郭曉陽
Cyber-attack can happen to any digital user at any time and at any place.
Some might be harmless or might cause just a little damage. But there are a few types of cyber-attacks that have caused significant damage and have taken entry in the list of most significant cyber-attacks.
1. Cyber-attack on Yahoo!
One of the most prominent Internet giant, Yahoo suffered a big blow when the security of their 3 billion user accounts was put on stake.
The names, dates of birth, email addresses, passwords as well as security questions and answers of 3 billion users were put on stake. The attack took place in 2013-2014.
The attack had severely affected the company; the Yahoo group that was once valued at $100 billion was finally sold off to Verizon for only $4.48 billion for its core Internet business.
The name of the company was later changed to Altaba, Inc. after the sale.
2. eBay cyber-attack
Another cyber-attack that shook the entire world was the users database hacking by the intruders.
The e-commerce giant was subjected to a major cyber-attack in May 2014 when hackers intruded into the users database using their corporate employees accounts.
The hackers had complete access into their network for about 229 days. The breach compromised the sensitive information like names, dates of birth, addresses, and encrypted passwords of around 145 million users.
But as per the company, the financial data of the customers was safe as it was stored in a separate database and was not compromised. The breach resulted in widespread criticism of the company and incurred great losses.
3. Equifax cyber-attack
Equifax one of the US largest credit bureaus, faced a major blow when the data of its 143 million costumers was hacked.
The customers sensitive information including birth dates, Social Security Numbers, addresses, and drivers license numbers was hacked by the intruders.
The attack did not end with hacking only the personal information; even the credit card information of around 209,000 consumers was stolen too.
According to the company, the application vulnerability on their site resulted in the data attack. The attack was exposed on July 29, 2017, but was suspected to have started in mid-May the same year.
4. Target stores data breach
End of December 2013 gave a big blow to Target stores when they discovered that a data breach into their system had compromised the credit/debit card details and/or contact information of around 110 million people.
The hackers penetrated into their private network by exploiting their vulnerability through a third-party vender for HVAC system to POS payment card readers. The cyber-attack cost them around $162 million.
The CEO and CIO of the company had to resign after this major cyber-security issue.
5. Uber cyber-security breach
Data breaches are common events in the current digital world. How the companies deal with it, also plays an equally important role. Uber was subjected to a data breach in late 2016. The company was not much criticized as its take on this attack was.
The breach resulted in compromising names, mobile phone numbers and email addresses of 57 million Uber users and 600,000 Uber drivers driver license numbers.
The company discovered the breach in late 2016 but made it public almost after a year. Not only that the company offered the hackers an amount of massive $100,000 to destroy the data without verifying they actually did.
The breach had resulted in the loss of both the reputation and finances of the company. The company was in negotiation to sell its stakes to Softbank, at the time the breach was announced. The breach lowered the value of the deal from $68 billion to $48 billion.
6. JP Morgan Chase data breach
JP Morgan, one of the finest banks of the USA suffered from a cyber-attack which compromised the contact information—names, addresses, phone numbers and email addresses of 6 million households and 7 million small businesses.
There were no monetary losses. The hackers gained privilege over 90 bank servers. July of 2014 would really have been tough for JP Morgan to have a deal with all such critical issues.
7. Cyber-attack on Sony PlayStation Network
One of the biggest data breaches in the gaming industry of all times happened on the Sony PlayStation Network. April 20, 2011, is a date that will always be remembered in the gaming industry for the biggest data breach in the gaming industry.
The hackers hacked 77 million Network accounts. These accounts had 12 million accounts that had unencrypted credit card numbers.
The hackers hacked full names, e-mails, credit card numbers, passwords, purchase history, PSN/Qriocity logins and passwords, and home addresses.
Sony incurred losses of an estimate of $171 million. It resulted in an initial $15 million reimbursement in a lawsuit over the breach.
8. RSA Security Attack
March 2011, is a date that is still in debates for the cyber-security breach of the mighty security giants SecurID authentication tokens of the company RSA.
The hackers successfully managed to perform phishing attack on RSA employees and impersonated as individuals and intruded into the network of the company. The attack is estimated to have stolen 40 million employee records.
