• United States



by John E Dunn

Worst security disasters of 2010

Dec 31, 20103 mins
Consumer ElectronicsData and Information SecuritySecurity

This was the year ‘security’ morphed into the more serious-sounding ‘cybersecurity’. Or, to put it less portentously, the US military and Government had a real shocker.

This was the year ‘security’ morphed into the more serious-sounding ‘cybersecurity’. Or, to put it less portentously, the US military and Government had a real shocker.

The year started badly with January’s now infamous Aurora hack, widely blamed on the Chinese. The fallout was as considerable, with some EU governments warning against their citizens using Internet Explorer. Hillary Clinton just got very upset, the most senior US political figure ever to go on the record about cybersecurity-as-geopolitics.

Uncomfortably, the US was also at the centre of April’s disturbing ‘Collateral Murder’ video, leaked footage of a US helicopter gunship strafing and killing Iraqis on the ground who turned out to be unarmed civilians and journalists.

Shocking vrit video has been on YouTube many times, but this video was different, having been prized from the encrypted vaults of the US military by an insider, who sent it to Wikileaks. The whistleblower followed this up with the Afghan War Diary and finally and the US diplomatic cables.

Our prediction: the US government will not enjoy 2011 any more than Julian Assange. Wikileaks even had to move its servers to a former nuclear bunker in Stockholm in case retaliation got out of hand.

Piling humiliation on disaster, we learned that the FBI couldn’t crack open source encryption software, Truecrypt. Meanwhile, customers of a Memphis diner discovered Russians were stealing their credit card numbers after installing Trojans on the restaurant’s computer systems.

No wonder Bruce Schneier wants the US and Russia to set up a cybersecurity hotline.

At least that was less severe that the embarrassment piled on porn-loving customers of Sky, a UK TV network, who had their personal sleaze habit leaked on to the Internet after a database hack.

Most bizarre scam of the year? Probably the wealthy musician in New York conned out of as much as $20 million after trying to get his laptop repaired. Not far behind that was the ’10-10-10′ virus that never existed. People are afraid of calendar symmetries it seems, or perhaps just mathematically phobic.

The biggest security ‘injustice averted of the year’ was probably the school caretaker who planted child porn on his boss’s laptop in order to get him sacked (he was caught), with the biggest ‘don’t mess with gamers’ story being the youngster arrested for allegedly distributing a tool to ‘pwn’ servers hosting Call of Duty games. Headshot..!

Malware is normally the big security story of the year and there was one biggie, the Zeus attacks on US, UK and European online banking customers. There were a spate of stories throughput the year, but the arrests of gang members made the biggest news.