The Dangers of Social Networking

Introduction

Social Networking is the one area of the Internet that nearly every computer-literate person indulges in these days. It doesn’t matter whether it’s your company boss, your neighbor, your boyfriend or your girlfriend, everybody’s contactable via at least one of the Social Networking portals. However, since these platforms attract so many people – most of whom are blissfully unaware of the need for online security – they also draw in the cybercriminals who are out to make a fast buck from the unwary users.

The threats out there can range from just the basic spam advertisement that we all find in our inboxes, to the more sophisticated scams designed to steal your Social Network account credentials, or ultimately, to infect your computer with a Backdoor. This can result in the loss of your private data and your money, not to mention endangering the people around you also. It is important to understand that by falling victim to these criminals, you are not only endangering yourself, but also the people around you, notably your friends on these Social Networks. To keep yourself safe, you need not only to follow some basic rules yourself, but also raise the awareness of your friends too!

Attacking your Friends: Account Phishing

One of the less technically dangerous security threats emanating from the world of Social Networking is the traditional attempt to Phish for a users login credentials. As previously seen from Online Banking scams or faked IRS notifications , the attacker sets up a website that is identical to the login page of the targeted Social Network site and then spams a link to it via email or messages purportedly from the Social Network itself.

 
Figure 1: Facebook Phishing Site

Of course this page has no functionality except to redirect the unwary user to the original Social Networking site after the user has entered their login data. The attacker can then abuse the login credentials that they have gained in numerous ways:

• Sell the credentials on the black market
• Gather more information about the attacked individual from their profile
• Send more spam via the Social Network platform from the compromised account

Having gained access to your account, an attacker can now exploit your network of trust. The attacker can impersonate you, sending your friends messages that appear to originate from you, and can also use your friends’ trust in you to convince them to follow a link, install a malicious program, or to login to a Phishing site themselves.

Luckily these attacks are relatively easy to spot as these fake login sites do not usually have a valid SSL certificate and the domain name is normally corrupted in some way. However, the non-security-conscious users tend to ignore such indicators – as they are too busy thinking about what ‘funny picture’ to send to their friends. However, Social Networking sites such as Facebook do their best to make their users awareof these easily detectable attacks. Generally, sites like Facebook tend to inform their users about known threats on their respective security pages.

Losing your Login without Being Phished

Another type of threat that has graduated from simply targeting Online Banking to now attacking Social Networking users are password stealers. These programs inject sections of their code into your browser (mainly Internet Explorer and sometimes Firefox are targeted) in order to steal your account information before it is sent over the network.

Since the data is stolen completely inside the browser, the SSL encryption between your computer and the website cannot protect you. However, a valid SSL certificate is presented by the Social Networking site and your browser shows the correct indicators for that. Hence, these attacks are much harder to spot than simple Phishing attacks. Because a password stealer is malware that is installed locally on your computer, a current antivirus solution is the best defense against these attempts to steal your account credentials.

Once an attacker has successfully Phished your credentials, it is very likely that they will go on to send links that will install the password stealer onto your friends’ machines as well, resulting in exponential propagation characteristics:

 
Figure 2: Social Network Password Stealer [PWS] Propagation

Most of the messages sent using the impersonation technique contain a social engineering component that tries to lure the victim (the recipient of the message) into visiting a certain website or downloading a program to their machine. Even if you cannot convince your friends to install a good antivirus solution, you can tell them that they cannot trust links sent by their friends. As these attacks are machine-generated, asking your friends if they really did send you a link is a wise precaution.

One prominent and widespread family of malware that exploits this approach is the Koobface family (an anagram of Facebook), which targets not one, but several Social Networking sites:

• Facebook
• MySpace
• Hi5 Networks
• Bebo
• ... and many more according to variant

Getting Hit in a Drive-By

Sometimes visiting a malicious website is enough to see malware unknowingly installed on a user’s computer, as sometimes vulnerabilities in your Browser allow for the arbitrary execution of code — even when Java(Script) and Flash are turned off! Once these pages are visited by someone with a vulnerable Browser, infection is inevitable if no current antivirus solution is present. However, the attacker first needs to attract visitors to such a page. One way is the aforementioned abuse of your network of trust by sending messages purportedly from you, pointing to the attacker's page.

