In-Depth

Top 5 Security Incidents of 2011 (and Their Impacts Going Forward)

We run down the top security concerns of the year and speculate what their meanings will be for the future.

• By Chris Paoli
• 12/15/2011

With hacktivisiom" groups like Anonymous and Lulzsec claiming the spotlight week after week, large corporate breaches making the the front page and cyber incidents pointing to foreign government involvement, 2011 was an eventful year in cybersecurity.

Here's a list of our top cybersecurity incidents of the year (in no particular order) and why we believe they are so important:

Sony's Lack of Patching Causes Network Outage, Data Leak

What Happened: In April of this year, Sony's system that governed its online network for the Playstation 3, PSP handheld and Playstation Web site was breached and reportedly user data (including names, addresses and credit card information) was stolen. This was followed by over a month of the network being down as Sony engineers rebuilt a new network system (and news that its network wasn't properly patched in the first place.)

Why It's Important: Security breaches happen. It's an almost unavoidable part of doing business in the modern society. However, a corporation responding and reacting in the appropriate manner is vital to putting customers at ease after an event that leads to a loss of confidence. We've already outlined the four biggest mistakes that Sony made when dealing with the whole situation.

The main lesson to take out of the whole Sony debacle is that if you don't treat your customers like idiots, their anger may subside a bit. Sony went out of its way to keep customers in the dark for the majority of the outage and when it did address the issue, it presented misinformation and blamed everyone but itself.

What Happened: Partnering with federal law enforcement, Microsoft helped put a stop to the largest operating spam network, which, at its height, had control of over 1 million computers. It also seized the C&C nodes, and was actively helping those infected with the malware to remove it.

Microsoft even went  one step further, advertising a reward for any information leading to the arrest of those suspected of heading the ring. 

Why It's Important: While malware rings are a bit like cockroaches -- destroy one and 10 will pop up in its place -- the takedown of the Rustock ring will send a clear message that the U.S. and Microsoft won't take illegal activity from those overseas lightly.
On the flip side, the taking control of C&C nodes and using them to manually remove malware from unsuspecting victims' computers raises a ton of privacy issues that I (lacking my Harvard Law degree) can't wrap my mind around.

While both claim there is no central head to their groups, or that there was no clear goal to their actions, they attacked Web sites of governments, corporations and anyone that they felt were against what the groups believed socially and economically.

Why It's Important: Whether you agree or disagree with their methods, the two groups got their messages (which, sometimes, were not 100% clear) out there. And some even gave credit for contributing and supporting the Arab Spring protesters with their online activity.

Hackers are nothing new. What's new about these two groups is that, unlike a vast majority of those committing illegal activities online, their actions were not governed by money. They had an agenda and they wanted to present it to as many people as possible. They weren't looking for a quick score.

What Happened: Adoption of smartphone and mobile devices like tablets continue to grow in 2011. IDC even reported that the sale of smartphones outpaced the sales of feature phones for the first time ever.

And as adoption grows, so do security incidents. Lookout Mobile Security reported that more than $1 million was stolen from Android users in 2011 by hackers. And that's only one mobile platform.

Why It's Important: The longer mobile devices are on the market, the more sophisticated hackers will become in stealing what you have on them. The rise of mobile security issues will hopefully bring home the point to users that, just like your personal computer, you must be careful at where you go online, what you download and what you share.

Also expect the mobile security business to blow up in the near future, as more companies will be catering users with antiviruses and protection targeted directly to their smartphone and tablet.

What Happened: News broke out that five Iranian facilities suspected in enriching weapons-grade uranium were hit by the Stuxnet worm over a 10-month period -- one reported incident caused damage to a main centrifuge. 
Why It's Important: Once news circulated that the worm actually caused physical damage to equipment, rumors flew that it came from the U.S., Israel or the two working together. We still don't have clear picture of who created Stuxnet, nor who sent it to the Iranian plants.

If it is true that a government was behind the attacks, we may be getting a glimpse of how foreign relations and conflicts are carried out -- not on the battlefield, but in cyberspace. While the thought of foreign governments invading us through our computer systems is a bit harrowing, launching strikes that merely sabotages equipment (instead of targeting sites with missiles) could reduce the loss of life in conflicts.

What do you think were the biggest security incidents or events of the year? What do you think the impact of these events will be? Let us know in the comments below.