10 of the Worst Moments in Network Security History

Events that shock sensibilities and shaped the future

10 of the Worst Moments in Network Security History

Some days are just worse than others when it comes to network security. Here are our picks for some of the worst in history.

There's not much spam in that: May 3, 1978

Arpanet outraged but here we are today

Digital Equipment Corp. marketing guy Gary Thuerk gets technical assistance to send what's regarded as the first "spam" message to thousands on the government-funded Arpanet, predecessor of today's Internet. Arpanet management decries the mass e-mail as a "flagrant violation" of Arpanet rules. Good thing they nipped that in the bud.


Reaction to the first spam of 1978

The first documented spam

Spam: Types of malware

The Morris Worm

The Morris Worm

Cornell student Robert Morris claimed he unleashed this bad boy not to cause damage but to estimate the size of the Internet. True or not, his handiwork cascaded into a denial-of-service attack that hit an estimated 6,000 Unix computers in an era when only about 60,000 such machines comprised the Internet.


The Morris Worm

Morris Worm, the first "Internet panic"

CERT on the history of the Arpanet and the Morris Worm incident

Mafiaboy knee-caps heavies: Feb. 7, 2000

Amazon, eBay, Yahoo, Dell, E-trade and CNN are all struck down by a massive distributed denial-of-service attack traced to a Montreal-area teen calling himself Mafiaboy; real name, Mike Calce. He's caught and sentenced under the Canadian youth-court system to eight months of "open custody," whatever that means, a light fine and restricted use of the Internet. Ouch.


Mafiaboy sentenced

DDoS Attack takes down sites

Web sites unite to fight denial-of-service attacks

Nothing says I love you like: May 4, 2000

The ILoveYou worm, also called VBS/Loveletter and the Love Bug Worm, scoots from Hong Kong around the globe in no time, infecting an estimated 10% of all connected computers. Inboxes overflowed at many organizations, including the Pentagon, CIA and British Parliament. Business servers were brought to their knees.


Analysis by UC Davis computer expert of the ILoveYou Worm

The U.S. General Accounting Office warns about impact of ILOVEYOU

Bugtraq warning on ILoveYou virus

Code Red I and II: July 13, Aug. 4, 2001

The first Code Red attack exploits buffer-overflow vulnerabilities in unpatched Microsoft Internet Information Servers, infects an estimated 395,000 computers in one day alone, defaces Web sites and launches Trojan code in a denial-of-service attack against fixed IP addresses, including the White House and Microsoft. The event prompts the director of the FBI's National Infrastructure Protection Center to hold a press conference. A few weeks later, Code Red II surfaces as a variant that tries to infect computers on the same subnet. The Code red assaults raises awareness about patching and pave the way for future worms: SQL Slammer, Blaster, Sobig, Sasser, Netsky and Witty.


CERT advisory on Code Red

Military snagged in botnet: 2004

The Department of Defense discovers computer systems at the Naval Warfare Center and the Defense Information Systems Agency have been compromised and turned into a botnet to send spam, launch DoS attacks and commit other crimes. Investigators follow the forensic trail to Jeanson James Ancheta, 20, who's arrested in 2005. Ancheta admits to generating more than $107,000 in payment for sending spam or launching DoS attacks through 400,000 infected computers. He gets five years and fines.


Judge slaps botmaster with jail time

Botmaster pleads guilty

U.S. Dept. of Justice on arrest of Ancheta

Storm a-brewin': Jan. 17, 2007

First noticed in early 2007, the Storm botnet works by bringing compromised machines under a command-and-control system, hard to shut down, for purposes of spam and phishing. Estimates of Storm-compromised machines range from a few million to 50 million.


Storm botnet gets profiled at Web site

Storm worm can befuddle NAC

Storm switches tactics third time, adds rootkit

TJX redefines data breach: Jan. 18, 2007

Framingham, Mass.-based retailer discloses massive data breach of its network that has compromised an estimated 45.7 million customer records and personal records. Analysts call it the largest known data breach involving card data in history.


TJX data theft called greatest ever

TJX lists mouting costs of data-breach debacle

Canadian probe of TJX hack

Cyberattack on Estonia: April 27, 2007

Estonia, a country of about 3 million people bordering Russia, has a well-developed network infrastructure that came under a crushing cyberattack that made its most important government, banking and media Web sites unavailable. Security experts analyzing the cyberattack believe it was triggered by the "Russian blogosphere," which triggered a second phase that included specially designed bots, dropped onto home computers. Some suspect the Russian government was involved, a charge dismissed by the Kremlin.


Estonia recovers from massive denial-of-service attack

U.S. government sending reps to Estonia after cyberattack

Networked systems are putty in the hands of a good hacker

Trader run amok: Jan. 24, 2008

Societe Generale, the large French financial services firm, discloses that one of its low-level options traders, Jerome Kerviel, has committed stock fraud worth an astonishing $7 billion, the largest in history traced to rogue trading . Kerviel placed huge bets in unauthorized trades and covered up his tracks with fake e-mail. In a case still playing out in the French legal system, the 31-year-old Kerviel has admitted to masterminding the scheme but is publically saying Societe Generale was "complacent" about his activities as long as his bets were winning.


Jerome Kerviel: Already in Wikipedia

Wall St. Journal blog: Who are you, Jerome Kerviel?

French trader fingers his bosses

We want to hear from YOU!

We want to hear from YOU. What do YOU think are the worst moments in network security history?