Figure 3: Internet Explorer Code Execution

Another route recently adopted by attackers is spamming Twitter and posting comments on Blogger sites containing links to malicious targets. On Twitter especially, the attackers choose the most popular topics of the day and add links to their malicious sites along with their comments (on Twitter there is a concept similar to channels where certain topics are tagged with a hash-sign).

On services like Twitter, where message space is very limited, URL shortening services are very common. Most of these services do not provide a preview function of the URL they're eventually pointing to and therefore an attacker can easily hide behind a semi-trusted name like the URL shortening service's one. This further increases the breadth of the attack.

Who to entrust your data to?

Sites such as Facebook often allow third-party developers to add their own ‘Applications’ to the Social Networking Site and eventually to a users profile also. These applications often have full access to your personal data and profile information. The user is asked to consent to sharing their personal data and often can even choose which specific elements of their data they wish to share. But an application that makes use of clever social engineering techniques, just like a Trojan, can get a user to divulge virtually all of their personal data.

Thankfully, companies like Facebook are now aware of these issues and therefore manually check any applications before they allow them to be rolled out across their network. However of course, like all companies their resources are limited, and with almost 50.000 custom applications available on Facebook these days, not everything can receive the scrutiny it deserves. Thus you could very well end up enabling a ‘Daily Picture’ application that displays a different cute kitty every day -- whilst behind the scenes it is accessing all of your personal data. The sad truth is that these days anyone authoring such an application could embed a backdoor that loads JavaScript from a third-party server and eventually leaks all your personal data. If the attacker is skilled enough, the application may very well just slip past the Facebook analyst’s watchful eyes unnoticed!

These attacks are very difficult to detect for the average user as the third-party application can integrate itself almost entirely into the trusted Social Networking site in terms of appearance and functionality. Often, an antivirus solution cannot help here either as the third-party application is running server-side on the Facebook network. It really is down to whichever Social Networking site to eliminate these threats.

Read more »

An analysis of hacker mentality

Why people hack is a subject which is often discussed. Some say the explanation is the same as the one given by people who climb mountains: 'because they [computers] are out there'. Others claim that by highlighting vulnerabilities, hacking helps increase computer security. And finally, there is the explanation most often put forward: criminal intent.

Whatever the reason, as long as computers exists there will be hackers - white hats, black hats and grey hats. And because there is no way of predicting which kind of attack ('curiosity' versus 'malicious') will hit your computer first, it is always best to be prepared for the worst.

The truth is that in hours of a machine being connected to the Internet, somebody will scan it with an automated vulnerability probing tool, looking for ways to get in. It may be somebody who is just curious to see what is on the machine, or a white hat from the other side of the world checking to see if the computer is secure. Of course, in real life you wouldn't want passing strangers stopping to check if your house or car were locked, and, if not, to go inside, look around, go through your possessions and leave a note saying 'Hi, I was here, your door was open, but don't mind me and BTW, fix your lock'. If you wouldn't want someone to do this to your house, you wouldn't want someone doing it to your computer. And there is no excuse for doing it to someone else's computer either.

Premeditated, criminal, hacking is obviously even worse. In the real world, somebody walks by, breaks your lock, gets inside, disables your alarm system, steals something or plants listening devices in your phone or surveillance equipment in your living room. If this happens you call the police, they look around, write a report, and you wait for the thieves to be caught. Unfortunately, this is a rare luxury in the computer world; the culprit may be far, far way, downloading your confidential files while sitting in his personal villa or sunbathing by his huge pool, nicely built with stolen money. Or, in a business environment, many large corporations prefer not to report hacking incidents at all, in order to protect their company image. This means that the criminals remain unpunished.

