21世紀九大網絡攻擊

郭曉陽

Cyber-attack can happen to any digital user at any time and at any place.

Some might be harmless or might cause just a little damage. But there are a few types of cyber-attacks that have caused significant damage and have taken entry in the list of most significant cyber-attacks.

1. Cyber-attack on Yahoo！

One of the most prominent Internet giant， Yahoo suffered a big blow when the security of their 3 billion user accounts was put on stake.

The names， dates of birth， email addresses， passwords as well as security questions and answers of 3 billion users were put on stake. The attack took place in 2013-2014.

The attack had severely affected the company; the Yahoo group that was once valued at $100 billion was finally sold off to Verizon for only $4.48 billion for its core Internet business.

The name of the company was later changed to Altaba， Inc. after the sale.

2. eBay cyber-attack

Another cyber-attack that shook the entire world was the users database hacking by the intruders.

The e-commerce giant was subjected to a major cyber-attack in May 2014 when hackers intruded into the users database using their corporate employees accounts.

The hackers had complete access into their network for about 229 days. The breach compromised the sensitive information like names， dates of birth， addresses， and encrypted passwords of around 145 million users.

But as per the company， the financial data of the customers was safe as it was stored in a separate database and was not compromised. The breach resulted in widespread criticism of the company and incurred great losses.

3. Equifax cyber-attack

Equifax one of the US largest credit bureaus， faced a major blow when the data of its 143 million costumers was hacked.

The customers sensitive information including birth dates， Social Security Numbers， addresses， and drivers license numbers was hacked by the intruders.

The attack did not end with hacking only the personal information; even the credit card information of around 209，000 consumers was stolen too.

According to the company， the application vulnerability on their site resulted in the data attack. The attack was exposed on July 29， 2017， but was suspected to have started in mid-May the same year.

4. Target stores data breach

End of December 2013 gave a big blow to Target stores when they discovered that a data breach into their system had compromised the credit/debit card details and/or contact information of around 110 million people.

The hackers penetrated into their private network by exploiting their vulnerability through a third-party vender for HVAC system to POS payment card readers. The cyber-attack cost them around $162 million.

The CEO and CIO of the company had to resign after this major cyber-security issue.

5. Uber cyber-security breach

Data breaches are common events in the current digital world. How the companies deal with it， also plays an equally important role. Uber was subjected to a data breach in late 2016. The company was not much criticized as its take on this attack was.

The breach resulted in compromising names， mobile phone numbers and email addresses of 57 million Uber users and 600，000 Uber drivers driver license numbers.

The company discovered the breach in late 2016 but made it public almost after a year. Not only that the company offered the hackers an amount of massive $100，000 to destroy the data without verifying they actually did.

The breach had resulted in the loss of both the reputation and finances of the company. The company was in negotiation to sell its stakes to Softbank， at the time the breach was announced. The breach lowered the value of the deal from $68 billion to $48 billion.

6. JP Morgan Chase data breach

JP Morgan， one of the finest banks of the USA suffered from a cyber-attack which compromised the contact information—names， addresses， phone numbers and email addresses of 6 million households and 7 million small businesses.

There were no monetary losses. The hackers gained privilege over 90 bank servers. July of 2014 would really have been tough for JP Morgan to have a deal with all such critical issues.

7. Cyber-attack on Sony PlayStation Network

One of the biggest data breaches in the gaming industry of all times happened on the Sony PlayStation Network. April 20， 2011， is a date that will always be remembered in the gaming industry for the biggest data breach in the gaming industry.

The hackers hacked 77 million Network accounts. These accounts had 12 million accounts that had unencrypted credit card numbers.

The hackers hacked full names， e-mails， credit card numbers， passwords， purchase history， PSN/Qriocity logins and passwords， and home addresses.

Sony incurred losses of an estimate of $171 million. It resulted in an initial $15 million reimbursement in a lawsuit over the breach.

8. RSA Security Attack

March 2011， is a date that is still in debates for the cyber-security breach of the mighty security giants SecurID authentication tokens of the company RSA.

The hackers successfully managed to perform phishing attack on RSA employees and impersonated as individuals and intruded into the network of the company. The attack is estimated to have stolen 40 million employee records.

9. Adobe cyber-attack

Another big cyber-attack that shook the IT giant Adobe happened in October 2013.

The attack compromised the personal information including customer names， IDs， passwords and debit and credit card information of over 38 million users.

The company paid $1 million as legal fees to resolve prerogatives of violating the Customer Records Act and biased business practices.

