The Ten Costliest Cyber Crimes of All Time

By Mike Schuster Aug 14, 2009 2:00 pm
Call it revenge of the geeks.
  • Share this article:
  • A- A A+
This has been a tough week for cyber criminals. British hacker Gary McKinnon -- accused of pulling off the biggest military computer hack of all time, to the tune of $800,000 -- lost an appeal to avoid extradition to the United States. He'll therefore be tried Stateside, where we don't take kindly to this sort of thing.

The business of computer hacking is certainly booming, with hack-related losses totaling a staggering trillion dollars per year worldwide. In February 2009, Ponemon Institute conducted a survey to determine the average loss a business incurs when it suffers a security breach. Reviewing cases from 43 organizations, the group finalized a figure: $6.6 million.

While that might seem like small potatoes for megacorporations like Wal-Mart (WMT) or Best Buy (BBY) -- which experienced data leaks in 2006 and 2007, respectively -- the cost of clients' files being released into the hands of a nefarious hacker could ruin a smaller company.

 

 

Cyber crime has come a long way since Matthew Broderick changed the number of days he was absent from school -- not to mention nearly annihilating mankind with an innocent game of thermonuclear war. Reports of breached security and computer virus outbreaks occur almost weekly -- even with organizations boasting the highest levels of protection.

In June 2007, the Pentagon announced a breach of the network's infrastructure which resulted in the loss of an "amazing amount" of data, according to Dennis Clem -- the Office of the Secretary of Defense's chief information officer. Although no one specified what or how much was lost, the sensitive information could have compromised national security.

No matter how protected and monitored, no security system is immune.

The cost of the system break-in and restructuring passwords and identity verification came to $4 million -- which is a mere pittance compared to average national bills. But monetary values aside, a hacker has the ability to alter public policy and, possibly, presidential elections.

Take, for example, Sarah Palin who -- barely a month and a half away from Election Day -- saw her email account hacked into and screenshots posted on Gawker. Had there been a record of something more incriminating than family photos and personal cell phone numbers, the incident could have easily affected poll numbers for the GOP ticket -- but apparently couldn't change the results.

The latest trend in cyber crime is the Denial of Service (DoS) attack, in which servers are slammed by an overwhelming number of data requests that cause them to crash -- in some cases, permanently. AT&T (T) and the infamous 4chan both suffered DoS attacks in July -- the former mistakenly blamed the latter for the incident, which led to a legitimate attack against AT&T.

Google (GOOG), Facebook, and Twitter were struggling for hours earlier this month after a widespread DoS attack. Twitter saw the worst effects, with outages and incredibly slow servers throughout the day.

Despite the scale of these network outages, they can't hold a candle to those affected by some of our more ambitious computer hackers. Minyanville takes a look at 10 of the costliest cyber crimes of all time.
< Previous
  • 1
Next >
View As One Page
No positions in stocks mentioned.
The information on this website solely reflects the analysis of or opinion about the performance of securities and financial markets by the writers whose articles appear on the site. The views expressed by the writers are not necessarily the views of Minyanville Media, Inc. or members of its management. Nothing contained on the website is intended to constitute a recommendation or advice addressed to an individual investor or category of investors to purchase, sell or hold any security, or to take any action with respect to the prospective movement of the securities markets or to solicit the purchase or sale of any security. Any investment decisions must be made by the reader either individually or in consultation with his or her investment professional. Minyanville writers and staff may trade or hold positions in securities that are discussed in articles appearing on the website. Writers of articles are required to disclose whether they have a position in any stock or fund discussed in an article, but are not permitted to disclose the size or direction of the position. Nothing on this website is intended to solicit business of any kind for a writer's business or fund. Minyanville management and staff as well as contributing writers will not respond to emails or other communications requesting investment advice.


(2)
Reply
2009-08-15 04:31:30
Hugh Noyd
inaccurate
sorry mike but firstly Gary McKinnon is only accused of eight hundred thousand dollars not million. secondly he didn't damage stuff he was looking for UFO's the DoJ couldn't extradite unless there was at least $5000 of damage so they accused him of doing $5000 on each system he looked at, including six universities who publicly stated mckinnon had caused no damage. these were quietly dropped from the indictment. Anyway technically he didn't even hack, he found thousands of windows machines with the default settings ie no password or 'admin' so he just logged on and left hundreds of notes telling them how bad their security was. doesn't sound like cyber criminal to me. But he did get very upset because he thought 911 was an inside job ie state sponsored. He does after all have Autism.
Reply
2009-08-15 22:00:56
JIM BENNETT
Computer security
I am skeptical whether it is even possible to protect networked computer systems from unauthorized entry. Mainframes with terminals were easy because you could limit access to the machine to designated terminals. The Internet is a different ballgame entirely.

In years gone by, the stereotypical PC hacker was a kid with acne and a big ego. They might be malicious, but rarely larcenous. That is not really a valid picture today. Career criminals, frequently in Eastern Europe are more the norm now. They employ DP professionals, frequently PhDs, to write their programs.

This creates a quandary for industry. If they make their security tight enough to keep the baddies out, they'll drive their customers away as well. Even worse, the majority of the smaller firms have to rely on off-the-shelf security software. That software has to be customizable so that the firms can adjust it to their needs. That makes it possible for high tech baddies to evade.

The worst issue of all however is the home user. I am routinely amazed at the number of home users who have no security at all, not even basic virus protection. Not only are home users seldom really security conscious, but even those that are are stuck with the same off-the- shelf software as a lot of businesses. So, Ivan or Boris don't need to crack into the bank. They crack your home computer and remotely order it to send them the contents of your bank account. Don't laugh, it has happened. And international prosecutions are all but impossible, so it is a very low risk proposition.

In the final analysis, I suspect that we will simply have to accept some level of fraud as cost of doing business on line.
Subject:
Comment:
Get real-time options trading ideas from Steve Smith, veteran options trader and newsletter author, plus let him show you the way to cut risk and boost your returns through the strategic use of options.  Click here for a free 14 day trial to OptionSmith by Steve Smith.