Another hacker motivation may be hooliganism, or digital graffiti, which can be summed up as hacking into systems to cause damage. Web site defacement is a very popular form of digital graffiti and there are some hacking groups which focus on this task alone. Just as in the physical, non-cyber world, catching the hooligans is a tedious task which usually doesn't repay the effort or resources expended.

Whatever the reasoning, be it 'to help others', 'security heads-up!', 'hooliganism' or 'criminal intent', hacking is a phenomenon which is deeply rooted in the world of computing and will probably never die. There will always be people immature enough to abuse public resources, self-proclaimed 'Robin Hoods' and criminals hiding in the dark alleys of cyberspace.

Read more »

How to detect a hacker attack

Most computer vulnerabilities can be exploited in a variety of ways. Hacker attacks may use a single specific exploit, several exploits at the same time, a misconfiguration in one of the system components or even a backdoor from an earlier attack.

Due to this, detecting hacker attacks is not an easy task, especially for an inexperienced user. This article gives a few basic guidelines to help you figure out either if your machine is under attack or if the security of your system has been compromised. Keep in mind just like with viruses, there is no 100% guarantee you will detect a hacker attack this way. However, there's a good chance that if your system has been hacked, it will display one or more of the following behaviours.

Windows machines:

• Suspiciously high outgoing network traffic. If you are on a dial-up account or using ADSL and notice an unusually high volume of outgoing network (traffic especially when you computer is idle or not necessarily uploading data), then it is possible that your computer has been compromised. Your computer may be being used either to send spam or by a network worm which is replicating and sending copies of itself. For cable connections, this is less relevant - it is quite common to have the same amount of outgoing traffic as incoming traffic even if you are doing nothing more than browsing sites or downloading data from the Internet.
• Increased disk activity or suspicious looking files in the root directories of any drives. After hacking into a system, many hackers run a massive scan for any interesting documents or files containing passwords or logins for bank or epayment accounts such as PayPal. Similarly, some worms search the disk for files containing email addresses to use for propagation. If you notice major disk activity even when the system is idle in conjunction with suspiciously named files in common folders, this may be an indication of a system hack or malware infection.
• Large number of packets which come from a single address being stopped by a personal firewall. After locating a target (eg. a company's IP range or a pool of home cable users) hackers usually run automated probing tools which try to use various exploits to break into the system. If you run a personal firewall (a fundamental element in protecting against hacker attacks) and notice an unusually high number of stopped packets coming from the same address then this is a good indication that your machine is under attack. The good news is that if your personal firewall is reporting these attacks, you are probably safe. However, depending on how many services you expose to the Internet, the personal firewall may fail to protect you against an attack directed at a specific FTP service running on your system which has been made accessible to all. In this case, the solution is to block the offending IP temporarily until the connection attempts stop. Many personal firewalls and IDSs have such a feature built in.
• Your resident antivirus suddenly starts reporting that backdoors or trojans have been detected, even if you have not done anything out of the ordinary. Although hacker attacks can be complex and innovative, many rely on known trojans or backdoors to gain full access to a compromised system. If the resident component of your antivirus is detecting and reporting such malware, this may be an indication that your system can be accessed from outside.

Unix machines:

• Suspiciously named files in the /tmp folder. Many exploits in the Unix world rely on creating temporary files in the /tmp standard folder which are not always deleted after the system hack. The same is true for some worms known to infect Unix systems; they recompile themselves in the /tmp folder and use it as 'home'.
• Modified system binaries such as 'login', 'telnet', 'ftp', 'finger' or more complex daemons, 'sshd', 'ftpd' and the like. After breaking into a system, a hacker usually attempts to secure access by planting a backdoor in one of the daemons with direct access from the Internet, or by modifying standard system utilities which are used to connect to other systems. The modified binaries are usually part of a rootkit and generally, are 'stealthed' against direct simple inspection. In all cases, it is a good idea to maintain a database of checksums for every system utility and periodically verify them with the system offline, in single user mode.
• Modified /etc/passwd, /etc/shadow, or other system files in the /etc folder. Sometimes hacker attacks may add a new user in /etc/passwd which can be remotely logged in a later date. Look for any suspicious usernames in the password file and monitor all additions, especially on a multi-user system.
• Suspicious services added to /etc/services. Opening a backdoor in a Unix system is sometimes a matter of adding two text lines. This is accomplished by modifying /etc/services as well as /etc/ined.conf. Closely monitor these two files for any additions which may indicate a backdoor bound to an unused or suspicious port.

