Cybercriminals and hackers had a big year in 2011, taking on everyone from Sony and the authentication-token maker RSA to the CIA and even a notorious Mexican drug cartel. During the Arab Spring, the headline-hounding hackers in the LulzSec and Anonymous groups showed just how vulnerable anyone’s online presence is, even that of major governments.What can we expect in 2012? More of the same, or a dynamic shift in what crooks want? And how will they go about getting it?
It’s too early for the answers, but 2012 has already seen its share of cybercriminal incidents. Starting with the most recent targets, here’s a list of hackers’ most-daring exploits and the data breaches, compromises, data leaks, thefts, threats and privacy invasions that have made this a year to watch. Free Web Security Scanner www.nstalker.com.N-Stalker scans web application for 35,000 attacks, SQL & XSS injection.Ads by GoogleFeb. 27: Stratfor WikiLeaks began publishing more than 5 million emails it obtained from the Austin, Texas-based global consulting firm Stratfor. The emails, WikiLeaks said, highlight Stratfor’s dubious financial dealings, global cover-ups as well as coordinated campaigns to subvert WikiLeaks and its founder, Julian Assange. It’s not known exactly how WikiLeaks obtained the emails, but signs point to Anonymous, which hacked Stratfor’s servers late last year and made off with emails and credit card numbers.Feb. 14: Nortel Valentine’s Day proved anything but romantic for Nortel, the Canadian telecom company currently in bankruptcy. It turns out that hackers, believed to be operating from China, had been spying on Nortel for at least a decade, the Wall Street Journal reported. Using seven passwords stolen from top executives, the cybercriminals infiltrated Nortel’s servers and downloaded technical papers, research-and-development reports, employee emails, business plans and other confidential data.Feb. 14: Combined Systems Inc. Proudly hoisting the hacktivist flag, the ever-present Anonymous hacking network took credit for knocking Combined Systems Inc., a Jamestown, Pa., security company, offline and stealing personal information from its clients. As reported by the Associated Press, Anonymous said it went after Combined Systems, which sells tear gas and other crowd-control devices to law enforcement and military organizations, to protest “war profiteers” and to commemorate the one-year anniversary of the bloody citizen uprising in Bahrain.Feb. 14: Brazzers.com A 17-year-old hacker said he tapped into an inactive forum run by the hard-core porn site Brazzers and used it to expose the personal information of more than 350,000 registered users. The site’s parent company, Luxembourg-based Manwin Holding SARL, said no credit-card data had been compromised. The hacker, based in Morocco, said he leaked the information not to embarrass the site’s customers or to make money, but simply to highlight how vulnerable popular websites are. Not surprisingly, the teen hacker said he had aligned himself with the Anonymous movement.Feb. 10: Central Intelligence Agency For the second time in less than a year, Anonymous launched a distributed denial-of-service attack that temporarily knocked the website of the Central Intelligence Agency offline. The CIA takedown capped a busy week for the hacktivist pranksters; in 10 days, the group went after Chinese electronics manufacturer Foxconn, American Nazi groups, anti-virus maker Symantec and the office of Syria’s president.Feb. 8: Office of the Syrian President During an especially active week of digital daring, Anonymous leaked a cache of emails from Syrian President Bashar Assad’s office, including one particularly candid email in which one of Assad’s media advisers preps him for an interview with Barbara Walters and tells him that the “American psyche can be easily manipulated.”Feb. 8: Foxconn With Apple facing worldwide scrutiny over the questionable working conditions at Foxconn, a Chinese company that assembles iPhones and iPads (as well as devices for Dell, Sony, IBM, Microsoft, Samsung and others), it was only a matter of time before hacktivists took up the cause. In this case, it wasn’t Anonymous but a group called Swagg Security (SwaggSec) that struck the first blow, making off with staff email logins and credentials that could allow an attacker to place a fraudulent order.Feb 7: Hamas The Israeli hacking group IDF Team launched an attack against a Hamas website, qassam.ps, knocking it offline to protest the site’s anti-Israeli stance. This was not an isolated incident; it was instead the latest strike in a calculated monthlong battle between Israeli and Arab hackers that began Jan. 3, when a Saudi Arabian hacker calling himself 0xOmar posted 15,000 Israeli credit-card numbers.