What’s the best way to rate and compare a bunch of really terrible events? There’s no Richter scale for malicious cyber attacks. And, like Chekov’s famous quip about unhappy families each being “unhappy in its own way,” the worst hacks are often those that find new ways to hurt. The recent attack on Sony Pictures Entertainment certainly belongs to that list – without a doubt. While the full extent of the breach has yet to be charted, the company has already seen its valuable intellectual property (unreleased movies, scripts, etc.) turned loose on torrent sites and its sensitive email communications laid bare. That’s especially bad in a business like entertainment, where reputation is everything.
But Sony isn’t the first company to have its bones picked clean by hacktivists, state sponsored cyber warriors or disgruntled insiders. Here’s a quick list of five other firms that have also been left seeing stars by hackers:
HBGary Federal (Anonymous)
Image via anonymous.
In 2010, HBGary Federal was a little known, Washington D.C. computer security startup selling information security services to the U.S. Government. That was before then-CEO Aaron Barr began digging in to the identities of the hacker group Anonymous. His efforts caught the attention of Anonymous members’, who attacked the company on Super Bowl weekend, February 5–6, 2011, using a compromise of the company’s Google account to take over Barr’s Twitter account, defacing the HBGary website and raiding company e-mail servers of tens of thousands of documents from both HBGary Federal and HBGary, Inc. Those e-mails – many involving sensitive business with the firm’s Beltway clients – including Bank of America and Berico, were posted online, spurring further controversy. HBGary was acquired by the firm ManTech International in 2012.
Saudi-Aramco (“Cutting Sword of Justice”)
Image via Wikipedia.
Before there was Sony, there was “Shamoon,” the attack on Saudi oil giant Saudi-Aramco and other companies in 2012. In fact, the attack bears a striking resemblance to the recent hack of Sony. Like the most recent hack, a previously unknown hacktivist group, “The Cutting Sword of Justice” took responsibility for the attack on Saudi Aramco – and then promptly disappeared. Also like the Sony hack, infected machines at Saudi Aramco had their hard drives wiped clean by the Shamoon malware – which shared some similarities with the malware used against Sony.
DigiNotar (“Comodohacker”)
Image via Pastebin.
When your business is vouching for the online identities of others, a security breach can be a terminal event. That was the case with the Dutch certificate authority Diginotar (a division of Vasco) in 2011 after the firm was discovered to be the source of bogus certificates in the name of Google and other prominent online properties. The bogus certificates were used to carry out “man in the middle” attacks against hundreds of thousands of Iranian citizens who were users of Google’s Gmail. A subsequent investigation revealed that more than 500 fake certificates had been issued by Diginotar between July and September, 2011. Ultimately, the Dutch government took over management of DigiNotar's systems and the company declared bankruptcy within the month.
Code Spaces (Unknown)
Image via Code Spaces.
You know that a hack is bad when the word “murder” is bandied about to describe what was done to your company. And that’s a word that was used to describe the June, 2014 attack on Code Spaces, a seven year-old service that provided hosted project management and code repositories.
The company found itself in a bind after hackers took control of the Amazon Web Services (AWS) control panel that the company used to manage all of its cloud-based assets – both production and backup systems- and demanded ransom to return control to the company. An attempt by Code Spaces staff to regain control resulted in the attackers ‘killing the hostage’: deleting both live and backup servers and customer data. In the end, Code Spaces was forced to tell customers that their data had been lost and that its business would cease operation.
The NSA (Edward Snowden)
Image via Security Affairs.
No list of devastating hacks would be complete without mentioning former Dell Inc. and Booz Allen Hamilton contractor Edward Snowden’s sustained hack of the world’s most secretive (and security conscious) organization: the National Security Agency. For an agency whose very existence was a secret for years, the NSA proved a relatively easy target for Snowden, who used his system administrator access and run-of-the-mill social engineering strategies to gain access to a treasure trove of information on the spy agency’s monitoring of domestic and international communications, as well as the doings of spy agencies in other “Five Eyes” countries, including the U.K. and Australia. Those documents were provided to journalists in Europe and the U.S. Revelations stemming from his leak of classified data are still being made.
About Paul Roberts
Paul Roberts is the founder and editor in chief of The Security Ledger. Paul has spent the last decade covering hacking, cyber threats and information technology security, including senior positions as a writer, editor and industry analyst. Most recently, he served as editor of Threatpost.com and a Security Evangelist for Threatpost’s corporate parent, Kaspersky Lab. Prior to that, Paul spent three years covering the enterprise IT security space as a Senior Analyst in The 451 Group’s Enterprise Security Practice, where he covered trends and technology developments in the security market, with a concentration in endpoint security.
