Known for their motto “Laughing at your security since 2011!”, Lulzsec frequently targets high-profile organizations in an effort to embarrass them for insufficient security protections or in retaliation. Their first hack back in 2011 targeted Fox.com after a host on Fox News Channel called the rapper Common “vile” on-air. Since then, Lulzsec has targeted other media organizations including PBS and The Times, video game companies including Bethesda Game Studios and government organization websites including senate.gov and cia.gov.
Originating from the online image board 4chan, Anonymous’ first major attack came in the form of coordinated DDoS attacks against the Church of Scientology in an operation called Project Chanology. From there, other DDoS targets have included the Recording Industry Association of America (RIAA) and Motion Picture Association of America (MPAA), PayPal, and Koch Industries. Members of Anonymous have also been responsible for far more sophisticated attacks including compromising more than 70 million Sony Playstation Network accounts and similar attacks against organizations including San Francisco’s BART and computer security firm HBGary Federal.
Kevin Mitnick was once the most wanted hacker in America. Mitnick attributes much of his hacking prowess to his skills in social engineering, exploiting vulnerabilities in people in order to obtain privileged information or convince them to carry out an action. Some of Mitnick’s most notorious attacks include obtaining access to a computer at the Pentagon via ARPANet, the precursor to the Internet, and social-engineering his way into Pacific Bell’s offices where he stole sensitive data.
There are few famous hackers more controversial than Adrian Lamo. Nicknamed “The Homeless Hacker,” Lamo lived most of his life couch-surfing and squatting in abandoned buildings. Lamo’s most infamous hack came when he discovered several misconfigured proxy servers at The New York Times which he used to access their private network where, among other things, he added himself to their list of expert sources. Lamo came under fire from fellow hackers after outing Chelsea Manning to the FBI as the one responsible for leaking a large number of classified documents on WikiLeaks.
Albert Gonzalez first came under the attention of US authorities while running allegedly helping run ShadowCrew.com, a message board for selling stolen ATM cards. Gonzalez was spared jail time in exchange for cooperating with the United States Secret Service against other important members of the website. This wasn’t the end of Gonzalez’s criminal activities however. While cooperating with the Secret Service, Gonzalez helped steal over 45 million credit and debit cards from stores including Office Max, Boston Market, Barnes & Noble, Sports Authority and TJ Maxx. Additionally, Gonzalez plead guilty to hacking into Heartland Payment Systems, 7-Eleven, and several other companies resulting in the theft of over 130 million credit card numbers.
Jeanson James Ancheta
Jeanson James Ancheta holds the title of being the first person to be charged and convicted for running a botnet army. Ancheta compromised nearly half a million computers with his botnet army and rented out advertising in the form of pop-ups, earning him over $100,000 in the process. He was ultimately captured by the FBI as a part of Operation: Bot Roast when FBI agents tricked him into visiting a local office to collect computer equipment.
Jonathan James started out his hacking career early, ultimately becoming the first juvenile to be jailed for cyber crime at the age of 16. James was responsible for several attacks against organizations in the southeast United Stated including BellSouth and the Miami-Dade school system. His most notorious attack however came when he infiltrated the Defense Threat Reduction Agency branch of the US Department of Defense. Inside the network, he stole usernames and passwords, messages, and the source code for the International Space Station’s life-support systems.
If you attempted to play any popular video games online in 2014, you were likely at some point affected by one of Lizard Squad’s many DDoS attacks. Throughout the second half of the year, Lizard Squad took down many popular gaming services such as League of Legends, Destiny, PlayStation Network and Xbox Live, including the famous Christmas Day attacks against the latter two.
Guccifer (Marcel Lazar Lehel)
Guccifer (not to be confused with Guccifer 2.0) was a prominent Romanian hacker responsible for hacking several US and Romanian officials and multiple celebrities. Guccifer’s targets included former US Secretary of State Colin Powell, members of the Rockefeller family, a US senator, and Sex in the City author Candace Bushnell.
Ryan Collins was responsible for a string of celebrity iCloud account breaches dubbed “Celebgate.” Between 2012 and 2014, Collins used phishing attacks to gain access to dozens of celebrity email and iCloud accounts. With his access, Collins stole sensitive and private information including nude images and videos of many well-known celebrities.
Hackers have many motivations for their attacks, whether it be fame, money, or “for the lulz.” Gary McKinnon’s motivation for his most notorious attacks was to prove the existence of alien UFOs. In 2002, McKinnon hacked in to several US military and NASA computer systems where he deleted files, copied passwords, and defaced websites. In a television interview, McKinnon said his motivation for the attacks was to find evidence of UFOs and antigravity technology.
Astra earned his fame from hacking into French aviation company Dassault Group where he stole classified information on military aircraft over the course of five years. Astra sold stolen information to other countries. Dassault Group claims the attack cost them $360 million in damages. Despite being charged and convicted, Astra’s true identity is still not publicly known.
Before he founded WikiLeaks, Julian Assange was a member of the hacking group International Subversives. Assange’s targets have included the US. Department of Defense, NASA, Lockheed Martin, Motorola and Citibank. He was finally apprehended after attempting to hack into Canadian Telco Nortel. A decade and a half after these attacks and his conviction, he went on to establish WikiLeaks, the website famous for publishing sensitive information leaks.
Robert Tappan Morris
Robert Tappan Morris holds two major claims to fame. He was the author of the first ever computer worm on the Internet and also the first person to be convicted under the Computer Fraud and Abuse Act. In 1988, Morris created the Morris Worm which exploited several vulnerabilities to automatically spread and copy itself to network-connected systems in an attempt to gauge the size of the Internet. His worm was also responsible for one of the first denial of service attacks when a flaw in its design caused severe resource utilization issues on thousands of infected computers.
Chaos Computer Club (CCC)
Chaos Computer Club (CCC) is one of the oldest and largest hacking organizations in Europe. The club and its members claim responsibility for several attacks in the early days of computers and the Internet, including one attack against the 1980s Deutsche Bundespost’s BTX computer network after the organization failed to respond to warnings of a vulnerability. CCC succeeded in stealing nearly DM 134,000, which they later returned.
Fancy Bear (APT28)
Fancy Bear, aka APT28, aka Pawn Storm, aka Sofacy Group, is a suspected state-sponsored hacking group out of Russia in association with another group known as Cozy Bear (or APT29). Fancy Bear is known for highly sophisticated attacks against international targets including the White House, NATO, the Democratic National Committee and French television station TV5Monde. In their attack against TV5Monde, Fancy Bear managed to override the channel’s broadcast programming for over three hours as well as simultaneously taking over their Facebook and Twitter pages.