Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The worst security snafus of 2012 – so far

Ellen Messmer | July 16, 2012
Could things really be this bad? From the embarrassing hack of a conversation between the FBI and Scotland Yard to a plethora of data breaches, security snafus have ruled the first half of 2012. Here's a look at some of the worst snafus month-by-month.

February

Right in the midst of a conference call the FBI was having with its agents and law-enforcement officials overseas at Scotland Yard, cybercriminals hacked their way into the phone conversation, recorded it and posted it online. The conversation was about hackers facing charges in the U.K. The group Anonymous took credit for the intercepted call. The FBI said it appeared likely the cybercriminals may have hacked into a law-enforcement official's email to get the information for the conference call dial-in.

Other February Snafus:

" Brazilian banks were targets for distributed denial-of-service attacks, with massive assaults against HSBC Brazil, Banco da Brasil, Itau Unibanco Multiplo SA and Banco Bradesco SA. Hactivists took credit for the DDoS spree.

" Whistleblowing website Cryptome.org, dedicated to exposing confidential information, was compromised by an intruder that loaded an attack code that tried to launch drive-by exploits at visitors to the site.

" The University of Florida had to notify 719 individuals that their Social Security numbers were improperly stored on a state website operated by the Bureau of Unclaimed Property for more than six years.

" Verizon had to acknowledge the Verizon 4G LTE network was knocked offline again just two months after its last serous outage. The outage on Feb. 22 lasted from about 10 a.m. to 1:20 p.m.

" Microsoft's Azure cloud infrastructure and development service experienced a serious worldwide outage on Feb. 29. Microsoft later blamed the outage on a "Leap Year Bug" that was triggered in a key server housing a certificate that had expired on midnight on Feb. 28, and a time-calculation control hadn't taken into account the extra day in the month of February this year.

" Taiwan-based Apple supplier Foxconn was hacked by a hacker group calling itself Swagg Security, apparently in protest related to media reports about poor working conditions at the electronics manufacturer's factories in China. The hackers posted usernames and passwords that they said would allow attackers to place fraudulent orders under other companies' names, including Microsoft, Apple, IBM, Intel and Dell.

" The FBI arrested a computer programmer in New York and charged him with stealing proprietary software code from the Federal Reserve Bank of New York (FRBNY). The software is known as the Government-Wide Accounting and Reporting Program (GWA), which handles all kinds of U.S. government financial transactions, and it cost over $9 million to develop. The accused thief, Bo Zhang, a contract employee at FRBNY, used the GWA code in a private business he ran to train individuals in computer programming. Zhang, a Chinese citizen in the U.S. on a work visa since 2000, is also known as "Bryan Zhang," and in a plea agreement in April he pled guilty to theft of government property, admitting he'd copied the code onto an external hard drive and then transferred the GWA program to a home computer, knowing that was wrong.

 

Previous Page  1  2  3  4  5  6  Next Page 

Sign up for CIO Asia eNewsletters.