| Recurring |
one_organization, multiple_organization |
(a) The software failure incident of hackers hijacking websites to mine cryptocurrency has happened again at the Information Commissioner's Office (ICO) website. The incident involved malicious code injected into the Browsealoud plug-in used by the ICO website, affecting thousands of other websites as well [68201].
(b) The software failure incident of hackers injecting crypto-mining code into websites has also occurred at other organizations besides the ICO. The hacked script was found running on the site of the Student Loans Company, Barnsley Hospital, and other websites in the UK and worldwide [68201]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase was due to the injection of crypto-mining code into websites through a compromised website plug-in called Browsealoud, which was used to assist blind and partially sighted individuals in accessing the web. This malicious code was designed to generate cryptocurrency, specifically Monero, by running processor-intensive calculations on visitors' computers without their knowledge [68201].
(b) The software failure incident related to the operation phase was caused by hackers hijacking government websites, including the Information Commissioner's Office (ICO) website, to mine cryptocurrency. Visitors to these websites had their computers taken over to mine cryptocurrency, impacting the performance of their systems and potentially exposing them to security risks [68201]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident was caused by hackers injecting crypto-mining code into a website plug-in called Browsealoud, which was used to assist blind and partially sighted individuals in accessing the web. This malicious code was designed to generate cryptocurrency (Monero) by running processor-intensive calculations on visitors' computers. The plug-in was tampered with to include a program, Coinhive, for mining Monero, affecting thousands of websites, including government ones like the Information Commissioner's Office (ICO) website [68201].
(b) outside_system: The software failure incident was initiated by hackers external to the system who injected the malicious crypto-mining code into the website plug-in. The hackers exploited vulnerabilities in the plug-in to hijack visitors' computers for mining cryptocurrency without their knowledge. This external attack led to the compromise of multiple websites, demonstrating the impact of threats originating from outside the system on software failures [68201]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in Article 68201 was due to non-human actions. Hackers injected malicious code into a website plug-in called Browsealoud, which was used to assist blind and partially sighted individuals in accessing the web. This injected code was designed to mine cryptocurrency, specifically Monero, by running processor-intensive calculations on visitors' computers without their knowledge [68201].
(b) The incident was also influenced by human actions. The hackers took deliberate actions to tamper with the Browsealoud plug-in, inserting the Coinhive program to mine for Monero. Additionally, the affected company, Texthelp, confirmed that the product was impacted by malicious code for four hours, indicating a human element in the software failure incident [68201]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurred due to hardware factors as hackers inserted software into websites, including government ones, to utilize visitors' computers for mining cryptocurrencies. This process requires significant computer processing power, leading to increased electricity bills. The malware injected into the websites caused visitors' computers to work on mining cryptocurrencies without their knowledge, impacting the performance of the computers [68201].
(b) The software failure incident also had contributing factors originating in software. The incident involved the tampering of a website plug-in called Browsealoud, which was used to assist blind and partially sighted individuals in accessing the web. The plug-in was affected by malicious code designed to generate cryptocurrency, specifically Monero. This tampering with the software plug-in led to the mining of Monero on visitors' computers, impacting thousands of websites that used the plug-in [68201]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in this case was malicious. Hackers hijacked government websites, including the Information Commissioner's Office (ICO) website, to mine cryptocurrency by injecting malicious code into a website plug-in called Browsealoud. This code was designed to generate cryptocurrency (Monero) by running processor-intensive calculations on visitors' computers without their knowledge [68201]. The attack was intentional and aimed at exploiting visitors' computer resources for financial gain. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident was due to poor_decisions. The incident involved hackers injecting crypto-mining code into a website plug-in called Browsealoud, which was used to assist blind and partially sighted individuals in accessing the web. This malicious code was designed to generate cryptocurrency (Monero) by running processor-intensive calculations on visitors' computers without their knowledge [68201]. The compromised plug-in affected not only the ICO website but also thousands of other websites that utilized it. This act was described as a serious breach with the potential for extracting personal data, stealing information, or installing malware, showcasing the negative consequences of the poor decision to tamper with the plug-in [68201]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident in Article 68201 was not due to development incompetence but rather due to hackers exploiting a vulnerability in a website plug-in called Browsealoud, which was used to help blind and partially sighted people access the web. The hackers injected malicious code into the plug-in, causing visitors' computers to mine cryptocurrency without their knowledge [68201].
(b) The software failure incident in Article 68201 was accidental in nature as it was caused by hackers injecting malicious code into the Browsealoud plug-in, which was not intended by the developers of the plug-in or the affected websites. The incident was not a result of intentional actions by the developers or the organizations using the plug-in but rather a malicious attack that occurred without their knowledge [68201]. |
| Duration |
temporary |
The software failure incident reported in the articles was temporary. The incident involved hackers injecting crypto-mining code into websites, including government ones, through a compromised website plug-in called Browsealoud. The affected code was disabled, and visitors were no longer at risk after the issue was identified and resolved [68201]. The incident lasted for about four hours, during which the malicious code was active on the affected websites [68201]. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident in the articles did not involve a crash where the system loses state and stops performing its intended functions. The incident was related to hackers injecting crypto-mining code into websites, causing visitors' computers to mine cryptocurrency without their knowledge [68201].
(b) omission: The software failure incident can be categorized under omission, as the system omitted to perform its intended functions by allowing hackers to inject malicious code into the websites, leading to unauthorized cryptocurrency mining on visitors' computers [68201].
(c) timing: The software failure incident was not related to timing issues where the system performs its intended functions but at the wrong time. Instead, the incident involved the system being compromised by hackers to conduct cryptocurrency mining activities on visitors' computers [68201].
(d) value: The software failure incident falls under the category of value, as the system performed its intended functions incorrectly by allowing unauthorized cryptocurrency mining to take place on visitors' computers due to the injection of malicious code by hackers [68201].
(e) byzantine: The software failure incident did not exhibit characteristics of a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The incident primarily involved the injection of crypto-mining code by hackers into websites, leading to unauthorized mining activities on visitors' computers [68201].
(f) other: The software failure incident can be categorized as a security breach and a form of cyber-attack, where hackers exploited vulnerabilities in the system to inject malicious code for cryptocurrency mining purposes. This behavior is not explicitly covered in the options provided [68201]. |