Read more »

Notable hackers

This section contains brief information on some of the most famous hackers, both black and white hats. The individuals below are well known for a variety of reasons: their actions, whether good or bad, their contributions to software and technology development, or their innovative approach, skills and ability to think out of the box.

Richard Stallman is known as the father of free software. When Stallman started working at MIT's Artificial Intelligence Lab in 1971 he was confronted with 'non disclosure agreements' and closed program sources while he was hacking and improving system drivers the 'traditional way'. After an interesting battle to obtain the source code of a faulty printer utility, Stallman gave up his job and became the loudest advocate for free computer software, creating GNU and the Free Software Foundation in the process.

Dennis Ritchie and Ken Thompson are famous for two major software developments of the 20th century: the UNIX operating system and the C programming language. These two began their carriers at Bell Labs in 1960's, revolutionising the computer world forever with their ideas. While Ken Thompson has retired from the computer world, Dennis Ritchie is still employed at Lucent Technology, working on a new operating system derived from Unix, called 'Plan9'.

John Draper, aka 'Cap'n Crunch' is famous for his ability to hack phone systems using nothing but a whistle from the 'Cap'n Crunch' cereal boxes (hence the nickname). Besides being the father of 'phone phreaking', John Draper is also famous for writing what was perhaps the first IBM PC word processor. He now heads his own security venture, developing antispam solutions, thwarting hacker attacks and securing PCs.

Robert Morris is famous for creating the first Internet worm in 1988. It infected thousand of systems, and practically brought the Internet to a halt for nearly a day. The 'Morris Worm' was perhaps the first fully automated hacking tool, exploiting a couple of unpatched vulnerabilities on Vax and Sun computers.

Kevin Mitnick, possibly the best known case of a 'black hat', was caught by the computer expert Tsutomu Shimomura back in 1995.

Kevin Poulsen remains famous for his 1990 hack of the phone system in Los Angeles. This enabled him to become the 102nd caller in a radio-phone and win a Porsche 944. Kevin Poulsen was eventually caught and imprisoned for three years. He now works as a columnist for the online security magazine 'SecurityFocus'.

Vladimir Levin, a Russian computer expert, hacked into Citibank and extracted USD $10 million. He was arrested by Interpol in UK, back in 1995 and sentenced to three years in prison, as well as being required to pay USD $240,015 in restitution.

Tsutomu Shimomura is a good example of a 'white hat'. He was working for the San Diego Supercomputing Center when Kevin Mitnick broke into his network and stole information on cellular technology and other classified data. Tsutomu started the pursuit for Mitnick which eventually led to his arrest.

Linus Torvalds is known as the father of Linux, the most popular Unix-based operating system in use nowadays. Linus started his work on a new operating system in 1991, adopting several controversial technologies for his project, namely the concept of Free Software and GNU's Public License system. He is also known for his early disputes with Andrew Tannenbaum, the author of Minix, which was the inspirational source for Linus' OS project. 

Read more »

Hackers and the law

Given that computer hacking is at least three decades old, there has been plenty of time for governments to develop and approve cybercrime laws. At the moment, almost all developed countries have some form of anti-hacking law or legislation on data theft or corruption which can be used to prosecute cyber criminals. There are efforts to make these laws even more stringent, which sometimes raise protests from groups which support the right to freedom of information.

