GO
Loading...

Top 2013 cybersecurity stories and what to watch for in 2014

Hackers seem to be exiting 2013 with a bang.

Last week, Target revealed that hackers had stolen data from 40 million credit and debit card shoppers who purchased items at its stores between Nov. 27 and Dec. 15.

That was the latest in a number of headlines that hackers and cybersecurity have made this year. Here are 2013's top cybersecurity stories.

NSA leaker Edward Snowden

When the U.S. government called out China for hacking the U.S., the Chinese government counterclaimed that it was the victim of U.S. attacks.

In June, an American, Edward Snowden, backed up China's claims. The former contractor for the National Security Agency told the South China Morning Post that the U.S. government had hacked Chinese telecommunication companies and a university, among other organizations.

The news came just days after President Barack Obama had met with Chinese President Xi Jinping in California and pressed him on cyberespionage.

Snowden also released confidential documents showing that the NSA was gathering phone and Internet records of Americans. Efforts are now underway to change how the agency gathers such information.

Is HealthCare.gov secure?

Health-care exchanges were immediately plagued by glitches when they launched in October. The federal site, HealthCare.gov, had technical troubles that led to far lower enrollment than expected. As problems persisted, many observers wondered if hackers were at least partly to blame.

The Department of Homeland Security disclosed last November there had been attempted hacks on HealthCare.gov.

Testifying before the House Homeland Security Committee on Nov. 13, Roberta Stempfley, acting assistant secretary of the department's office of cybersecurity and communications, said, "We have had a handful of reports from the Department of Health and Human Services. A number of about 16."

Homeland Security has not yet released updated numbers.

(Read more: New woes for Obamacare website—hackers)

Though the attacks were not successful, security experts told the House Committee on Science, Space and Technology on Nov. 19 that they were still concerned.

"These are things that could actually compromise sensitive information for people that have registered for the website and actually compromise the entire site itself," said David Kennedy, CEO of TrustedSec.

Former intelligence contractor Edward Snowden during an interview at an undisclosed location in Moscow.
Barton Gellman | Getty Images
Former intelligence contractor Edward Snowden during an interview at an undisclosed location in Moscow.

A major bank heist and credit card theft

Some hackers are just after money, though, and one of the largest bank robberies and one of the largest thefts of credit card information took place this year.

In May, the U.S. Attorney for the Eastern District of New York in May announced charges in a $45 million bank heist involving stolen account information.

"Instead of guns and masks, this cybercrime organization used laptops and malware," said U.S. Attorney Loretta Lynch.

Members of a highly organized crime ring allegedly hacked into financial institutions to access account information, which they used to withdraw millions of dollars from ATMs. Three individuals have pleaded guilty.

In July, the U.S. Attorney for New Jersey Paul Fishman announced charges in the largest theft of credit card data.

"The conspirators in this criminal enterprise breached the computer networks of at least 17 major retailers, financial institutions, and payment processors and obtained more than 160 million credit and debit card numbers," Fishman said.

The defendants are charged with hacking into systems at the Nasdaq, 7-Eleven, Visa and J.C. Penney, among others.

Syrian Electronic Army attacks media websites and Twitter accounts

The Syrian Electronic Army, a group supporting the Syrian regime, grabbed Americans' attention in April, when it hacked the Twitter account of the Associated Press. The hackers sent out a tweet stating, "Breaking: Two Explosions in the White House and Barack Obama is injured."

Though the AP quickly announced that it had been hacked, it wasn't quick enough to prevent stock exchanges from plunging; the Dow Jones tumbled 140 points before recovering.

(Read more: False rumor of explosion at White House causes stocks to briefly plunge)

Other sites hacked included The New York Times, the Washington Post and even satirical newspaper The Onion.

The Chinese threat

The first half of 2013 brought more details on one of the most well-known threats.

The security firm Mandiant released a report in February that a unit of China's People's Liberation Army carried out attacks on U.S. corporations.

In May, the Pentagon's Annual Report on China directly blamed that nation's government and military for hacks on computers in the U.S. The Chinese government denied the allegations.

Looking ahead to 2014, key trends to be on the lookout for include new types of attacks and more concern about mobile security. As consumers and businesses dive deeper into new technologies, hackers are likely to follow.

—By CNBC's Jennifer Schlesinger. Follow her on Twitter @jennyanne211. For more CNBC coverage of cybersecurity, visit HackingAmerica.cnbc.com.

Symbol
Price
 
Change
%Change
TGT
---
JCP
---
V
---

Featured

  • Andrea Day

    Andrea Day covers Crime & Punishment for CNBC. She and her team have reported nearly $1 billion in fraud this year.

Madoff Trustee: Investigations Inc

Crime & Punishment: Inside the SEC

  • The Treasury estimates that $21 billion in potentially fraudulent refunds due to identity theft could be issued in the next five years.

  • CNBC's Gary Kaminsky takes a look at the massive amount of digital data that pours into the SEC's enforcement division, which is in charge of investigating violations of securities laws.

  • CNBC's Gary Kaminsky spent time with SEC's Bruce Karpati to learn more about his division, which investigates allegations of fraud committed by investment advisers. Kaminsky reports that if you're breaking the law, the agency will find you.

Selling the American Dream

Investigations Inc.: Cyber Espionage

  • When a person enters information on a website, like an email or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.

    By attacking business computer networks, hackers are accessing company secrets and confidential strategies and creating huge losses for the overall economy.

  • China is working feverishly to counteract its slowest GDP growth in recent years, and one of the ways it’s doing so, say U.S. officials, is through the theft of American corporate secrets.

  • US businesses are enduring an unprecedented onslaught of cyber invasions from foreign governments, organized crime syndicates, and hacker collectives, all seeking to steal information and disrupt services, cybersecurity experts say.