The 5 most important hacks of the last five years

You would get very little argument from anyone that the security threat landscape has changed significantly since the start of this decade. Mega-breaches, ransomware, nation-state threat actors, insider leaks – all of these have moved the goal posts a long way from where they were just a few short years ago.

We spoke with Michael McKinnon, from AVG, at last week’s AISA National Conference and asked him what he through the five most important or influential hacks or breaches of the last five years.

Interestingly, most of his list came in the last couple of years signalling that the threat landscape has not yet stabilised and new actors with different motivations are still evolving.

1 – Edward Snowden

“The one I think is the probably most contentious and, depending on your point of view, whether it constitutes a hack or a breach clearly has to be the actions of Edward Snowden,” says McKinnon.

What Snowden’s actions did is highlight the power of the insider threat. Snowden’s ability to use inherited privileges and exploit the cracks in systems gave him unfettered access to massive swathes of confidential information.

Although it’s arguable whether Snowden’s actions did more harm than good, McKinnon says the breach “clearly shifted the ground about how we think about security and privacy fundamentally for all of us,” says McKinnon.

2 – Ashley Madison

Although the Ashley Madison breach is very recent, occurring in July 2015, McKinnon says it has changed many perceptions about security.

“What’s interesting is, given the level of access this hacking team had, and the level of information they revealed you have to assume there’s some sort of insider access,” says McKinnon.

With database tables, email and other corporate data leaked this is one of the most egregious exfiltrations of data.

“It was a reminder of just how personal some of this private information can be and how it could potentially affect the lives of some people. It stands out head and shoulders about any other because of its impact and severity”.

McKinnon likened the Ashley Madison breach with the celebrity photo hack of August 2014. He says AVG looks at user responsibility when it comes to the consumption of breached data where users might be tempted to look at information about co-workers or people they know.

Read more: Google asks devs to disable iOS 9 privacy feature 'to protect advertising'

“One of the fascinating aspects of this is when it comes to the breached information – what’s our motivation for looking at it and are we making the problem worse by looking at it?”.

3 – Sony

“This was an interesting example of a hack because Sony really went after the media on this,” says McKinnon. “Of course, they were in full-flight response mode, trying to quell the media attention they were getting at the time”.

One of the key learnings from the Sony hack was that a very determined and highly skilled threat actor could access far more data and carry out far more damage than anyone had really understood until that point.

“What I found interesting about the Sony hack, from a technical point of view, was there was a lot of speculation – and I’ve spoken with a lot of people who say they had connections with hacking circles – that it was fairly well known that Sony had been breached much earlier on. There were adversaries in their network for quite some time but nothing really happened”.

McKinnon says the take-away from the Sony breach is “if you haven’t secured your stuff, you’ve left the backdoor open – don’t assume it’s one person inside your network. In many cases it could be multiple parties inside your network and it becomes very difficult to separate who’s in there and who the actual attacker is”.

4 – Adobe 2013

The Adobe breach of 2013, when their systems were breached and about 130 million customer records were breached, signalled the start of the mega-breach era. Although the Target breach might have garnered more press and seen some high profile sackings, it was Adobe that “launched” the mega-breach era.

Read more: ​Cloudy File Security: The New Data Leakage Frontier

“The thing that stands out is the sheer size of it,” says McKinnon. “130 million unique accounts and passwords were revealed”.

As a result of the breach users were asked to change their passwords and it highlighted that password re-use by users created a previously under-recognised risk.

“You can not trust a single password with anyone,” says McKinnon.

5 – The One I Can’t tell You About

“I’m playing devil’s advocate here to make a point. The name of the last breach is the one I can’t tell you about. And the reason I can’t tell you about it is we’ve all got war stories about clients we’ve worked with and breaches of companies but because of confidentiality and non-disclosure agreements they can’t be talked about. Not every hack hits the press”.

McKinnon says there are still hackers out there who care about the “art of hacking” and are keeping stolen data on their hard drives with no intent of distributing it – yet. However, there are also more targeted and sinister attackers as well.


#AISAcon2015

Join the CSO newsletter!

Error: Please check your email address.

Tags Michael McKinnonEdward SnowdenAdobe 2013#AISAcon2015sonyransomwareAshley MadisonCSO Australiathreat landscape

More about AISASony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place