Macron email leak
Just 48 hours before the run-off poll between Emmanuel Macron and Marine Le Pen, a 9GB cache of emails from Macron’s En Marche! party was posted on PasteBin, a filesharing platform. They were spread to WikiLeaks. “The attacks were so simple and generic that it could have been practically anyone,” France’s cybersecurity chief said.
Bangladesh bank heist
In February 2016, hackers got the login credentials used by Bangladesh Central Bank for the international banking transfer system SWIFT. They tried to transfer $951m to accounts in Sri Lanka and the Philippines. Most transactions were flagged, but $101m was removed. A Trojan known as Dridex was used, which hides in MS Word or Excel attachments.
On 12 May 2017, a global ransomware attack affected more than 230,000 computers, including PCs in the NHS, FedEx and Deutsche Bahn. The malware was leaked from the NSA, and targeted machines running Windows XP and Windows 2003. The attack yielded just over $126,000 in payments and caused considerable upheaval.
In 2016, Yahoo! was forced to confirm that its systems had been breached twice, in 2013 and 2014, resulting in the loss of more than a billion users’ personal information, including passwords. The hackers used fake browser cookies that allowed them to dupe the site’s login systems. To date, it is the largest loss of customer data by any single company.
The Mexican restaurant chain, which has more than 2,250 outlets in the USA, reported that if you paid with a credit card between 24 March and 17 April 2017, your credit card details had almost certainly been obtained by hackers. The attack vector has not been confirmed, but the malware involved allegedly read the card data directly from the machines as they took payment.
- This is an extract from Hackers: Can They Be Beaten? in issue 310 of BBC Focus magazine – subscribe here to make sure you get the full features delivered to your door before they hit the newsstands.