Over the past few years, there have been lots of convictions for hacking and unauthorized data access. Here are a few of them:

• Kevin Mitnick is probably the one of the most famous hacker takedown cases. Mitnick was arrested by the FBI in Raleigh, North Carolina, on February 15th, 1995, after the computer expert Tsutomu Shimomura managed to track him to his hideout. After pleading guilty to most of the charges brought against him, Mitnick was sentenced to 46 months in prison and three years probation. He was additionally sentenced to another twenty-two months for probation violation and additional charges. He was eventually released from prison on January 21, 2000.
• Pierre-Guy Lavoie, a 22-year-old Canadian hacker, was sentenced to 12 months of community service and placed on probation for 12 months for fraudulently using computer passwords to perpetrate computer crimes. He was sentenced under Canadian law.
• Thomas Michael Whitehead, 38, of Boca Raton, Florida, was the first person to be found guilty under the Digital Millennium Copyright Act (DMCA). He was prosecuted as part of the Attorney General's Computer Hacking and Intellectual Property program and charged with selling hardware which could be used to illegally receive DirecTV satellite broadcasts.
• Serge Humpich, a 36 year-old engineer, was sentenced to a suspended prison sentence of 10 months by a ruling issued by the 13th correctional chamber. He also had to pay 12,000 francs (approx. €1,200) in fines, and symbolic damages of one franc to the 'Groupement des Cartes Bancaires'.
• On October 10, 2001, Vasiliy Gorshkov, age 26, of Chelyabinsk, Russia, was found guilty of 20 counts of conspiracy, computer crime, and fraud committed against the Speakeasy Network of Seattle, Washington, Nara Bank of Los Angeles, California, Central National Bank of Waco, Texas; and the online payment company PayPal of Palo Alto, California.
• On July 1, 2003, Oleg Zezev, aka "Alex," a Kazakhstan citizen, was sentenced in a Manhattan federal court to over four years (51 months) in prison following his conviction on extortion and computer hacking charges.
• Mateias Calin, a Romanian hacker, along with five American citizens, was indicted by a federal grand jury on charges that they conspired to steal more than $10 million in computer equipment from Ingram Micro in Santa Ana, California, the largest technology distributor in the world. Mateias and his network are yet to be convicted for these crimes and face up to 90 years in prison.
• On the 27 March 2006, UK couple Ruth & Michael Haephrati, convicted in Israel of developing and selling a Trojan horse program, were sentenced to prison terms of four years and two years respectively (and ordered to pay 2 million Shekels [$428,000] in compensation). They sold their Trojan to private investigators who used it to access data from clients' business competitors.
• In a well-publicised case, British hacker, Gary McKinnon, awaits extradition to the US for hacking into 97 US military and NASA computers in 2002 - described by one US prosecutor as 'the biggest military computer hack of all time'. His legal counsel has lodged a series of appeals and (at the time of writing in March 2010) continues to contest the extradition proceedings. If tried and convicted in the US, he faces up to 70 years in prison.

The list above is simply a brief digest which illustrates how cybercrime legislation has been used across the world against hackers or to convict cybercriminals in general. There are also some cases where people have been wrongly convicted of cybercrime. There are also numerous cases where hackers are still at liberty despite their names and identities being known. However, the number of such cases is being reduced day by day.

Cybercrime is here to stay. It is a reality of the 21st century, and the wide availability of the Internet and the insecure systems which come with it have increased the reach of cybercrime. With sufficiently sophisticated legislation, and more international cybercrime treaties such as being adopted, the world is hopefully heading in the right direction, with the long term aim being a safer, more law-abiding cyberspace.

Read more »

