This was a banner year for cybercrooks and hacktivists. From the Anonymous collective taking on a notorious Mexican drug cartel, to the massive breach at the authentication token company RSA, to the freewheeling LulzSec hackers who burst on the scene and wreaked havoc for 50 days before sailing off into the sunset, hackers had a field day in 2012. The news wasn't totally sunny for Apple and Android either; both felt the heat from malware makers who proved that no matter how secure a product is supposed to be a laptop, a smartphone, an app there's always a way to compromise the security of the millions of people who rely on it.
SecurityNewsDaily compiled a list of the 10 biggest cybercrime incidents of 2012. To take the tour, click "next" in the top right corner.
As a result of possibly the largest data breach ever, affecting more than 100-million customers , Sony suddenly took its PlayStation Network and Qriocity on-demand entertainment services offline April 20. Two days later, Sony explained that there had been an "external intrusion" that had forced the shutdown of the networks.
On April 26, it admitted that intruders had accessed the user records of millions, whose real names, email addresses, passwords, home addresses and telephone numbers had all been stored in unencrypted text. Sony said the associated credit-card numbers had been encrypted, but at the same time criminals were offering purported Sony-associated credit-card numbers in online bazaars and anecdotes came in of mounting credit-card fraud among PlayStation Network users.
No hacking group caused more trouble, or had more fun, than Lulz Security, better known as LulzSec .
The freewheeling band of digital pirates and mischief makers first made itself known in early May with an attack on the website for the Fox broadcast network. The following weeks saw the group take on an astounding number of targets, including PBS, the C.I.A., the U.S. Senate, the Arizona Department of Public Safety, AT&T, Britain's Serious Organized Crime Agency (SOCA) and video game giant Bethesda Softworks.
The group succeeded in captivating the Web during its reign of terror, often living up to its "lulz" namesake by posting jokes on its Twitter feed and mocking the security companies and law enforcement agencies tasked with bringing it down.
Finally, on June 25, Lulzsec announced it was calling it quits, throwing in the towel and, in fitting with its nautical theme, sailing off into the sunset after a prolific 50-day spree.
In March, RSA, the Mass.-based maker of SecurID authentication tokens, used by an estimated 40-million employees of large government agencies and companies to log into secure networks, announced that its network had been penetrated and sensitive data had been accessed.
The fallout from the RSA hack was devastating: Lockheed Martin, the largest provider of IT services to the U.S. government, suffered a serious network disruption in May stemming from an intruder using a stolen SecurID token. Hackers then used the same stolen tokens to illegally tap into the networks of Northrop Grumman and L-3 Communications.
Months later, a security expert found the malware-laden phishing email that kicked off the RSA hack. It was embarrassingly simple and proved that even employees responsible for securing the nation's most sensitive information can be duped by a seemingly honest plea. The email said, "I forward this file to you for review. Please open and view it."
In early February, Aaron Barr, chief executive of the Washington, D.C.-based cybersecurity firm HBGary Federal, told a reporter he had unmasked the identities of several members of the shadowy hacking group Anonymous, and would make his findings known at a security conference later that month.
Anonymous got wind of Barr's claim and struck first , bringing down HBGary Federal's website, hacking into Barr's Twitter account, posting his home address, cellphone number and Social Security number and leaking 50,000 of his personal emails.
But that was only the beginning of this twisted cybercrime story. While attacking Barr, Anonymous also leaked 70,000 HBGary emails. It turned out those emails detailed a strategic plan, formed in conjunction with two other D.C.-area cybersecurity firms, to attack WikiLeaks by spreading disinformation, pressuring journalists to negatively portray the whistleblower site, and to launch cyberattacks against WikiLeaks-related websites.
Long believed to be impervious to malware, the pristine veneer protecting Apple desktops and laptops started to show some cracks in 2011.
In early May, a malware campaign used rigged Google images to sneak a bogus fake anti-virus program called "MacDefender " onto computers operating Safari on Apple's OS X operating system. MacDefender, also seen in the wild as MacProtector and MacSecurity, was a particularly nasty piece of scareware, demanding a ransom from its victims and redirecting their browsers to porn sites until they purchased the bogus software.
