web Hosts
How Referral Marketing Can Benefit Web Hosts

Even if the niche of web hosts are fully loaded with a lot of companies they are still one of the easiest to promote because you could write your own...

Broken Links: How to Find, Fix, and Benefit from Broken Links
Broken Links: How to Find, Fix, and Benefit from Broken Links

Links are what holds the web together. Essentially, the web is named as such because of the ability for pages and sites to link to other sources and relevant information....

Brand Value & the Most Powerful Brands (with Infographic)
Brand Value & the Most Powerful Brands (with Infographic)

Brand value – everyone wants it, however, only few are able to achieve it. The subject of “brand value” holds a significant position amongst marketers, executives, and entrepreneurs. Let’s discuss...

Reasons why your business should shift to Cloud hosting
Reasons why your business should shift to Cloud hosting

Cloud hosting has been on the rise since its inception. The improvement to your website performance and business efficiency that comes with Cloud hosting is almost tangible.

Why We Love the IT Support Career?
Why We Love the IT Support Career?

In almost all of my posts I was talking about the stressful side of the IT – the long hours, end user issues, migrations, midnight calls and the like. But...

IT Manager: Ways To Show Your Appreciation To Your Team
IT Manager: Ways To Show Your Appreciation To Your Team

Surely your team struggled hard and made things happen. You cannot say “this is what you get paid for” and just leave – you cannot keep your IT staff that...

Leave a Reply

Your email address will not be published. Required fields are marked *