2017 is coming to an end and cybercrime incidents and numbers are, no surprise, increasing again from previous years. From data breaches to cryptocurrency steals, passing through critical infrastructure attacks, we have compiled our 2017 top 10 cybercrime list…here is what we got ordered from less to more impacting. This year is done, let’s keep contributing to make a safer 2018!
10.- Dallas’ Emergency Sirens woke up the city
It was almost midnight of Friday’s 8th of April. Emergency Sirens of the city of Dallas start sounding and people woke up and flood 911 for news to try to understand what was happening. After the initial investigation, the police discovered the alarms were triggered by an external entity using wireless radio hacking techniques. The attack itself didn’t have critical impact other than disturbing thousands of people sleep, but it demonstrated a vulnerability on critical safety systems. It could have been used for worst purposes, such as disabling alarms during an emergency situation.
9.- HBO, winter is coming for Behzad Mesri
Following the renowned Sony Pictures hack, its competitor HBO suffered a similar breach in August. The credentials to access private servers with employee data, future episodes and other critical data were stolen from employees’ laptops. The cybercriminal requested 6M$ USD in cryptocurrencies to not publish this information online. But “winter came” for the cybercriminal, he was identified as Behzad Mesri, living in Iran. He is currently charged with a computer fraud, wire fraud, extortion and identity theft. While he hasn’t been captured yet, he won’t be probably living his best days bound in Iran.
8.- Pizza Hut, a quite expensive dinner for some customers
Few bank accounts were reported emptied during October. The only common thing among victims was they had ordered a Pizza a few days ago. This “sherlock holmes” riddle was resolved when Pizza Hut sent an email to its customers admitting their website and apps were hacked during 28 hours and customer data, including personal and payment information data, was leaked. Over 60.000 customers were impacted. The direct and indirect cost caused this to the company on attending customer calls, insurance impacts or loss of reputation hasn’t been publicly exposed. But definitely a significant bite.
7.- Uber, a chain of unfortunate and poorly managed events
2017 has been probably the worst year for Uber in terms of public image. The fact that more than 57 million users data was reported stolen in November didn’t help. How the cybercriminals got it done was far from being sophisticated. They got user and password from the source code repository. But the story gets even worst, Uber admitted having paid cybercriminals to hide the leakage, which wasn’t actually effective because the data went public. This is definitely a chain of unfortunate events poorly managed by the Silicon Valley giant, that brings this incident to our top 10 list.
6.- Cronbot, the first mobile banking trojan
A Russian cybercrime organization was finally arrested May 23rd in Moscow. They had been stealing money from bank accounts during at least 2 years, using the first denominated “mobile banking trojan”. By the creation of fake Mobile apps whose look and feel was exactly the same as the real apps, they were able to infect Android phones with a malware that was intercepting SMS-sent banking codes, passwords, etc. Although only 900.000USD have been actually reported as stolen by this group, the real number including operations that were not discovered or attributed to them would be much higher.
Img: The hacker news
5.- Gmail phishing, old techniques still work
The simulation of emails sent from trusted providers containing malicious links or documents is an old technique. However, the phishing attack that millions of Gmail users received back in March was extraordinarily sophisticated. Not only the email came from an actual trusted contact, the link appeared to be extraordinarily real, but the most amazing thing was that the email content looked like being using the sender’s style. The amount of information robbed in this incident is incalculable.
4.- Triton, a new Nuclear Plant threat
The recently discovered industrial targeted Triton is one of the more sophisticated pieces of malware discovered this year. It brings our minds back to the Stuxnet attack in 2010. Triton was able to gain remote control of a Nuclear Plant in a non-disclosed location and cause the disruption of the whole plant. While just little details of the attack have been published, the rumors target probably a national intelligence service due to the complexity of the attack, as well as the lack of economic incentive for it.
3.- WannaCry, the world most renowned malware
The world suffered the worst ransomware incident so far on May 12th, this year. It was spread at light speed over more than 150 countries in few hours, affecting nearly half a million of corporate computers. Only 0.07% of the victims paid the bitcoin amount to get its computers rescued. Even with the bitcoin value bubble raise this would be only a few hundred thousand USD for cybercriminals. However, the operational impact on all those companies that were stopped for days fixing the issue place this in the bronze position of our ranking. The US just attributed the attack to North Korea and announced retaliation. Another contribution to the cold war both countries are involved in these days.
2.- Ethereum steal, the cryptocurrency craziness
Cryptocurrencies are nowadays on the top of the news due to its continuous fluctuation on a crazy speculation race. One of the key doubts (risks) about cryptocurrencies is around its security. In July 2017 the biggest cryptocurrency steal so far happened. The cybercriminals were able to empty wallets created by Parity Software, including casinos and other actors. The hack was reported trivial to explode, but the quantity stolen have today a value of 133 Million USD due. Those incidents definitely don’t contribute to the stability of this 21st century “new gold”.
1.- Equifax, the worst data breach in the world so far
The first position in our raking undoubtedly goes to the credit firm Equifax. Marked as the worst data breach in the history, it exposed sensitive data of more than 143 millions of people, including social security numbers, addresses, banking information, etc. This information is valued in around 30$ per record on the black market, making a potential deal for cybercriminals of 4.2 Billion USD. Not bad for a “simple” exploitation of a public vulnerability of the Apache Server in the Equifax website. The CEO announced 5 post incident service packages for its customers “free of charge” (i.e. paid by Equifax), and retire from its position immediately after.