Computerworld

Features

10 of the worst moments in network security history
Spam, hackers, worms -- oh my! Events that shock sensibilities and shaped the future
Ellen Messmer (Network World) 13 March, 2008 09:09
  • 1 of 10
There
There's not much spam in that: May 3, 1978 Digital Equipment Corp. marketing guy Gary Thuerk gets technical assistance to send what's regarded as the first "spam" message to thousands on the government-funded Arpanet, predecessor of today's Internet. Arpanet management decries the mass e-mail as a "flagrant violation" of Arpanet rules. Good thing they nipped that in the bud.
There's not much spam in that: May 3, 1978 Digital Equipment Corp. marketing guy Gary Thuerk gets technical assistance to send what's regarded as the first "spam" message to thousands on the government-funded Arpanet, predecessor of today's Internet. Arpanet management decries the mass e-mail as a "flagrant violation" of Arpanet rules. Good thing they nipped that in the bud.Morris, that worm: Nov. 2, 1988 - present: Cornell student Robert Morris claimed he unleashed this bad boy not to cause damage but to estimate the size of the Internet. True or not, his handiwork cascaded into a denial-of-service attack that hit an estimated 6,000 Unix computers in an era when only about 60,000 such machines comprised the Internet.Mafiaboy knee-caps heavies: Feb. 7, 2000 Amazon, eBay, Yahoo, Dell, E-trade and CNN are all struck down by a massive distributed denial-of-service attack traced to a Montreal-area teen calling himself Mafiaboy; real name, Mike Calce. He's caught and sentenced under the Canadian youth-court system to eight months of "open custody," whatever that means, a light fine and restricted use of the Internet. Ouch.Nothing says I love you like: May 4, 2000 The ILoveYou worm, also called VBS/Loveletter and the Love Bug Worm, scoots from Hong Kong around the globe in no time, infecting an estimated 10% of all connected computers. Inboxes overflowed at many organizations, including the Pentagon, CIA and British Parliament. Business servers were brought to their knees.Code Red I and II: July 13, Aug. 4, 2001 The first Code Red attack exploits buffer-overflow vulnerabilities in unpatched Microsoft Internet Information Servers, infects an estimated 395,000 computers in one day alone, defaces Web sites and launches Trojan code in a denial-of-service attack against fixed IP addresses, including the White House and Microsoft. The event prompts the director of the FBI's National Infrastructure Protection Center to hold a press conference. A few weeks later, Code Red II surfaces as a variant that tries to infect computers on the same subnet. The Code red assaults raises awareness about patching and pave the way for future worms: SQL Slammer, Blaster, Sobig, Sasser, Netsky and Witty.Military snagged in botnet: 2004 The US Department of Defense discovers computer systems at the Naval Warfare Center and the Defense Information Systems Agency have been compromised and turned into a botnet to send spam, launch DoS attacks and commit other crimes. Investigators follow the forensic trail to Jeanson James Ancheta, 20, who's arrested in 2005. Ancheta admits to generating more than $107,000 in payment for sending spam or launching DoS attacks through 400,000 infected computers. He gets five years and fines.Storm a-brewin': Jan. 17, 2007 First noticed in early 2007, the Storm botnet works by bringing compromised machines under a command-and-control system, hard to shut down, for purposes of spam and phishing. Estimates of Storm-compromised machines range from a few million to 50 million.TJX redefines data breach: Jan. 18, 2007 US-based retailer discloses massive data breach of its network that has compromised an estimated 45.7 million customer records and personal records. Analysts call it the largest known data breach involving card data in history.Cyberattack on Estonia: April 27, 2007 Estonia, a country of about 3 million people bordering Russia, has a well-developed network infrastructure that came under a crushing cyberattack that made its most important government, banking and media Web sites unavailable. Security experts analyzing the cyberattack believe it was triggered by the "Russian blogosphere," which triggered a second phase that included specially designed bots, dropped onto home computers. Some suspect the Russian government was involved, a charge dismissed by the Kremlin.Trader run amok: Jan. 24, 2008 Societe Generale, the large French financial services firm, discloses that one of its low-level options traders, Jerome Kerviel, has committed stock fraud worth an astonishing US$7 billion, the largest in history traced to rogue trading . Kerviel placed huge bets in unauthorized trades and covered up his tracks with fake e-mail. In a case still playing out in the French legal system, the 31-year-old Kerviel has admitted to masterminding the scheme but is publically saying Societe Generale was "complacent" about his activities as long as his bets were winning.

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

 

Computerworld Webinar

Thursday, June 11th, 2009
10:30am EST (Sydney, Australia)
Screening at your PC

Computerworld is hosting a 30 minute live webinar to help you to learn how unified communications can save you money, foster innovation and business agility by making it easier for people to find, reach and collaborate with one another.

Register Now

Most Popular
IT Media Releases
Most Popular Whitepapers
Computerworld Community Comments
Videos
Most Commented
Get a job Careerone
Whitepaper
Read Whitepaper

Data Center Eco-Nomics

Discover the pathway towards greener, more efficient operations. Learn how real customers are leveraging their green efforts to drive toward the dynamic data centre of the future. Click through to watch this webinar now.

Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links
 
Send Us E-mail | Privacy Policy
Features List | Media Kit | Advertising | Contact Us
Copyright 2009 IDG Communications. ABN 14 001 592 650. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.