21世纪九大网络攻击

郭晓阳

Cyber-attack can happen to any digital user at any time and at any place.

Some might be harmless or might cause just a little damage. But there are a few types of cyber-attacks that have caused significant damage and have taken entry in the list of most significant cyber-attacks.

1. Cyber-attack on Yahoo！

One of the most prominent Internet giant， Yahoo suffered a big blow when the security of their 3 billion user accounts was put on stake.

The names， dates of birth， email addresses， passwords as well as security questions and answers of 3 billion users were put on stake. The attack took place in 2013-2014.

The attack had severely affected the company; the Yahoo group that was once valued at $100 billion was finally sold off to Verizon for only $4.48 billion for its core Internet business.

The name of the company was later changed to Altaba， Inc. after the sale.

2. eBay cyber-attack

Another cyber-attack that shook the entire world was the users database hacking by the intruders.

The e-commerce giant was subjected to a major cyber-attack in May 2014 when hackers intruded into the users database using their corporate employees accounts.

The hackers had complete access into their network for about 229 days. The breach compromised the sensitive information like names， dates of birth， addresses， and encrypted passwords of around 145 million users.

But as per the company， the financial data of the customers was safe as it was stored in a separate database and was not compromised. The breach resulted in widespread criticism of the company and incurred great losses.

3. Equifax cyber-attack

Equifax one of the US largest credit bureaus， faced a major blow when the data of its 143 million costumers was hacked.

The customers sensitive information including birth dates， Social Security Numbers， addresses， and drivers license numbers was hacked by the intruders.

The attack did not end with hacking only the personal information; even the credit card information of around 209，000 consumers was stolen too.

According to the company， the application vulnerability on their site resulted in the data attack. The attack was exposed on July 29， 2017， but was suspected to have started in mid-May the same year.

4. Target stores data breach

End of December 2013 gave a big blow to Target stores when they discovered that a data breach into their system had compromised the credit/debit card details and/or contact information of around 110 million people.

The hackers penetrated into their private network by exploiting their vulnerability through a third-party vender for HVAC system to POS payment card readers. The cyber-attack cost them around $162 million.

The CEO and CIO of the company had to resign after this major cyber-security issue.

5. Uber cyber-security breach

Data breaches are common events in the current digital world. How the companies deal with it， also plays an equally important role. Uber was subjected to a data breach in late 2016. The company was not much criticized as its take on this attack was.

The breach resulted in compromising names， mobile phone numbers and email addresses of 57 million Uber users and 600，000 Uber drivers driver license numbers.

The company discovered the breach in late 2016 but made it public almost after a year. Not only that the company offered the hackers an amount of massive $100，000 to destroy the data without verifying they actually did.

The breach had resulted in the loss of both the reputation and finances of the company. The company was in negotiation to sell its stakes to Softbank， at the time the breach was announced. The breach lowered the value of the deal from $68 billion to $48 billion.

6. JP Morgan Chase data breach

JP Morgan， one of the finest banks of the USA suffered from a cyber-attack which compromised the contact information—names， addresses， phone numbers and email addresses of 6 million households and 7 million small businesses.

There were no monetary losses. The hackers gained privilege over 90 bank servers. July of 2014 would really have been tough for JP Morgan to have a deal with all such critical issues.

7. Cyber-attack on Sony PlayStation Network

One of the biggest data breaches in the gaming industry of all times happened on the Sony PlayStation Network. April 20， 2011， is a date that will always be remembered in the gaming industry for the biggest data breach in the gaming industry.

The hackers hacked 77 million Network accounts. These accounts had 12 million accounts that had unencrypted credit card numbers.

The hackers hacked full names， e-mails， credit card numbers， passwords， purchase history， PSN/Qriocity logins and passwords， and home addresses.

Sony incurred losses of an estimate of $171 million. It resulted in an initial $15 million reimbursement in a lawsuit over the breach.

8. RSA Security Attack

March 2011， is a date that is still in debates for the cyber-security breach of the mighty security giants SecurID authentication tokens of the company RSA.

The hackers successfully managed to perform phishing attack on RSA employees and impersonated as individuals and intruded into the network of the company. The attack is estimated to have stolen 40 million employee records.

9. Adobe cyber-attack

Another big cyber-attack that shook the IT giant Adobe happened in October 2013.

The attack compromised the personal information including customer names， IDs， passwords and debit and credit card information of over 38 million users.

The company paid $1 million as legal fees to resolve prerogatives of violating the Customer Records Act and biased business practices.