A brief history of hacking

• December 1947 - William Shockley invents the transistor and demonstrates its use for the first time. The first transistor consisted of a messy collection of wires, insulators and germanium. According to a recent poll on CNN's website, the transistor is believed to be the most important discovery in the past 100 years.
• 1964 - Thomas Kurtz and John Kemeny create BASIC, one of the most popular programming languages even nowadays.
• 1965 -it's estimated that approximately 20,000 computer systems are in use in the United States. Most of these are manufactured by International Business Machines (IBM).
• 1968 - Intel is founded.
• 1969 - AMD is founded.
• 1969 - The Advanced Research Projects Agency (ARPA) create the ARPANET, the forerunner of the Internet. The first four nodes (networks) of ARPANET consisted of the University of California Los Angeles, University of California Santa Barbara, University of Utah and the Stanford Research Institute.
• 1969 - Intel announces 1K (1024 bytes) RAM modules.
• 1969 - Ken Thompson and Dennis Ritchies begin work on UNICS. Thompson writes the first version of UNICS in one month on a machine with 4KB of 18 bit words. UNICS is later renamed 'UNIX'.
• 1969 - MIT becomes home to the first computer hackers, who begin altering software and hardware to make it work better and/or faster.
• 1969 - Linus Torvalds born in Helsinki.
• 1970 - DEC introduces the PDP-11, one of the most popular computer designs ever. Some are still in use as today.
• 1971 - John Draper, aka as 'Cap'n Crunch' hacks phone systems using a toy whistle from a cereal box.
• 1971 - The first email program is released for the Arpanet. The author is Ray Tomlinson, who decides to use the '@' character to separate the user name from the domain address.
• 1972 - Ritchie and Kerningham rewrite UNIX in C, a programming language designed with portability in mind.
• 1972 - NCSA develops the 'telnet' tool.
• 1973 - Gordon Moore, Intel's chairman postulates the famous 'Moore Law', which states the number of transistors in CPUs will double every 18 months, a law which will stay true for more than 20 years.
• 1973 - FTP is introduced.
• 1974 - Stephen Bourne develops the first major UNIX shell, the 'bourne' shell.
• 1975 - Bill Gates and Paul Allen found Microsoft.
• 1976 - A 21-year old Bill Gates writes 'An Open Letter to Hobbyists', a document in which he condemns open source and software piracy.
• April 1st, 1976 - Apple Computers is founded.
• 1977 - Billy Joy authors BSD, another UNIX-like operating system.
• 1979 - Microsoft licenses the UNIX source code from AT&T and creates their own implementation, 'Xenix'.
• 1981 - The Domain Name System (DNS) is created.
• 1981 - Microsoft acquires the intellectual property rights for DOS and renames it MS-DOS.
• 1982 - Sun Microsystems is founded. Sun will become famous for its SPARC microprocessors, Solaris, the Network File System (NFS) and Java.
• 1982 - Richard Stallman begins to develop a free version of UNIX which he calls 'GNU', a recursive definition meaning 'GNU's Not UNIX'.
• 1982 - William Gibson invents the term 'cyberspace'.
• 1982 - SMTP, the 'simple mail transfer protocol' is published. SMTP is currently the most widespread method for exchanging messages on the Internet.
• 1982 - Scott Fahlman invents the first emoticon, ':)'.
• 1983 - The Internet is founded by splitting the Arpanet into separate military and civilian networks.
• 1983 - FidoNet is developed by Tom Jennings. FidoNet will become the most widespread information exchange network in the world for the next 10 years, until the Internet takes over.
• 1983 - Kevin Poulsen, aka 'Dark Dante' is arrested for breaking into the Arpanet.
• 1984 - CISCO Systems is founded.
• 1984 - Fred Cohen develops the first PC viruses and comes up with the now-standard term 'computer virus'.
• 1984 - Andrew Tannenbaum creates Minix, a free UNIX clone based on a modular microkernel architecture.
• 1984 - Bill Landreth, aka 'The Cracker', is convicted of hacking computer systems and accessing NASA and Department of Defense computer data.
• 1984 - Apple introduces Macintosh System 1.0.
• 1985 - Richard Stallman founds the Free Software Foundation.
• March 15, 1985 - 'Symbolics.com' is registered as the first Internet domain name.
