10 of the worst moments in network security history

Spam, hackers, worms -- oh my! Events that shock sensibilities and shaped the future

  • Trader run amok: Jan. 24, 2008 Societe Generale, the large French financial services firm, discloses that one of its low-level options traders, Jerome Kerviel, has committed stock fraud worth an astonishing US$7 billion, the largest in history traced to rogue trading . Kerviel placed huge bets in unauthorized trades and covered up his tracks with fake e-mail. In a case still playing out in the French legal system, the 31-year-old Kerviel has admitted to masterminding the scheme but is publically saying Societe Generale was "complacent" about his activities as long as his bets were winning.

  • Morris, that worm: Nov. 2, 1988 - present: Cornell student Robert Morris claimed he unleashed this bad boy not to cause damage but to estimate the size of the Internet. True or not, his handiwork cascaded into a denial-of-service attack that hit an estimated 6,000 Unix computers in an era when only about 60,000 such machines comprised the Internet.

  • Storm a-brewin': Jan. 17, 2007 First noticed in early 2007, the Storm botnet works by bringing compromised machines under a command-and-control system, hard to shut down, for purposes of spam and phishing. Estimates of Storm-compromised machines range from a few million to 50 million.

  • Military snagged in botnet: 2004 The US Department of Defense discovers computer systems at the Naval Warfare Center and the Defense Information Systems Agency have been compromised and turned into a botnet to send spam, launch DoS attacks and commit other crimes. Investigators follow the forensic trail to Jeanson James Ancheta, 20, who's arrested in 2005. Ancheta admits to generating more than $107,000 in payment for sending spam or launching DoS attacks through 400,000 infected computers. He gets five years and fines.

  • Cyberattack on Estonia: April 27, 2007 Estonia, a country of about 3 million people bordering Russia, has a well-developed network infrastructure that came under a crushing cyberattack that made its most important government, banking and media Web sites unavailable. Security experts analyzing the cyberattack believe it was triggered by the "Russian blogosphere," which triggered a second phase that included specially designed bots, dropped onto home computers. Some suspect the Russian government was involved, a charge dismissed by the Kremlin.

  • There's not much spam in that: May 3, 1978 Digital Equipment Corp. marketing guy Gary Thuerk gets technical assistance to send what's regarded as the first "spam" message to thousands on the government-funded Arpanet, predecessor of today's Internet. Arpanet management decries the mass e-mail as a "flagrant violation" of Arpanet rules. Good thing they nipped that in the bud.

  • Nothing says I love you like: May 4, 2000 The ILoveYou worm, also called VBS/Loveletter and the Love Bug Worm, scoots from Hong Kong around the globe in no time, infecting an estimated 10% of all connected computers. Inboxes overflowed at many organizations, including the Pentagon, CIA and British Parliament. Business servers were brought to their knees.

  • TJX redefines data breach: Jan. 18, 2007 US-based retailer discloses massive data breach of its network that has compromised an estimated 45.7 million customer records and personal records. Analysts call it the largest known data breach involving card data in history.

  • Mafiaboy knee-caps heavies: Feb. 7, 2000 Amazon, eBay, Yahoo, Dell, E-trade and CNN are all struck down by a massive distributed denial-of-service attack traced to a Montreal-area teen calling himself Mafiaboy; real name, Mike Calce. He's caught and sentenced under the Canadian youth-court system to eight months of "open custody," whatever that means, a light fine and restricted use of the Internet. Ouch.

  • Code Red I and II: July 13, Aug. 4, 2001 The first Code Red attack exploits buffer-overflow vulnerabilities in unpatched Microsoft Internet Information Servers, infects an estimated 395,000 computers in one day alone, defaces Web sites and launches Trojan code in a denial-of-service attack against fixed IP addresses, including the White House and Microsoft. The event prompts the director of the FBI's National Infrastructure Protection Center to hold a press conference. A few weeks later, Code Red II surfaces as a variant that tries to infect computers on the same subnet. The Code red assaults raises awareness about patching and pave the way for future worms: SQL Slammer, Blaster, Sobig, Sasser, Netsky and Witty.

Show Comments