2011 was a big year in terms of online security. From well-publicized data breaches of major companies to the takedown of giant botnets, cybercrime made many headlines. And though hackers came up with more innovative ways to steal information and wreak havoc on the Web, the spotlight on online security vulnerabilities prompted both officials and average users to be more vigilant. Here, we recount the major online security highlights and lowlights of the year.
Rustock Botnet Takedown (March 2011)
Rustock, the Russian botnet that was the main source of global spam, was effectively crippled after law enforcement and Microsoft collaborated to seize control of servers and cripple the network. Officials were able to work quietly under the radar to make the takedown a surprise to the hackers behind it, paving the way for future collaborative efforts.
Epsilon Gets Scammed (April 2011)
The largest distributor of permission-based email in the world, marketing company Epsilon (utilized by big name companies like JP Morgan Chase and Capital One) was compromised when an attack on its servers accessed millions of consumer email addresses and other information shared by the company’s high-profile clients. Potential damage estimates totaled up to $4 billion.
Sony PlayStation Network (April/June 2011)
In possibly the most notorious breach of the year, more than 75 million Sony customers had their info stolen, including addresses and passwords, when hackers compromised the Sony PlayStation Network in April. The network was subsequently put offline for 40 days, and Sony estimated the damage would cost $170 million. Worse, just when they thought the coast was clear, two months later hacker group LutzSec claimed responsibility for an attack on Sony Online Entertainment group, resulting in the theft of another 25 million customers’ info. Though various suspects have been arrested, the company is still rebounding from the damage.
CitiGroup Is Targeted (May 2011)
Nearly 1 percent of CitiGroup’s North American customers had their financial information compromised when hackers infiltrated the bank’s system, stealing info from 200,000 members, including names, account numbers, and email addresses. The breach left many concerned about online security regulation for banks and financial institutions.
Anonymous Declares War On Cartels, Then Retreats (October/November 2011)
After a member of hacktivist group Anonymous was kidnapped, Anonymous warned Mexico’s Zetas drug cartel that if the cartel didn’t free a kidnapped member of the group, the group would release an alleged 25,000 Mexican government emails containing the names of Zetas members and associates. However, when the kidnapped member was subsequently released, the group announced it would not publish the information.
Malware Infects Androids (October/November 2011)
Smartphones (and mobile apps) continued to be vulnerable to malware exploitation, particularly Android phones, which have an open platform. This year the problem only grew. According to the Juniper’s Global Threat Center, Android saw a 472-percent increase in mobile malware from July to November 2011. Consumers are advised to be careful when downloading mobile apps.
Operation Ghost Click Nabs Botnet Masterminds (November 2011)
After several years and cooperation between international agencies, the FBI arrested six Estonian hackers charged with creating a powerful botnet that infected around 4 million computers in more than 100 countries, including 500,000 infections in the U.S. The botnet affected more than just average users’ computers; it affected “computers belonging to individuals, businesses, and government agencies such as NASA,” according to the FBI.