On May 31, Apple, after nearly three weeks of denying the malware even existed, released a security update designed to clean up Macs infected with the rogue AV program. But MacDefender would not be beaten so quickly; within hours of the update, cybercrooks released a new variant of the malware.
The emergence of the scareware, and crooks' willingness to keep modifying it, underscored the fact that as Apple and its army of popular devices grow more popular, scammers and thieves will continue to look for new ways to attack them.
2011 was a huge year for Android. Google's smartphone platform dominated the mobile market, selling more than 440 million phones in the third quarter alone.
But unfortunately, Android's massive success came at a price. An unprecedented amount of malware emerged this year specifically targeting Android phones. Nasty offenders like "DroidDream," "DroidDreamLight," "GingerMaster" and "Spitmo" found their way onto phones, making off with banking credentials and other personally identifiable information, harvesting phone numbers, sending premium-rate text messages and generally wreaking havoc on infected devices.
Experts say that unless Google drastically revamps the security process governing its Android apps, next year could be just as problematic.
Actress Scarlett Johansson became the talk of the town this September, but it was for a different type of on-screen role than she's used to. Nude photos of the star hit the Web on September 14, and the exposed actress quickly got the FBI involved in tracking down whoever posted the self-shot pics that were taken on her cellphone.
About a month later, Florida police arrested Christopher Chaney, 35, and charged him with breaking into the email accounts of Johansson as well as Mila Kunis, Vanessa Hudgens and Christina Aguilera, and leaking risque, private photos.
The end of 2011 brought with it another Anonymous hacking operation, albeit one with higher stakes and a much more dangerous target than any of its previous opponents.
In the beginning of November, Anonymous released a video in which the group announced Operation Cartel and threatened to expose members of the Zetas, a powerful and notorious Mexican drug cartel, in retaliation for the alleged kidnapping of an Anonymous activist in Veracruz. On Nov. 3, just two days before the Nov. 5 deadline Anonymous gave the Zetas, the cartel released the kidnapped activist.
Anonymous unofficial spokesperson Barrett Brown still planned to expose 25,000 emails containing Zetas members' names after the prisoner was freed, but changed his tune after the Zetas said that for each cartel member's name Anonymous released, 10 people would be killed.
In November, cybersecurity researcher Joe Weiss wrote on his blog that hackers, apparently from Russia, had tapped into the automated computer network used to operate the Curran-Gardner Public Water District facility near Springfield, Ill., and caused a pump to malfunction over a period of months, leading to its eventual failure.
The Department of Homeland Security denied the hack , and the "official" document Weiss based his findings on was not made public. Nonetheless, the story sent shockwaves through the security community, as it was believed this was the first concrete example of a successful attack on a Supervisory Control and Data Acquisition System (SCADA) in the United States.
The infamous Stuxnet worm, the most well-known SCADA hack, hit nuclear plants in Iran in 2010, and Weiss' "expose" came soon after the emergence of "Duqu ," a SCADA-targeting Trojan believed to be a close cousin to Stuxnet.
So if this water-treatment plant was hacked from abroad, was this a harrowing portent of things to come?
Not at all. As it turns out, Jim Mimlitz, the contractor who helped set up the SCADA system for the Curran-Gardner facility, was on a family vacation in Russia in June when he received a call from someone at the plant asking for his advice. From his Russian IP address, Mimlitz remotely logged into the facility's SCADA network.
When the pump failed months later, it was assumed hackers must have been behind the incident. In reality it was just a guy doing some routine work while on vacation.
As 2011 drew to a close, the digital-security community cringed as government legislators and military officials geared up to make sweeping changes to the Internet without really understanding the consequences.
The House of Representatives was debating the Stop Online Piracy Act (SOPA), which was meant to stop the transmission of copyrighted material from foreign websites, but which security experts warned could "break" the Internet by fatally disrupting the global network-addressing system.
Meanwhile, several similar stories began to appear in the sort of newspapers that congressmen read, alleging widespread but thinly documented hacking of government and corporate servers by shadowy operators based in China . It all dovetailed with what military officials and spokespeople for leading anti-virus companies had been saying for months, and may be the harbinger of a full-blown cyberwar scare in 2012.