9. Adobe cyber-attack
Another big cyber-attack that shook the IT giant Adobe happened in October 2013.
The attack compromised the personal information including customer names, IDs, passwords and debit and credit card information of over 38 million users.
The company paid $1 million as legal fees to resolve prerogatives of violating the Customer Records Act and biased business practices.
When market biggies like Yahoo, eBay, Equifax, etc. can get trapped in the trap of cyber-attacks, you too can! So be aware and follow all cyber-security safety measures religiously and BE SAFE!
數(shù)字用戶可能隨時(shí)隨地遭遇網(wǎng)絡(luò)攻擊。
有些網(wǎng)絡(luò)攻擊可能不會造成任何危害,或危害微不足道。有些類型的網(wǎng)絡(luò)攻擊則造成了重大損失,入列最嚴(yán)重網(wǎng)絡(luò)攻擊。
1. 雅虎遭遇的網(wǎng)絡(luò)攻擊
最知名互聯(lián)網(wǎng)巨頭之一雅虎遭受過嚴(yán)重網(wǎng)絡(luò)攻擊,其30億用戶的賬戶安全曾岌岌可危。
30億雅虎用戶的姓名、出生日期、電子郵箱地址、密碼以及安全問答都面臨風(fēng)險(xiǎn)。這次攻擊發(fā)生在2013至2014年。
這次攻擊對雅虎造成嚴(yán)重影響。估值一度達(dá)到1000億美元的雅虎集團(tuán),最終僅以44.8億美元的價(jià)格,將其核心互聯(lián)網(wǎng)業(yè)務(wù)出售給了威瑞森電信。
之后,雅虎公司更名為Altaba公司。
2. eBay遭遇的網(wǎng)絡(luò)攻擊
另一起轟動(dòng)全世界的網(wǎng)絡(luò)攻擊是eBay的用戶數(shù)據(jù)庫遭攻擊者入侵。
2014年5月,電子商務(wù)巨頭eBay遭遇嚴(yán)重網(wǎng)絡(luò)攻擊,黑客利用手中的企業(yè)員工賬號侵入eBay的用戶數(shù)據(jù)庫。
黑客擁有網(wǎng)絡(luò)的完全訪問權(quán)限達(dá)229天左右。這次攻擊造成約1.45億用戶的姓名、出生日期、地址、加密密碼等敏感信息泄露。
不過,eBay聲稱,客戶的財(cái)務(wù)數(shù)據(jù)存儲在另一個(gè)數(shù)據(jù)庫內(nèi),并未泄露,因此安全無虞。此次數(shù)據(jù)泄露使eBay遭到廣泛批評,并蒙受巨額損失。
3. 艾可菲遭遇的網(wǎng)絡(luò)攻擊
美國最大信用機(jī)構(gòu)之一艾可菲遭遇嚴(yán)重網(wǎng)絡(luò)攻擊,1.43億客戶數(shù)據(jù)遭入侵。
包括出生日期、社會安全號碼、地址、駕駛證編號在內(nèi)的客戶敏感信息遭攻擊者竊取。
此次攻擊不僅僅限于竊取上述個(gè)人信息,甚至約20.9萬名客戶的信用卡信息也被盜取。
艾可菲稱,公司網(wǎng)站上的應(yīng)用漏洞導(dǎo)致了這起數(shù)據(jù)攻擊。這次攻擊于2017年7月29日披露,但疑似同年5月中旬便已發(fā)生。
4. 塔吉特百貨數(shù)據(jù)泄露
2013年12月末,塔吉特百貨遭遇嚴(yán)重網(wǎng)絡(luò)攻擊,公司系統(tǒng)發(fā)生數(shù)據(jù)泄露,約1.1億人的信用卡/借記卡信息和/或聯(lián)系方式被盜。
