In recent years, personal information security has gradually become a hot spot of public concern. Celebrities, politicians and corporate executives have a huge influence. Once they encounter a cyber attack, not only will their reputation be damaged, their social influence will decline, and even their lives will be threatened. . Even though their accounts are heavily protected, they are also more vulnerable to targeted APT attacks.
“Security Internal Reference” selects the most influential cybersecurity incidents of celebrities, politicians and corporate executives in recent years, aiming to sound the alarm for relevant personnel and raise public awareness of cybersecurity.
01
Trump’s Twitter login password leaked, leading to account theft
Attack method: account password hijacking
Attacker: Dutch security researcher Victor Gevers
The result: Retweets of fake tweets mocking Biden, damage to personal reputation
Impact Index: ☆☆☆
In October 2020, US President Trump’s Twitter account password – “maga2020!” was guessed by a security researcher and successfully logged into his account. According to foreign media reports, researchers successfully guessed Trump’s password on the fifth attempt and found that he was not even using two-factor authentication. The White House denied the claim, while Twitter said there was “no evidence” of hacking of the president’s account. This is not the first time Trump has leaked his Twitter password. On the eve of the 2016 US election, hackers successfully logged into his Twitter account using the password leaked by LinkedIn in 2012. The password at that time was “yourefired”.
02
Chinese ambassador to UK Liu Xiaoming’s Twitter account hacked
Attack method: account hijacking
Attacker: unknown
The result: likes anti-China elements and pornographic videos, and constructs the spread of false information
Impact Index: ☆☆☆☆
In September 2020, according to media reports such as China’s CCTV and the British BBC, the account of Chinese Ambassador to the UK Liu Xiaoming’s Twitter account on overseas social media was attacked by anti-China elements. According to the British BBC’s report, the attack on Ambassador Liu Xiaoming’s account this time was caused by the attackers manipulating the account, and then posting pornographic videos on the Twitter platform and some overseas anti-China elements that spread rumors and distort the situation in Xinjiang, China Clicked “Like”. Subsequently, the Chinese embassy in the UK issued a statement condemning anti-China elements for attacking the account of the Chinese ambassador and asking Twitter to investigate the matter. At present, the content manipulated by the attackers has also been canceled as “likes”.
03
Twitter CEO’s personal Twitter account hacked due to SIM hijacking
Attack method: SIM card swap
Attacker: Hacking group Chuckling Squad
Consequences: Publishing racist remarks, constructing disinformation spread
Impact Index: ☆☆☆☆
In August 2019, Twitter CEO Jack Dorsey’s Twitter account was hacked by a gang of hackers and he posted dozens of racist and inflammatory tweets. It is understood that the hacking incident was carried out by the hacker organization Chuckling Squad and lasted about 30 minutes. The group tricked carriers into transferring Jack Dorsey’s mobile number from his personal SIM card to one controlled by the group, and used the Twitter messaging interface to post racist comments to his account. At present, Twitter has deleted the relevant release information.
04
Travel company data breach exposes whereabouts of Israeli prime minister and his family
Attack method: database of travel company Amadeus leaked
Attacker: unknown
Consequences: The flight itinerary of the Israeli prime minister, his family, and other senior officials exposed
Impact Index: ☆☆☆
In May 2019, according to foreign media reports, the Israeli database of travel company Amadeus suffered a data breach, exposing the private information of millions of Israeli travelers. The entire database is said to contain 36 million flight bookings, 15 million personal details of passengers, 700,000 visa applications and more than 1 million hotel reservations, including the flight itineraries of Israeli Prime Minister Benjamin Netanyahu and his family, as well as other senior officials. Amadeus issued a statement saying a system used by its operations in Israel had a vulnerability, and its security team took immediate action to address the configuration flaw, which has now been fixed.
05
Amazon CEO Jeff Bezos’s phone hacked by Saudi crown prince, leaking personal information
Attack method: Malicious spyware implantation
Attacker: Saudi Crown Prince
Consequences: personal privacy data leaked, extramarital affair exposure led to divorce
Impact Index: ☆☆☆☆
In March 2019, Amazon security experts analyzed that Saudi Crown Prince Mohammed bin Salman was hacked on his device after he sent a seemingly innocuous video to Amazon CEO Jeff Bezos via WhatsApp. Spyware was planted, resulting in a large amount of data being stolen by Saudi hackers, including his extramarital affairs. Since October 2018, when The Washington Post reported on the brutal persecution of journalist Jamal Khashoggi at the Saudi consulate, the Saudi government has been trying to work against its boss, Jeff Bezos. Following the incident, the United Nations has banned its senior officials from using WhatsApp to communicate from June 2020.