• November 1985 - Microsoft releases 'Windows 1.0', which sells for $100.
• 1986 - The Computer Fraud and Abuse Act in US adopted.
• 1986 - 'Legion of Doom' member Loyd Blankenship, aka 'The Mentor', is arrested and publishes the now famous 'Hacker's Manifesto'.
• 1988 - The CD-ROM is invented.
• 1988 - IRC is established.
• November 1988 - Robert Morris launches an Internet worm which infects several thousand systems and clogs computers around the country due to a programming error. This worm is now knows as the Morris worm.
• 1989 - the WWW is developed at CERN labs, in Switzerland.
• 1990 - The Arpanet is dismantled.
• 1990 - Kevin Poulsen hacks a phone system in LA making himself the winner of a Porsche 944 in a radio phone-in.
• 1991 - PGP (Pretty Good Privacy), a powerful, free encryption tool is released by Philip Zimmerman. The software quickly becomes the most popular encryption package in the world.
• 1991 - Rumours appear regarding the computer virus 'Michaelangelo', coded to launch its destructive payload on March 6th.
• September 17, 1991 - Linus Torvalds releases the first version of Linux.
• 1992 - The 'Masters of Deception' phone phreaking group is arrested due to evidence obtained via wiretaps.
• 1993 - The Mosaic web browser is released.
• 1993 - Microsoft releases Windows NT.
• 1993 - First version of FreeBSD is released.
• March 23, 1994 - 16-year-old Richard Pryce, aka 'Datastream Cowboy', is arrested and charged with unauthorized computer access.
• 1994 - Vladimir Levin, a Russian mathematician, hacks into Citibank and steals $10 million.
• 1995 - Dan Farmer and Wietse Venema release SATAN, an automated vulnerability scanner, which becomes a popular hacking tool.
• 1995 - Chris Lamprecht, aka 'Minor Threat', is the first person to be ever banned from the Internet.
• 1995 - Sun launches Java, a computer programming language designed to be portable across different platforms in compiled form.
• August 1995 - Microsoft Internet Explorer (IE) released. IE will become the most exploited web browser in history and a favourite target for virus writers and hackers.
• August 1995 - Windows 95 is launched.
• 1996 - IBM releases OS/2 Warp version 4, a powerful multi-tasking operating system with a new user interface, as a counter to Microsoft's recently released Windows 95. Despite being more reliable and stable, OS/2 will slowly lose ground and be discontinued a few years later.
• 1996 - ICQ, the first IM, is released.
• 1996 - Tim Lloyd plants a software time bomb at Omega Engineering, a company in New Jersey. The results of the attack are devastating: losses of USD $12 million and more than 80 employees lose their jobs. Lloyd is sentenced to 41 months in jail.
• 1997 - DVD format specifications published.
• 1998 -Two Chinese hackers, Hao Jinglong and Hao Jingwen (twin brothers), are sentenced to death by a court in China for breaking into a bank's computer network and stealing 720'000 yuan ($87'000).
• March 18, 1998 - Ehud Tenebaum, a prolific hacker aka 'The Analyzer', is arrested in Israel for hacking into many high profile computer networks in US.
• 1998 - CIH virus released. CIH was the first virus to include a payload which wipes the FLASH BIOS memory, rendering computer systems unbootable and invalidating the myth that 'viruses cannot damage hardware'.
• March 26, 1999 - Melissa virus released.
• 2000 - A Canadian teenage hacker known as 'Mafiaboy' conducts a DoS attack and rendersYahoo, eBay, Amazon.com, CNN and a few other web sites inaccessible. He is later sentenced to eight months in a youth detention center.
• 2000 - Microsoft Corporation admits its computer network was breached and the code for several upcoming versions of Windows were stolen.
• 2000 - FBI arrests two Russian hackers, Alexei V. Ivanov and Vasiliy Gorshkov. The arrests took place after a long and complex operation which involved bringing the hackers to the US for a 'hacking skills demonstration'.
• July 2001 - CodeRed worm released. It spreads quickly around the world, infecting a hundred thousand computers in a matter of hours.
• 2001 - Microsoft releases Windows XP.
• July 18th, 2002 - Bill Gates announces the 'Trustworthy Computing' initiative, a new direction in Microsoft's software development strategy aimed at increasing security.