When market biggies like Yahoo， eBay， Equifax， etc. can get trapped in the trap of cyber-attacks， you too can！ So be aware and follow all cyber-security safety measures religiously and BE SAFE！

數字用戶可能隨時隨地遭遇網絡攻擊。

有些網絡攻擊可能不會造成任何危害，或危害微不足道。有些類型的網絡攻擊則造成了重大損失，入列最嚴重網絡攻擊。

1. 雅虎遭遇的網絡攻擊

最知名互聯網巨頭之一雅虎遭受過嚴重網絡攻擊，其30億用戶的賬戶安全曾岌岌可危。

30億雅虎用戶的姓名、出生日期、電子郵箱地址、密碼以及安全問答都面臨風險。這次攻擊發生在2013至2014年。

這次攻擊對雅虎造成嚴重影響。估值一度達到1000億美元的雅虎集團，最終僅以44.8億美元的價格，將其核心互聯網業務出售給了威瑞森電信。

之后，雅虎公司更名為Altaba公司。

2. eBay遭遇的網絡攻擊

另一起轟動全世界的網絡攻擊是eBay的用戶數據庫遭攻擊者入侵。

2014年5月，電子商務巨頭eBay遭遇嚴重網絡攻擊，黑客利用手中的企業員工賬號侵入eBay的用戶數據庫。

黑客擁有網絡的完全訪問權限達229天左右。這次攻擊造成約1.45億用戶的姓名、出生日期、地址、加密密碼等敏感信息泄露。

不過，eBay聲稱，客戶的財務數據存儲在另一個數據庫內，并未泄露，因此安全無虞。此次數據泄露使eBay遭到廣泛批評，并蒙受巨額損失。

3. 艾可菲遭遇的網絡攻擊

美國最大信用機構之一艾可菲遭遇嚴重網絡攻擊，1.43億客戶數據遭入侵。

包括出生日期、社會安全號碼、地址、駕駛證編號在內的客戶敏感信息遭攻擊者竊取。

此次攻擊不僅僅限于竊取上述個人信息，甚至約20.9萬名客戶的信用卡信息也被盜取。

艾可菲稱，公司網站上的應用漏洞導致了這起數據攻擊。這次攻擊于2017年7月29日披露，但疑似同年5月中旬便已發生。

4. 塔吉特百貨數據泄露

2013年12月末，塔吉特百貨遭遇嚴重網絡攻擊，公司系統發生數據泄露，約1.1億人的信用卡/借記卡信息和/或聯系方式被盜。

黑客通過暖通空調系統的第三方供應商，接入POS機支付卡讀取器，并利用此漏洞侵入公司的專用網絡。這次網絡攻擊造成約1.62億美元的損失。

塔吉特百貨的執行總裁和信息主管在這次重大網絡安全事故后被迫辭職。

5. 優步網絡安全漏洞

當下的網絡世界，數據泄露屢見不鮮。企業如何應對也同等重要。優步在2016年下半年遭遇數據泄露事故。相對于公司本身，反倒是他們對待這起事件的態度更受非議。

這次攻擊造成5700萬優步用戶的姓名、手機號、電子郵箱以及60萬優步司機的駕駛證編號泄露。

優步在2016年下半年就發現了數據泄露，但大約1年后才公之于眾。不僅如此，優步還向黑客支付了一筆10萬美元的巨款，要求其將數據銷毀，卻并未核實黑客是否真正照做。

這次泄露事件使優步的聲譽和財務雙雙受損。事件公開時，優步正協商出售股份給軟銀。此次數據泄露使協議價格從680億美元下滑至480億美元。

6. 摩根大通銀行數據泄露

美國最佳銀行之一摩根大通曾遭遇網絡攻擊，致使600萬家庭和700萬小型企業的聯系方式泄露，包括姓名、地址、電話號碼、郵箱等信息。

攻擊未造成金錢損失。黑客獲得了逾90臺銀行服務器的權限。對于摩根大通來說，2014年7月要解決所有這些重要問題確實困難重重。

7. 索尼游戲網絡遭遇的攻擊

電子游戲行業史上最嚴重的一次數據泄露發生在索尼的游戲網絡上。2011年4月20日將因這起游戲業最嚴重的數據泄露事件永遠被業界銘記。

黑客入侵了7700萬索尼游戲網絡賬戶。其中1200萬個賬戶存有未經加密的信用卡號。

黑客竊取了用戶全名、電子郵箱、信用卡號、密碼、購買記錄、PSN/Qriocity登錄賬號和密碼，以及家庭住址等信息。

據估計，索尼蒙受了1.71億美元的損失。在這起數據泄露引發的訴訟中，索尼支付了1500萬美元的初步賠償。

8. RSA遭遇的安全攻擊

2011年3月仍是一個引發爭議的日子，網絡安全巨頭RSA公司的SecurID認證令牌在這天遭遇安全攻擊。

黑客成功地對RSA員工實施了釣魚攻擊，假冒員工侵入RSA的企業網絡。據估計，這次攻擊盜取了4000萬份員工檔案。

9. 奧多比遭遇的網絡攻擊

另一起大型網絡攻擊發生于2013年10月，撼動了信息技術巨頭奧多比公司。

這起攻擊導致逾3800萬用戶的個人信息泄露，包括客戶姓名、身份證號碼、密碼、借記卡和信用卡信息。

奧多比支付了100萬美元的訴訟費，以平息違反《客戶記錄法案》和不正當商業行為的指控。

既然雅虎、eBay、艾可菲等市場巨頭都能落入網絡攻擊的陷阱，你也可能身陷其中！因此，務必小心并嚴格遵守所有的網絡安全防范措施，注意安全！

（譯者為“《英語世界》杯”翻譯大賽獲獎者）