Top 10 Security Stories of 2008 | eWeek

Top 10 Security Stories of 2008

Written By
Brian Prince
Brian Prince
Dec 29, 2008
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Some cool hacks, panic in San Francisco and the shutdown of a notorious Web hosting firm-there were several interesting security stories that made headlines in 2008. Good guys and bad guys both had their hands full as the cat-and-mouse game between vendors and cyber-crooks continued.

So without further ado, here are 10 of the most interesting security stories of the year, in no particular order:

Microsoft Phases Out Windows Live OneCare

Microsoft stunned the security world once again, this time announcing it would end its Windows Live OneCare subscription service next year in favor of a stripped-down, free consumer security product.

DNS Flaw Patched by Multiple Vendors

The DNS flaw uncovered by security researcher Dan Kaminsky received lots of press and spurred a joint effort by vendors such as Microsoft and Cisco to issue patches simultaneously.

Hannaford Data Breach

Despite being PCI compliant, Hannaford Bros. fell victim to a targeted malware attack that exposed some 4 million credit and debit card numbers to identity thieves. The breach sparked debate over the effectiveness of PCI in securing data.

Sarah Palin’s E-Mail Account Hacked

In September, then-vice presidential candidate and current Alaska Gov. Sarah Palin had her personal Yahoo e-mail account hacked during a controversy regarding her alleged use of private e-mail for state business. The son of a prominent Tennessee politician was arrested for the hack, which he allegedly performed by abusing Yahoo’s password recovery feature.

Shutdown of McColo

The shutdown of McColo precipitated a dramatic decline in spam. Its demise was applauded by many security researchers.

San Francisco Network Admin Locks City Out of Network

Terry Childs, a former network administer for the city of San Francisco, was charged with a crime and jailed after refusing initially to provide passwords to the city’s network. The incident highlighted the issues of password management, access control and the insider threat.

Boston Subway Hack

A presentation about vulnerabilities in the Massachusetts Bay Transportation Authority ticketing system was banned from the DEFCON security conference by a court order after the MBTA protested. The gag order was later lifted.

Cracking the WPA Standard

Security researchers Erik Tews and Martin Beck outlined an attack they created to subvert WPA wireless security protections at the PacSec Applied Security Conference in Tokyo.

Security in the Cloud Makes Strides

Traditional security vendors big and small increased their movement toward pushing malware detection into the cloud. Established security SAAS vendor MessageLabs was purchased by Symantec, and more security SAAS startups such as Purewire and Zscaler appeared.

Cyber-warfare Between Russia and Georgia

Before the bombs dropped on the country of Georgia, a campaign of cyber-warfare was launched. Some security researchers placed the blame for the activity at the feet of the Russia government, while others blamed hacktivists.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.