Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/27/2013
11:06 AM
50%
50%

9 Notorious Hackers Of 2013

This year's hacking hall of shame includes members of Anonymous and the Blackhole cybercrime gang, plus state-sponsored groups.
Previous
1 of 10
Next

From DDoS attacks to NSA hacks

(Source: Peggy Reimchen)
(Source: Peggy Reimchen)

Who should make the list of the world's most notorious hackers in 2013?

If recent years are any guide, crime-committing hacktivists should loom large. In 2011, LulzSec stormed on to the scene, pulling off 50 days of hacks that mixed technical savvy with PR acumen. But by 2012, the leaders of LulzSec had been arrested, as had many participants in high-profile Anonymous operations, thanks to a concerted effort by the FBI and its counterparts overseas. By the end of 2013, some of the best-known domestic hackers with political aims either were in jail or, in the case of some people arrested in Britain, had already served time and were on parole.

Policing hacks launched from non-allied countries has always been a different story, given the Department of Justice's inability to arrest, extradite, or sometimes even identify suspects operating from certain countries. For example, many crimeware toolkit-driven campaigns that use bots to steal personal financial details and then remove millions of dollars from banks are run from Russia or former Soviet satellites that have no extradition treaty with the United States.

Foreign attackers who hold a political grudge against the United States likewise remain tough to stop. Last year, a group of foreign attackers -- backed by the Iranian government, US government officials have alleged -- launched Operation Ababil, a series of distributed denial-of-service (DDoS) attacks against US banks. Those attacks continued into their fourth wave in 2013, making them the longest-running series of online attacks in history. Despite the timing and the targets being revealed in advance, targeted banks often had difficulty blunting the DDoS attacks.

Also on the overseas tip, US officials increased their denunciation of state-sponsored Chinese hackers in 2013. Though China had long been suspected of hacking businesses and government agencies, government officials began publicly pointing the hack-attack finger after the security firm Mandiant published evidence of what it said was an elite PLA military online hacking team, which it had linked to the theft of intellectual property from US businesses, as well as the theft of US military secrets.

Hacking has long been defined -- loosely, anyway -- in terms of white, black, and gray hats, referring to hackers who pursue ethical computer security research (white hats), people who hack solely for their own gain or at the expense of others (black hats), and people who fall somewhere in the middle (gray hats). Clearly, Chinese APT attacks, crimeware toolkits, bank DDoS exploits, and other leading hack attacks were evidence of black-hat behavior.

But the world turned a lot more gray beginning in the middle of 2013, after Edward Snowden, a National Security Agency contractor, fled to China and began leaking 1.7 million secret NSA documents. Those disclosures, which are ongoing, have begun to pull back the curtain on America's massive online surveillance apparatus. For example, we've learned that the agency hacked into tens of thousands of PCs abroad, as well as hacking into Internet backbone communications or technology giants' datacenters directly, to allow the agency to eavesdrop on foreign and domestic communications.

Who are the good guys and bad guys now? Click the image above for this year's list of the most notorious hackers.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
1/6/2014 | 7:40:57 AM
Re: Have to agree
I really thought this would be addressed when we the country got a CIO... Then we had the summer of Anonymous attacking sites and we never really got a main stream explanation of what was going on or why.  I think part of it is just a lack or understanding by the media and the attitude toward attacks on web sites is that it's just childish pranks.  
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/3/2014 | 7:52:40 AM
Re: Have to agree
That's a great question. There's really no shortage of public news and information for anyone who wants to learn more and stay on top of the situation. It's the age-old dilemna of how to raise security awareness. You would think our leaders would take it upon themselves to have at least a basic understanding of digital security issues. Yet even security professionals struggle with the issue. Ira Winkler wrote a great piece about it recently: Why Security Awareness is Like an Umbrella. 
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
1/3/2014 | 7:14:28 AM
Re: Have to agree
I guess the question then would be how do we raise awareness without overblowing the situation.  We don't want to make them all out to be public enemy number one but we do need to draw enough attention that people are aware of what is possible, what is happening and hopefully educate themselves on how to avoid it.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/2/2014 | 10:33:17 AM
Re: Have to agree
I tend to agree with you @jg, that outside the security community, the general public is unaware of most of the notorious hackers and why they are important. What's worse, I don't have a lot of confidence that our public leaders (elected and appointed) truly get what they need to know to develop policies that protect us.
SaneIT
50%
50%
SaneIT,
User Rank: Apprentice
12/30/2013 | 8:32:36 AM
Re: Have to agree
I don't think the NSA are doing themselves any favors but I also wonder how many people would recognize any of the other individuals listed.  We all know about Snowden because he's been a daily news story but what about Sabu? Aside from those that were burned when the started working with the government to turn in other hackers and IT folks who follow things like this does anyone know who he is or why he was news worthy?
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
12/30/2013 | 6:00:03 AM
Have to agree
Have to agree with the NSA being at the #1 spot. The revelation of its involvement in worldwide sureillance was the biggest rug pulling on internet privacy that's ever come to light. 
virsingh211
50%
50%
virsingh211,
User Rank: Apprentice
12/30/2013 | 3:36:03 AM
Re: 10
I would like thank author for including Edward Snowden in blog, Snowden was one to change my thinking towards hacker, he revealed the spying that is taking place. Many consider him a villain. I, on the other hand, hold him up in the hero category for one simple reason, His disclosure of classified documents unveiled the NSA's mass surveillance program. I was reading an article on WSJ which says Snowden Will Speak More in 2014, source: http://blogs.wsj.com/washwire/2013/12/29/snowden-will-speak-more-in-2014-adviser-says/.

 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/28/2013 | 11:36:06 PM
10
A suggestion for the tenth: Those behind the Target hack on customer credit card numbers.  We're still somewhat in the dark about that.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.