Year in Review: Security in 2009

Security is always a big issue in IT, and 2009 was no different, with Conficker attacking, the Heartland data breach breaking records, and more.

Conficker attacks

One of the biggest stories in IT security this year was Conficker. Also known as Kido or Downadup, the worm had infected nine million PCs by January leading Microsoft to offer up a $250,000 bounty for information on those responsible for its creation.

It managed to take down PCs at hospitals, the House of Commons and even the Ministry of Defence, and everyone got really nervous when a counter in the worm suggested something big was to happen on 1 April. The worm tried to link up to something, and eventually connected to the Waledec botnet.

While security measures helped calm things over the summer, it started to re-emerge as a threat in September, taking down systems at Oxford Brooks University.

Heartland data breach

In January, a massive breach at data processor Heartland exposed banking details of as many as 100 million card transactions. Considered the largest data breach of all time, the Heartland incident was even bigger than the TJX attack in 2008, which saw one of the gang members sentenced to 30 years by a Turkish court back in January.

Heartland was dropped from the PCI compliance list and hit with a whopping $12.6 million bill for costs.

Smartphone threat

Security woes spread to smartphones this year, as the popularity of handsets like the iPhone continued to skyrocket.

Social networking attacks

In August, Twitter was taken offline - but it wasn't just a case of the fail whale wanting a bit of attention.

No, in this case it was a denial of service attack, which also hit Facebook and other sites and was apparently targeted at one Georgian blogger by Russian hackers.

Most worm attacks against such social networking sites weren't so dramatic, but just as much of an issue. Twitter was hit by worms over the Easter weekend, while spam sent via Tweets and hidden using link shorteners took off.