Cybercrime has become a huge business in today’s world. With increased regularity we are seeing headlines related to mass malware injections, cyber heists, and identity theft. While some are not out of the ordinary as far as cybercrime goes, there are some that went above and beyond the traditional cybercrime limits to make our top 5 list of the biggest cybercrimes.
Michael “MafiaBoy” Calce, a 15-year-old Canadian boy is given credit for using the first major Distributed Denial of Service Attack. Before this, DdoS attacks were mainly used by hackers to knock their rivals out of Internet Rely Chats. Calce used a botnet to flood CNN, Yahoo, Amazon, Ebay, Dell and eTrade with fake traffic, causing them to buckle under the weight, and be knocked offline. Calce is also given credit for moving cybercrimes into the national spotlight with his massive attack.
The California Payroll Database Breach
In early 2002, a hacker, who has yet to be identified, hacked into a sever in California that was home to the State Government’s Payroll Database. The hacker was able to steal the personal information of over 260,000 state employees starting with the Governor of California. The breach itself isn’t considered major. It’s the actions that followed that place this cybercrime at number two on the list. It was reported that the California Controller’s Office waited 14 days before warning potential identity theft victims! This sparked lawmakers to pass the U.S.’s first breach of disclosure law, SB1386. Due to the new law, 45 states have followed suit, passing similar laws.
In 2003, another unknown cybercriminal used what is known as a Slammer Worm to target a weakness in Microsoft’s SQL servers. Six months prior to the attack, Microsoft had stated that the weakness found in its SQL servers had been fixed. It turns out that they were wrong; the worm was able to crack upwards of 75,000 unpatched servers in a matter of hours. Washington Mutual and Bank of America ATM servers were brought down. Continental Airlines was forced to delay and even cancel flights due to its ticketing system being bogged down. Seattle’s 911 emergency network was also brought down, as well as the safety monitoring system of an Ohio nuclear power plant. This particular Slammer isn’t noted as being the biggest on record, but it is undoubtedly the fastest and most aggressive ever recorded. It also brought to light the foolishly interconnected private networks of major corporations.
RBS Worldpay Heist
When RBS Worldpay had been hacked, it was referred to as no big deal. Reports said that only 100 of the 1.5 million payroll and gift card accounts that were hacked had fraud activity. However, later reports stated that hackers were able to successfully raise the limits on 44 cards to more than $500,000. Then, with the help of what seemed like a global army of people cashing the cards out, over 130 ATM’s in 49 cities spanning from Moscow to Atlanta were used simultaneously (a few minutes after midnight, Eastern Time) to collect $9.5 million in cash. Since then, the U.S. has indicted four members of the cyber gang who hail from Estonia, Russia and Moldova.
Los Angeles Traffic Light Hack
When, in August 2006, traffic engineers went on strike, the city decided to block access to the system that controlled 3,200 traffic signals around the city. Two of the engineers on strike decided to hack in anyway. Kartik Patel and Gabriel Murillo changed the timing of four traffic lights. The hack managed to cripple areas of the city including the Los Angeles International Airport, Glendale Freeway, Little Tokyo, and the Civic Center. It took days for managers to figure out what was going on. The two were caught, and in 2009, both were sentenced to probation.