Top Ten Cybersecurity Stories of 2011

The year 2011 proved to be a busy one on the cybersecurity front, with significant attention being paid to attacks, breaches and general security issues.

Hackers' exploits this year were not necessarily new, but neither was the prioritization of the issue by policymakers, the media, and to a lesser extent, the private sector. Those who have been around the cybersecurity space for a while have seen much of this movie before -- though maybe this year was not a remake of the same film, but rather a sequel that just has some familiarity to it.

So looking back on the year, what were the top stories? Here is my list, in no particular order, though several other high-profile hacks and government actions, could have easily made the list as well.

  • Fingers point to China as a cyber threat. This past year, we saw more attention being paid to China as a cybersecurity threat to both government and corporate systems. The theft of intellectual property and proprietary information from remote systems often had companies and the federal government wondering if the Asian nation was behind the breaches and attacks. In particular, McAffee's exposure of Operation Shady RAT (remote access tool), which revealed that more than 72 organizations, including multiple governments, the United Nations, corporations and various others had been compromised over a five year period. Experts were quick to point to China as being behind the operation.
  • Even Security Companies are at Risk: the EMC Corp.'s RSA Breach. In March, RSA warned that it had been a victim of a data breach and that its SecureID token authentication technology may have been compromised. The attack on one of the premiere "security" companies of the world, was a reminder that no one is safe from attack. It also had repercussions as companies rushed to replace their SecureID tokens, especially in critical industries such as banking and defense. Indeed, an attack on Lockheed Martin in may traced back to the RSA theft and it was largely believed that attacks on Northrop Grumman and L-3 Communications were also related to the RSA theft. In response to the attacks, RSA agreed to replace the tokens of many of its clients.
  • Duqu Trojan: One of Five Stuxnet's Cousins. September saw the introduction of the Duqu Trojan, which attacks Microsoft Window systems using a zero-day vulnerability. Many believed the virus was related to Stuxnet, the worm discovered in 2010 that was said to be a threat to SCADA systems in Iran. Just yesterday, researchers revealed that Duqu and Stuxnet may be members of a larger family -- they've discovered commonalities between the two malware and at least three other malware. If that is the case, then this will be one of the top stories of 2012 as experts search for the identity of whoever (or whatever nation) created the malware.
  • Hacktivists: LulzSec and Anonymous. While Anonymous might be better termed a movement than a hacking gang, its collective activities in 2011 drew a significant amount of attention. Among its victims were HB Gary Federal, Sony (more than once), the Westboro Baptist Church, Bank of America, Stratfor, the Los Zetas drug cartel and various government entities. Another group that was active was LulzSec, which also attacked Sony, as well as PBS, Fox News, Nintendo, Bethesda Game Studios, and various governments and banks. In June, both hactivist groups teamed up for "Operation Anti-Security," which they claimed was intended to protest government censorship and monitoring of the Internet.
  • News of the World: Hacking Gone Wild. Hacking, or in this case, phone phreaking, went mainstream when it was revealed in July that News Corporation's News of the World hired an investigator to hack into a missing teenager's phone and delete messages. The news became more scandalous when it was revealed that they not only hacked into the murdered teen's phone, but possibly into the phones of families of British servicemen killed in action. Following the revelation, the paper folded and many of its former editors were arrested and/or jailed.
  • Epsilon: Data Breach Makes it Personal for Customers. In April, online marketer Epsilon revealed that it had been a subject of, yes, you guessed it, a hack. The names and emails of potentially millions of individuals were compromised. According to experts who analyzed the situation, the customers of the following companies may have had their information stolen: Kroger, TiVo, US Bank, JPMorgan Chase, Capital One, Citi, Home Shopping Network, Ameriprise Financial, LL Bean Visa Card, McKinsey & Company, Ritz-Carlton Rewards, Marriott Rewards, New York & Company, Brookstone, Walgreens, The College Board, Disney Destinations, Best Buy and Robert Half Technologies. Soon after the attack, these companies, along with numerous other Epsilon customers, began sending emails to their customers warning that their information may have been compromised and to be aware of email spam and phishing attacks.
  • Mobile and Vulnerable: When your Phone is Not Your Friend. As more people flocked to smartphones in 2011, so did the hackers and the privacy activists. On the hacking side, revelations that malware was spreading rapidly on smartphones, especially as the Android Market and similar sites allowed users to load apps that had not been checked for security. At the same time, apps that seem like one thing but actually come associated with fees, continue to proliferate on mobile devices. On the privacy side, the Carrier IQ scandal, along with concerns over geolocation privacy, made people more aware of just how much their phones know (and share) about them.
  • Congress: Cybersecurity Legislation, Here We Come! Congress continued to say that cybersecurity was a priority this year. In the House, the newly elected Republican Leadership created a Task Force, under the leadership of Rep. Mac Thornberry, R-Texas, to put together recommendations on cybersecurity legislation. The group's report came out in the second half of the year, with two bills following its release -- an information sharing bill in the House Intelligence Committee and an information sharing bill in the House Homeland Security Committee. Other Committees, including the Judiciary Committee, are expected to move legislation in the new year. Senate Leader Harry Reid, D-Nev., introduced a "shell" bill outlining priorities and tasking several Senate Chairs, including Homeland Security and Government Affairs Chairman Sen. Joe Lieberman, I-Conn., Commerce's Sen. Jay Rockefeller, D-W.V., Intelligence's Sen. Dianne Feinstein, D-Calif., Armed Service's Carl Levin, D-Mich., and Judiciary's Sen. Patrick Leahy, D-Vermont, to put together a comprehensive bill. Sections of a potential bill have been circulating and the Majority Leader has indicated that a bill will come to the Senate floor in the new year.
  • Nasdaq: Should Investors Worry? In February, the Nasdaq Stock Exchange discovered suspicious files on its servers, apparently put on the system by hackers. There was much concern that Nasdaq was not the true target but that an intruder was targeting executives at companies who use part of the Nasdaq server that was attacked. Perhaps Nasdaq was only the vehicle by which hackers could reach top corporations? If that was the case, the incident certainly puts a new twist on the meaning of a Trojan horse.
  • Operation Ghost Click: And Now, to End on a Positive Note . . . In November, six Estonian nationals were arrested for running one of the most significant Internet fraud rings that law enforcement has cracked. The ring used malware to infect approximately 4 million computers in more than 100 countries. The infected computers were being used to to make at least $14 million in Internet advertising fees.