When market biggies like Yahoo， eBay， Equifax， etc. can get trapped in the trap of cyber-attacks， you too can！ So be aware and follow all cyber-security safety measures religiously and BE SAFE！

数字用户可能随时随地遭遇网络攻击。

有些网络攻击可能不会造成任何危害，或危害微不足道。有些类型的网络攻击则造成了重大损失，入列最严重网络攻击。

1. 雅虎遭遇的网络攻击

最知名互联网巨头之一雅虎遭受过严重网络攻击，其30亿用户的账户安全曾岌岌可危。

30亿雅虎用户的姓名、出生日期、电子邮箱地址、密码以及安全问答都面临风险。这次攻击发生在2013至2014年。

这次攻击对雅虎造成严重影响。估值一度达到1000亿美元的雅虎集团，最终仅以44.8亿美元的价格，将其核心互联网业务出售给了威瑞森电信。

之后，雅虎公司更名为Altaba公司。

2. eBay遭遇的网络攻击

另一起轰动全世界的网络攻击是eBay的用户数据库遭攻击者入侵。

2014年5月，电子商务巨头eBay遭遇严重网络攻击，黑客利用手中的企业员工账号侵入eBay的用户数据库。

黑客拥有网络的完全访问权限达229天左右。这次攻击造成约1.45亿用户的姓名、出生日期、地址、加密密码等敏感信息泄露。

不过，eBay声称，客户的财务数据存储在另一个数据库内，并未泄露，因此安全无虞。此次数据泄露使eBay遭到广泛批评，并蒙受巨额损失。

3. 艾可菲遭遇的网络攻击

美国最大信用机构之一艾可菲遭遇严重网络攻击，1.43亿客户数据遭入侵。

包括出生日期、社会安全号码、地址、驾驶证编号在内的客户敏感信息遭攻击者窃取。

此次攻击不仅仅限于窃取上述个人信息，甚至约20.9万名客户的信用卡信息也被盗取。

艾可菲称，公司网站上的应用漏洞导致了这起数据攻击。这次攻击于2017年7月29日披露，但疑似同年5月中旬便已发生。

4. 塔吉特百货数据泄露

2013年12月末，塔吉特百货遭遇严重网络攻击，公司系统发生数据泄露，约1.1亿人的信用卡/借记卡信息和/或联系方式被盗。

黑客通过暖通空调系统的第三方供应商，接入POS機支付卡读取器，并利用此漏洞侵入公司的专用网络。这次网络攻击造成约1.62亿美元的损失。

塔吉特百货的执行总裁和信息主管在这次重大网络安全事故后被迫辞职。

5. 优步网络安全漏洞

当下的网络世界，数据泄露屡见不鲜。企业如何应对也同等重要。优步在2016年下半年遭遇数据泄露事故。相对于公司本身，反倒是他们对待这起事件的态度更受非议。

这次攻击造成5700万优步用户的姓名、手机号、电子邮箱以及60万优步司机的驾驶证编号泄露。

优步在2016年下半年就发现了数据泄露，但大约1年后才公之于众。不仅如此，优步还向黑客支付了一笔10万美元的巨款，要求其将数据销毁，却并未核实黑客是否真正照做。

这次泄露事件使优步的声誉和财务双双受损。事件公开时，优步正协商出售股份给软银。此次数据泄露使协议价格从680亿美元下滑至480亿美元。

6. 摩根大通银行数据泄露

美国最佳银行之一摩根大通曾遭遇网络攻击，致使600万家庭和700万小型企业的联系方式泄露，包括姓名、地址、电话号码、邮箱等信息。

攻击未造成金钱损失。黑客获得了逾90台银行服务器的权限。对于摩根大通来说，2014年7月要解决所有这些重要问题确实困难重重。

7. 索尼游戏网络遭遇的攻击

电子游戏行业史上最严重的一次数据泄露发生在索尼的游戏网络上。2011年4月20日将因这起游戏业最严重的数据泄露事件永远被业界铭记。

黑客入侵了7700万索尼游戏网络账户。其中1200万个账户存有未经加密的信用卡号。

黑客窃取了用户全名、电子邮箱、信用卡号、密码、购买记录、PSN/Qriocity登录账号和密码，以及家庭住址等信息。

据估计，索尼蒙受了1.71亿美元的损失。在这起数据泄露引发的诉讼中，索尼支付了1500万美元的初步赔偿。

8. RSA遭遇的安全攻击

2011年3月仍是一个引发争议的日子，网络安全巨头RSA公司的SecurID认证令牌在这天遭遇安全攻击。

黑客成功地对RSA员工实施了钓鱼攻击，假冒员工侵入RSA的企业网络。据估计，这次攻击盗取了4000万份员工档案。

9. 奥多比遭遇的网络攻击

另一起大型网络攻击发生于2013年10月，撼动了信息技术巨头奥多比公司。

这起攻击导致逾3800万用户的个人信息泄露，包括客户姓名、身份证号码、密码、借记卡和信用卡信息。

奥多比支付了100万美元的诉讼费，以平息违反《客户记录法案》和不正当商业行为的指控。

既然雅虎、eBay、艾可菲等市场巨头都能落入网络攻击的陷阱，你也可能身陷其中！因此，务必小心并严格遵守所有的网络安全防范措施，注意安全！

（译者为“《英语世界》杯”翻译大赛获奖者）