2011 is turning out to be busy for those involved in information security, so far there have been the following information security related incidents in the headlines during the first 5 months of the year:
February 2011 HB Gary hack attack by the group known as Anonymous.
March 2011 RSA hack stole token data, (attackers were reportedly advanced persistent threats).
April 2011 Sony hack data theft reportedly involving information related to 77 million accounts and 2.2M credit cards.
April 2011 Epsilon victimized by a hack attack, email addresses stolen.
WikiLeaks related attacks perpetrated by the group known as Anonymous.
April 2011 Ritz-Carlton Hotel customers data stolen in a hack attack.
April 2011 Amazon Web Services cloud outage (non-availability).
May 2011 Lockheed Martin (details were not disclosed).
May 2011 Woodside Petroleum (Australia’s largest oil company said attacks were coming from everywhere).
May 2011 Public Broadcasting (a phony news story and lists of reporters accounts and passwords were posted to a PBS site.)
May 2011 A New York Congressman reported a lewd photo had been mailed when his Twitter account was hacked.
Hacking is a type of directed attack typically executed by an external human using tradecraft methods to exploit accessible vulnerabilities and inflict damage. Protection methods are usually applied to limit the damage inflicted during an attack, limit the duration of an attack or deter an attacker. The effectiveness of any protection measures in use is clearly at issue when a successful attack occurs. Forensic tools and methods are used to analyze attacks allowing lessons learned to be captured and documented. Data theft is often motivated by financial gain, focused on credit card data for sale to fraudsters or email addresses for sale to spammers.
Non-availability incidents occur for any number of reasons, often not involving malicious activity. Such incidents can grow as related resources cascade into failure, a phenomena with potentially wide spread impact.
The Internet is often used to deliver the attack. The nature of giant public networks facilitate anonymity while being reliable and predictable.
The list does not include a huge number of incidents based on malicious code that have become common events or the large number of incidents involving sensitive, typically government, sites that never make it into the press.
The rapidly evolving sophistication of hacking attacks is a cause for concern. State sponsored activity involving “Advanced Persistent Threats” is emerging from behind the curtains as a valid concern for enterprises worldwide. The press in not likely to suffer from a shortage of material for their headlines for the remainder of 2011.