• October 2002 - A massive attack against 13 root domain servers of the Internet is launched by unidentified hackers. The aim: to stop the domain name resolution service around the net.
• 2003 - Microsoft releases Windows Server 2003.
• April 29th, 2003 - New Scotland Yard arrest Lynn Htun at a London's InfoSecurity Europe 2003 computer fair. Lynn Htun is believed to have gained unauthorized access to many major computer systems such as Symantec and SecurityFocus.
• November 6th, 2003 - Microsoft announces a USD 5 million reward fund. The money will be given to those who help track down hackers targeting the software giant's applications.
• May 7th, 2004 - Sven Jaschan, the author of the Netsky and Sasser Internet worms, is arrested in northern Germany.
• September 2004 - IBM presents a supercomputer which is the fastest machine in the world. Its sustained speed is 36 trillion operations per second.
• 24 June 2005 - Robert Lyttle (one half of the 'Synamic Duo') was sentenced to four months in prison (followed by three years probation) and given a fine of $72,000 for hacking into US government computer systems and defacing web sites.
• 17 August 2005 - former AOL software engineer Jason Smathers given a 15 month prison sentence for stealing 92 million screen names from an AOL database and selling them to a spammer. The spammers then used the e-mail addresses to send out 7 billion spam messages.
• 24 August 2005 - Chinese hacker arrested in Japan for virtual 'theft' of online game goods.
• 6 January 2006 - Sean Galvez indicted in Massachusetts on one count of larceny and 10 counts of unauthorized access to a computer and identity fraud for breaking into more than 40 eBay accounts and accumulating charges totaling $32,000.
• 3 October 2006 - three men sentenced to eight years each in Russia for a spree of extortion attacks in 2003: the hackers stole up to $4 million from UK companies.
• 23 August 2007 - UK man arrested for unauthorised use of a wireless connection in Chiswick, London.
• 18 December 2007 - Hario Tandiwidjojo, a former computer consultant, pleads guilty in the US to unauthorized access to a protected computer, after breaking in to more than 60 business kiosks at hotels and stealing credit card information.
• 11 June 2008 - Robert Matthew Bentley sentenced in the US to 41 months in prison, and ordered to pay $65,000 restitution, for breaking into corporate computer systems in Europe (including those of Rubbermaid) and using them as part of a botnet.
• 11 July 2008 - Yang Litao receives two years in prison in China for hacking into a Red Cross web site and attempting to divert relief donations to a bank account under his control (following the Sichuan earthquake).
• 5 November 2008 - Ivan Biltse, Angelina Kitaeva and Yuriy Rakushchynets (aka Yuriy Ryabinin) plead guilty in the US to conspiracy and access device fraud for their part in a scheme that used stolen Citibank card information to steal $2 million. The group, that included seven others charged earlier in the year, allegedly broke into a server that processes ATM transactions from 7-eleven cash machines.
• 5 March 2009 - the gang behind the failed attempt to steal $229 million from the London office of the Sumitomo Bank in 2004 are sent to prison. Hackers were smuggled into the bank by an insider and used commercial keylogging software to capture login credentials and transfer money to overseas accounts. The two hackers, Jan van Osselaer and Gilles Poelvoorde, were given sentences of three and a half years and four years respectively. The insider, Kevin O'Donoghue, O'Donoghue was ordered to serve four years and four months in prison. Hugh Rodley and David Nash, who set up the international bank accounts, received sentences of eight years and three years respectively.
• 28 August 2009 - Albert Gonzalez agrees to plead guilty to 19 counts of wire fraud, conspiracy, aggravated identity theft and money laundering related to the theft of more than 170 million credit and debit card accounts from TJX, Barnes & Noble, Office Max and others. Under the terms of the deal, Gonzalez will spend 15 to 25 years in prison and will forfeit more than $2.8 million.
• 17 February 2010 - hacker replaces commercial video with porn on a Moscow billboard.
• 24 February 2010 - hacker leaks data about the finances of Latvian banks and state-owned firms to Latvian TV.

Read more »