2014 A year in review

2014 – A year in review

2014 was definitely not a quiet year with regards to breaches and other security hacks. There has been a large number of high profile cases (to obviously include Sony as well as several other big names ebay, dropbox, gmail and snapchat images!)

Because of the changing landscape of the ‘Internet of things’ with more and more people and devices becoming connected, the threat landscape is constantly changing.

Gerhard Eschelbeck (1) tells us that “The growing popularity of the “Internet of Things” (e.g., mobile devices, applications, social networks, and interconnected gadgets and devices) makes the threat landscape a moving target. New threats arise with emerging technologies like near field communications (NFC) being integrated into mobile platforms. Innovative uses of GPS services to connect our digital and physical lives present new opportunities for cybercriminals to compromise our security and privacy.

So what were some of the highlights?

Sony

I think we will start off with the most publicized attack in the media.

Sony Pictures Hack

Image 1. Sony Pictures Hack, retrieved from Vox.com

There was the very publicised attack on Sony Pictures Entertainment, this is still being unveiled as I write this and is probably going to have ramifications for Sony Pictures Entertainment in the months if not years to come with law suits from employees etc.
For more details see It all roughly started on November 24th 2014 when employee screens started showing an image of a skeleton with a threatening message (See image retrieved from Vox.com) The image is followed by messages that the hackers have also retrieved alot of Sony’s internal data and that if they dont ‘obey’ their instructions that they will release the companies ‘top secrets’, Sony’s network was down for days and there are reports that staff were forced to work on paper and whiteboards.
Calling themselves “Guardians of Peace” (GOP) the hackers say that they have obtained 100 terabytes of data stolen from Sony servers which include secret data as well as raw footage. Over the next coming days and weeks, the group release data and films online, some films were said to have been downloaded over 1 million times in a week,
Sony Suggested that North Korea was responsible over their film ‘The Interview’, North Korea dismiss the allegation although they say they were glad it happened!.

The Interview Poster retrieved from

Image2. The Interview Poster retrieved from Businessinsider.com

Salaries of Sony executives as well as employees are leaked. Sony hires a Cyber security firm to help investigate the leak, The FBI also launched its own investigation.
For more details see Sony Cyber Attack 

Xbox and Playstation Networks Taken down by a DDOS on Christmas Day

Who knows the amount of kids who were heart broken when they couldnt connect to the XBox or Playstation networks on Christmas day after it was hit by a DDOS attack by Lizard Squad. The attack stopped after Kim Dotcom reached out to Lizard Squad directly, promising them 3,000 Lifetime accounts on his encrypted upload service, Mega. Lizard Squad bit and stopped the attack

For more details see playstation-and-xbox-networks-attacked-on-christmas-day-by-a-ddos-attack

Facebook Scams

Bitdefender reported on up to 850,000 face book scams over 2 years (source http://www.bitdefender.com/media/materials/white-papers/en/Bitdefender_WhitePaper_Facebook_Scams_web.pdf)

Apple iPhone, ipad and Mac computers subjected to a MITM Attack

Even Apple’s reputation with its alleged secure environment tarnished with an Man In The Middle Attack (MITM) attack on a SSL issue with the iPhone, iPad and Mac computers (source http://www.zdnet.com/article/10-top-security-threats-of-2014-so-far/)

 

References

1.Gerhard Eschelbeck CTO, Sophos
Sophos Security Threat Report 2014
http://www.sophos.com/en-us/threat-center/security-threat-report.aspx Retrieved 30/Dec/2014

2. Vox.com The Sony hack: how it happened, who is responsible, and what we’ve learned updated by Timothy B. Lee on December 17 2014
http://deadline.com/2014/12/sony-hack-timeline-any-pascal-the-interview-north-korea-1201325501/ retrieved 30/Dec/2014

3. A Timeline Of The Crazy Events In The Sony Hacking Scandal
http://uk.businessinsider.com/sony-cyber-hack-timeline-2014-12?r=US#ixzz3NOAcl7wj retrieved 29/Dec/2014

Images
1. Image retrieved from Vox.com 30/Dec/2014
http://www.vox.com/2014/12/14/7387945/sony-hack-explained

2. Image retrieved from
http://uk.businessinsider.com/sony-cyber-hack-timeline-2014-12?r=US#ixzz3NOAcl7wj retrieved 29/Dec/2014

Leave a Reply