When you chose a web host, you probably assume that they were relatively safe. You only hear about server hacks when they take down huge corporate sites, and what are the odds of that happening to you? Is a hacker really going to break into your server just to mess with your blog about Lolz cats or your industry site geared towards green roofers? You might not be as big of a target as, well, Target, but that doesn’t mean you’re automatically in the clear.
Many of the biggest server hacks go under-reported because they’re only of interest to a niche market. If the population as a whole isn’t being impacted, why should media cover it? After all, what does it really matter if “only” a local boutique had their hared server hacked when it didn’t lead to identity theft or other more serious concerns?
It matters a lot—server hacks can destroy a company. Here are some of the biggest in 2014 you may (or may not) have heard of:
- The Microsoft/Valve Server Hack
It took a team of four hackers from around the world to break into the servers for Valve and Microsoft according to the US Department of Justice. Their goal? Getting trade secrets such as source codes for video games. While Microsoft and Valve servers took the biggest hit, the hackers also zeroed in on Zombie Studios and Epic Games.
In the end, they made out with up to $200 million in secrets and coding. It’s expected that they’ll sell the goods, but already the DOJ has seized more than $620,000 in proceeds from the hack. The hackers have been caught and plan to plead guilty.
- Call of Duty Hack
This is the second time the server for Activision games has been targeted by hackers. Lizard Squad is the online crew taking credit for this hack, claiming they took down several servers for EA games, including Call of Duty: Ghosts and Destiny. Bungie (the makers of Destiny) took to Twitter, explaining, “We’re aware of connection issues affecting portions of Destiny player base and we’re working to correct the problem.”
Bringing down a gaming server is usually done via distributed denial of service (DDoS) attacks, flooding the server with an abundance of requests to achieve a crash. “We’re predicting a lot of mad gamers this weekend,” was all Lizard Squad had to say about it.
- Massive Obamacare Hack
As if the Obamacare site didn’t have enough problems, an anonymous hacker (or group) recently got into the HealthCare.gov site via the agency’s server. It’s the site used to enroll in health insurance, and the hackers uploaded malware in order to wreak havoc on the popular site. The attack occurred in July 2014, and the malicious software was created to spread DDos against websites—it wasn’t an attempt to steal information or identify theft.
According to a spokesperson, “Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted.” Since then “measures” have been taken to up security, but there’s no details on what those measures are.
Choosing a reputable and secure web host is paramount no matter how big or small your site. Sometimes hackers target servers just because they can—and you’ll be the one paying the price.