黑客通過暖通空調(diào)系統(tǒng)的第三方供應(yīng)商,接入POS機(jī)支付卡讀取器,并利用此漏洞侵入公司的專用網(wǎng)絡(luò)。這次網(wǎng)絡(luò)攻擊造成約1.62億美元的損失。
塔吉特百貨的執(zhí)行總裁和信息主管在這次重大網(wǎng)絡(luò)安全事故后被迫辭職。
5. 優(yōu)步網(wǎng)絡(luò)安全漏洞
當(dāng)下的網(wǎng)絡(luò)世界,數(shù)據(jù)泄露屢見不鮮。企業(yè)如何應(yīng)對也同等重要。優(yōu)步在2016年下半年遭遇數(shù)據(jù)泄露事故。相對于公司本身,反倒是他們對待這起事件的態(tài)度更受非議。
這次攻擊造成5700萬優(yōu)步用戶的姓名、手機(jī)號、電子郵箱以及60萬優(yōu)步司機(jī)的駕駛證編號泄露。
優(yōu)步在2016年下半年就發(fā)現(xiàn)了數(shù)據(jù)泄露,但大約1年后才公之于眾。不僅如此,優(yōu)步還向黑客支付了一筆10萬美元的巨款,要求其將數(shù)據(jù)銷毀,卻并未核實(shí)黑客是否真正照做。
這次泄露事件使優(yōu)步的聲譽(yù)和財(cái)務(wù)雙雙受損。事件公開時(shí),優(yōu)步正協(xié)商出售股份給軟銀。此次數(shù)據(jù)泄露使協(xié)議價(jià)格從680億美元下滑至480億美元。
6. 摩根大通銀行數(shù)據(jù)泄露
美國最佳銀行之一摩根大通曾遭遇網(wǎng)絡(luò)攻擊,致使600萬家庭和700萬小型企業(yè)的聯(lián)系方式泄露,包括姓名、地址、電話號碼、郵箱等信息。
攻擊未造成金錢損失。黑客獲得了逾90臺銀行服務(wù)器的權(quán)限。對于摩根大通來說,2014年7月要解決所有這些重要問題確實(shí)困難重重。
7. 索尼游戲網(wǎng)絡(luò)遭遇的攻擊
電子游戲行業(yè)史上最嚴(yán)重的一次數(shù)據(jù)泄露發(fā)生在索尼的游戲網(wǎng)絡(luò)上。2011年4月20日將因這起游戲業(yè)最嚴(yán)重的數(shù)據(jù)泄露事件永遠(yuǎn)被業(yè)界銘記。
黑客入侵了7700萬索尼游戲網(wǎng)絡(luò)賬戶。其中1200萬個(gè)賬戶存有未經(jīng)加密的信用卡號。
黑客竊取了用戶全名、電子郵箱、信用卡號、密碼、購買記錄、PSN/Qriocity登錄賬號和密碼,以及家庭住址等信息。
據(jù)估計(jì),索尼蒙受了1.71億美元的損失。在這起數(shù)據(jù)泄露引發(fā)的訴訟中,索尼支付了1500萬美元的初步賠償。
8. RSA遭遇的安全攻擊
2011年3月仍是一個(gè)引發(fā)爭議的日子,網(wǎng)絡(luò)安全巨頭RSA公司的SecurID認(rèn)證令牌在這天遭遇安全攻擊。
黑客成功地對RSA員工實(shí)施了釣魚攻擊,假冒員工侵入RSA的企業(yè)網(wǎng)絡(luò)。據(jù)估計(jì),這次攻擊盜取了4000萬份員工檔案。
9. 奧多比遭遇的網(wǎng)絡(luò)攻擊
另一起大型網(wǎng)絡(luò)攻擊發(fā)生于2013年10月,撼動(dòng)了信息技術(shù)巨頭奧多比公司。
這起攻擊導(dǎo)致逾3800萬用戶的個(gè)人信息泄露,包括客戶姓名、身份證號碼、密碼、借記卡和信用卡信息。
奧多比支付了100萬美元的訴訟費(fèi),以平息違反《客戶記錄法案》和不正當(dāng)商業(yè)行為的指控。
既然雅虎、eBay、艾可菲等市場巨頭都能落入網(wǎng)絡(luò)攻擊的陷阱,你也可能身陷其中!因此,務(wù)必小心并嚴(yán)格遵守所有的網(wǎng)絡(luò)安全防范措施,注意安全!
(譯者為“《英語世界》杯”翻譯大賽獲獎(jiǎng)?wù)撸?/p>