Attacks¶

OpNasaDrones - Anonsec¶

The OpNASADrones hack, claimed by the hacking group AnonSec, involved purportedly infiltrating NASA’s network and obtaining a trove of sensitive data, including drone flight logs and personal information of NASA employees.

gamma¶

The Gamma hack in 2014, executed by the hacktivist known as Phineas Fisher, targeted the surveillance technology company Gamma International, which is known for its FinFisher spyware used by governments for surveillance. The breach resulted in the release of 40 gigabytes of internal data, including source code, client lists, pricing information, and other sensitive documents. This data was subsequently made publicly available, highlighting the company’s dealings with various governments and the invasive nature of their surveillance tools.

Hacking Team¶

The Hacking Team attack in 2015 was a significant breach of an Italian company known for selling surveillance software to various governments and law enforcement agencies. The hacker, known as Phineas Fisher, managed to leak over 400GB of internal data, including emails, contracts, invoices, source code, and customer lists. This leak revealed the extent of Hacking Team’s dealings with repressive regimes, showing how their software was used to surveil journalists, activists, and political opponents in countries like Ethiopia and Sudan.

Conclusion¶

Company networks are insecure
Web weaknesses are vast, and easy and reliable to exploit

How to be secure

Patch
Secure passwords
no insecure configuration
Humans
Segmentation, Defense in Depth
Verify: perform penetration tests!

links: Further Topics - Index