Today the word “Hacker” is synonymous with individuals who use technical know-how to gain illegal access to data. It came from a term first used in 1955 by the ‘Technical Model Railroad Club’ to describe how members would modify their high-tech train sets.
There are many thousands of “hacks” every year varying in size and severity. The motivation behind these attacks can range from financial rewards to gathering intelligence; sometimes it can purely be curiosity or aim to cause trouble. We had a look back to see some of the most legendary hacks.
Phreaking is the term used to describe the activity of gaining entry to secure telecommunication networks to make free phone calls. Considered one of the earliest forms of hacking, it began in the late 1950s and involved imitating the dialling tones used by phone networks to trigger switches.
Some of the tones used at the time by AT&T were for internal company usage only. One of these being a tone of 2600 Hz which would tell the telephone switch that the call had ended; if this was imitated and the phone was never put down, you would be able to carry out long-distance and international calls for free. This was discovered by a seven-year-old boy by the name of Joe Engressia who had perfect pitch and found that when he whistled the fourth E above middle C (2637.02 Hz), the phone recording stopped.
Years later a friend of Engrassia, John Draper, also known as Captain Crunch, learned that a toy whistle included in Cap’n Crunch cereal boxes emitted a tone of, you guessed it, 2600 Hz.
2. Heartland Payment Systems
One of the biggest credit card processing companies, Heartland Payment Systems, had a huge data breach in 2008 when two Russian hackers installed malware and managed to steal over 100 million debit and credit card numbers. Afterwards, they implemented rafts of security measures to ensure an attack would never happen again. So much so, in 2015 they issued a data breach warranty to their customers:
“Heartland Payment Systems is so confident in the security of its payment processing technology that, on Jan. 12, it announced a new breach warranty for its users. The warranty program will reimburse merchants for costs incurred from a data breach that involves the Heartland Secure credit card payment processing system.”
This confidence was however misplaced. On May 8th 2015, Albert Gonzales broke into their offices and stole computers with access to data such as banking info, social security numbers and payroll customers.
The perpetrator was caught and sentenced to 20 years in prison, whilst Heartland Payment Systems incurred $140 million in fines.
3. Melissa Virus
Named after an exotic dancer in Florida, according to it’s creator David Lee Smith, the virus was first posted in 1999 as a file on an internet newsgroup called “alt.sex”, with the promise that it contained passwords to gain free access to fee-based adult websites. When a user opened it in Microsoft Word, the virus was installed. The reason it spread so far and wide was that it would use the person’s Microsoft Outlook email to send the virus out to the first 50 people in their contact list.
The virus wasn’t intended to steal any money, but it overloaded the email servers of over 300 corporations and government bodies across the world. The cost to rectify affected computers and networks is estimated at $80 million.
This would act as inspiration for future cyber attacks and was effectively one of the first phishing attacks. On the other hand, it also led to improvements and a higher awareness of the threats posed all computer users.
4. NASA Cyber Attack
In 1999, NASA had to shut down computers that supported the international space station for 21 days after its network was accessed by a 15-year-old hacker, James Jonathon, who went under the name of ‘c0mrade’.
After first being introduced to computers at the age of six, where he would simply play games, his attention soon turned to learning programming languages and operating systems. After his parents became worried about his obsession with computers, they banned the use of his computer. He insisted that his time on the computer wasn’t affecting his high grades at school; it was later revealed that he had hacked into his school’s network to change his scores.
After installing malware on a server in Alabama, he was able to compromise 13 computers on NASA’s network and act as an employee, downloading source code which controlled the life support systems on the ISS. The worth of which was estimated to be in the millions. After discovering this, NASA disconnected the server and infected machines for three weeks to find the cause of the intrusion, costing them roughly 40 thousand dollars.
5. Adobe Cyber Attack
In 2013, software-maker, Adobe, reported that the personal data of 38 million of its users had been stolen in a cyber-attack. 33.1 million of those users had their customer IDs and passwords stolen, while the other 2.9 million had their debit and credit card compromised also.
Furthermore, parts of the source code to Adobe’s Photoshop, Acrobat and ColdFusion had been illegally accessed. These products are some of the most popular in their respective fields, with this breach, their programs could be copied which in turn may increase competition.
Something all of these hacks had in common, was that the victims of these breaches were unprepared and didn’t expect an attack to happen to them. These companies were forced to be more secure through having to react to a negative situation, rather than improving their cyber security beforehand. Instead of letting the worst happen, you should ensure your environment is secure to prevent breaches. If you’d like to find out how you can do this, get in touch with our team of Cyber Security Specialists today.