06
Israeli Prime Minister Candidate Attacked by Iranian Cyber Espionage, Personal Data Leaked
Attack method: mobile device hijacking
Attacker: Iranian cyber espionage
Consequences: PM candidate’s personal data leaked, political campaign sabotaged
Impact Index: ☆☆☆☆
In March 2019, according to Israeli media reports, Israel’s Shin Bet internal security service said that Iranian cyber spies hacked into the phone of Prime Minister candidate Benny Gantz, exposing his personal data. Hackers handed his personal information and address into the hands of adversaries with the aim of sabotaging Gantz’s political campaign. An anonymous campaign official revealed that hackers had breached Gantz’s devices months earlier. According to media reports, two officials from Israel’s Shin Bet National Security Service had informed Gantz of the hacking incident during his campaign.
07
Singapore Prime Minister Lee Hsien Loong’s medical data stolen by hackers
Method of attack: SINGAPORE SERVICES DATABASE leaked
Attacker: Whitefly espionage group
Consequences: 1.5 million patient data stolen; Singapore Prime Minister’s personal data and prescription records leaked
Impact Index: ☆☆☆
In July 2018, the data database of the Singapore Health Services Group suffered a serious cyber attack, and the personal data of 1.5 million patients who visited the group’s hospitals and clinics, including information such as name, address, birth date, gender and ethnicity, were stolen. Another 160,000 outpatient prescription records were also included in the stolen data. The attackers stole the data by implanting malware after breaking into SingHealth’s computer systems. It is worth noting that the attackers appear to have targeted and repeated access to Singapore Prime Minister Lee Hsien Loong’s personal data and prescription records. In March 2019, security firm Symantec released a report showing that the worst cyberattack in Singapore’s history was the work of a state-backed espionage group called Whitefly.
08
Suspected Russian hackers hacked the mailboxes of British government officials, a large number of state secrets were leaked
Attack methods: Email account hijacking, spear phishing attacks
Attacker: Suspected Russian hacker
The result: a huge amount of state secrets leaked and released ahead of the 2019 UK general election
Impact Index: ☆☆☆☆
Between July and October 2019, hackers suspected of originating from Russia breached the email account of former UK International Trade Secretary Liam Fox and used so-called “spear phishing” attacks to lure Make the target hand over their password and login information. Hackers then stole a wealth of classified information and made it public ahead of the 2019 UK general election. Among the leaked information were six batches of documents detailing UK-US trade talks. It’s not yet possible to determine which of Fox’s email accounts were hacked and when they were first compromised. British Foreign Secretary Dominic Raab endorsed the claim in July 2020, saying “Russian attackers” had tried to interfere in the election “by leaking illegally obtained government documents online”.
09
Former U.S. Secretary of State Hillary Clinton’s email scandal
Attack methods: Email hijacking, phishing email attacks
Attacker: Russian hacker group Fancy Bear
Consequences: Work email stolen, Hillary Clinton lost in the presidency
Impact Index: ☆☆☆☆☆
In March 2015, The New York Times reported that Hillary Clinton set up a private mail server during her tenure as secretary of state to process government emails, so that her mailbox lost the protection of the US government and was hacked. In October 2016, when the FBI investigated the husband of Hillary’s personal assistant Huma Aberdeen, more than 30,000 emails between Hillary and her team were found on his computer, causing the FBI to restart.” Mailgate” survey. In November, the Gmail mailbox of Hillary Clinton’s campaign director was attacked by phishing emails, and tens of thousands of emails were stolen and made public on WikiLeaks. In the end, Hillary lost her campaign because of the “mail door”.
10
Computers of several Australian dignitaries hacked
Attack method: Email hijacking
Attacker: unknown
The result: the computers of more than 10 government officials including Australian Prime Minister Gillard, Foreign Minister Rudd and Defense Minister Smith were hacked
Impact Index: ☆☆☆
In March 2011, the CIA and the FBI recently notified the Australian Security Intelligence Organization that thousands of emails from at least 10 Australian government departments had been hacked. Hackers breached the computers of more than 10 government officials including Prime Minister Gillard, Foreign Minister Rudd and Defense Secretary Smith. According to reports, the hacking incident occurred in early February 2011, Australian Attorney-General Robert McClelland refused to confirm or deny the existence of the incident. According to reports, the Australian security department said that the hackers penetrated the email system of the Australian Parliament, which has a low security level and does not involve communications between various government departments on security and sensitive issues.