How Hacks Can Target Banks and Nations

November 8, 2018

11:47 am

Hacking never seems to be far from the headlines. In the past month alone, Healthcare.gov, Facebook and British Airways each suffered a major cyber security breach, potentially revealing the information of millions of user accounts.

Given the ubiquity of hacking stories, you’d be forgiven for thinking all hacks are much the same. However, no two hacks are alike, either in the methods used or the data targeted.

For example, some hacks will target banks, seeking to gain access to internal networks to siphon off money. Others go after social media sites, looking for user account information to sell on the dark web.

As the old adage goes, those who don’t learn from history are doomed to repeat it. So, to help futureproof your data security, here’s a history of hacks we can all learn from.

global payments logo

2009 Global Payment Hack

Back in 2009, five men – four Russians and one Ukranian – managed to hack into several major company networks, including NASDAQ, 7-Eleven, Carrefour and Global Payment. As a result, they stole 160 million credit card numbers.

In order to gain access to the networks, the hackers looked for vulnerabilities in the SQL code of each company’s network. SQL is a type of programming language typically used in databases. Once they found a vulnerability, they created a ‘back door’ allowing them to access the networks and steal customer data.

Once they had found customer data, the hackers would sell it on the dark web, charging $10 for each stolen American credit card number and associated information, $15 for a Canadian credit card number and $50 for a European credit card number.

While one would suspect that the hackers targeting the banks would be looking to simply steal money from customer accounts, the Global Payment hackers knew that they could multiply their ill-gotten gains by acting as middle men. Given the volume of data they stole, the hackers could have potentially made well over a billion dollars.

Despite the attacks happening in 2009, only two of the hackers have been arrested to date: Vladimir Drinkman, 37, and Dmitriy Smilianets, 34, both from Moscow. Drinkman was sentenced to twelve years in jail, while Smilianets got off with just over four years. Alexandr Kalinin, Roman Kotov and Mikail Rytikov are still on the run.

Map of Europe with Estonia medium

Estonia is pictured in dark green, sandwiched between Russia and the Baltic Sea

2007 Estonian Cyberwar

With a population of just over a million people, the former-Soviet state of Estonia hardly seems like the ideal target for a cyberwar. But, back in 2007, Estonia was the most internet-friendly country in Europe.

It had invested heavily in digital infrastructure, bringing its mostly urban population online in the early- to mid-noughties to help save money on government services. It was so successful that Estonia was the first country to hold national elections over the internet in 2005.

However, it hadn’t put as much effort into its digital security. After a polarizing nationwide debate about the relocation of a Soviet-era war memorial, the country was hit with coordinated DDoS attacks for nearly a month — bringing the nascent internet nation to a standstill.

Soviet War Memorial Tallin

The Soviet war memorial in Estonia’s capital, Tallin. Credit: BBC

DDoS, or Distributed Denial of Service attacks, disrupt the communications between sites and users by flooding the host networks with traffic from loads of different IP addresses. The attacks targeted Estonia’s banks, Parliament and media outlets. Its effects on the whole nation’s economy led to it being coined “the first cyberwar”.

The nature of DDoS attacks makes it difficult to find the perpetrators, as there is so much traffic coming from different IP addresses. However, multiple groups claimed responsibility for the attacks, including the Kremlin-backed Russian youth movement Nashi. But only one person was punished for the attacks – 20 year-old Estonian Dmitri Galushkevich. He was fined just 17,500 kroons – roughly $1,600.

JPMorgan Chase logo small

JPMorgan Hack, 2014

Back in 2014, four men used a variety of methods, from brute force credential-guessing to old-fashioned confidence tricks, to gain access to the networks of JPMorgan Chase, online stock brokers, financial news sites and even software companies.

They stole the information of more than 100 million customers but not to simply sell on over the dark web. Instead, they planned to start their own brokerage business, even copying Merrill Lynch’s business practice, but using the stolen data to give them a head start.

However, there was more to come from this multi-talented group of hackers. They ran a stock-pumping scheme, using customer data to inflate the price of penny stocks before selling them at a massive profit.

They used the stolen money to play on illegal online gambling sites and even ran a Bitcoin exchange — all this generated far more money than the original hacking could have and it gave them a chance to hide their activities in multiple shell companies and, effectively, launder the money through loads of different channels.

It couldn’t last forever though, and the feds eventually caught up with the four men at the end of 2015. The hackers faced some 23 charges including: Unauthorized access of computers, identity theft, securities and wire fraud.

The four men, including an Israeli and Russian national have yet to be convicted, but if they are found to be guilty of the multiple charges they face they could face over 80 years behind bars.

Read more about security on Tech.Co

Tags:

Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Tom Fogden is a writer for Tech.Co covering everything from website builders to mobile phones. He also loves soccer, probably too much.

  • Shares

Leave a Reply

  • (will not be published)