Also known as Skywiper and Flamer, Flame is a modular computer malware that was discovered in 2012 as a virus used to attacks computer systems in Middle Eastern countries that run on Microsoft Windows as their operating system. Used by hackers for espionage purposes, it infected other systems over a local network (LAN) or USB stick including over 1,000 machines from private individuals, educational institutions, and government organizations. It also recorded audio, including Skype conversation, keyboard activity, screenshots, and network traffic. It was discovered on May 28, 2012 by the MAHER Center of Iranian National Computer Emergency Response Team (CERT), the CrySys Lab and Kaspersky Lab.
July 2009 Cyber Attacks
These were a series of coordinated attacks against major government, financial websites and news agencies of both the United States and South Korea involving the activation of botnet. This involved a number of hijacked computers that caused servers to overload due to the flooding of traffic called DDoS attack. The numbers of hijacked computers varied depending on the sources and include 50,000 from the Symantec’s Security Technology Response Group, 20,000 from the National Intelligence Service of South Korea, and more than 166,000 from Vietnamese computer security researchers as they analyzed the two servers used by the invaders.
Canadian Government Hacking
The Canadian government has revealed in news sources that they became a victim of cyber attacks in February 2011 from foreign hackers with IP addresses from China. These hackers were able to infiltrate three departments within the Canadian government and transmitted classified information back to themselves. Canada eventually cut off the internet access of the three departments in order to cut off the transmission towards China.
Paypal became a victim of cyber attack in December 2010 after it permanently restricted the account used by WikiLeaks to raise fund, citing their violation of the Acceptable Use of Policy as their reason. However, it did not only result in multiple boycotts from individual users but also caused hackers to move in.
The biggest protest movement against the Church of Scientology was conducted by Anonymous, a leaderless group of internet-based hacktivist that originated from 4chan. The Project Chanology originated from the church’s attempt to remove the material from the highly-publicized interview of Tom Cruise, a prominent member of the church, in the internet in January 2008. It started with a YouTube “Message to Scientology” on January 21, 2008 and was followed by distributed denial of service attacks (DDoS), prank calls, black faxes and other methods due to their views of internet censorship implemented by Scientology.
An English-language image board website used for posting pictures and discussion of the Japanese manga and anime, 4chan was launched on October 1, 2003 by a bored 15-year-old student from New York City named Christopher Poole. Since users of the website can post anonymously, experts believed that its users were able to pull off the highest collective actions in the history of the internet. One of their victims includes Hal Turner, who was raided with DDoS attacks and prank calling in his radio show from December 2006 to 2007. Later that year, the private Yahoo!Mail account of Sarah Palin, who was running as a Republican vice presidential candidate in the 2008 US presidential election, was hacked by a 4chan user, resulting in criticisms in using private email accounts for government work.
Despite the country reputation for being an IT and software powerhouse, India has reported 13,301 cyber security breaches in 2011. However, the biggest cyber attack that the country has faced occurred on July 12, 2012 where hackers penetrated the email accounts of 12,000 people, which include high officials from Defense Research and Development Organization (DRDO), the Indo-Tibetan Border Police (ITBP), Ministry of Home Affairs, and the Ministry of External Affairs.
Iran was subjected to cyber attacks on June 2010 when its nuclear facility in Natanz was infected by Stuxnet, a cyber worm that was believed to be a combined effort of Israel and the United States, though no one claimed responsibility for its inception. The worm destroyed Tehran’s 1000 nuclear centrifuges and set back the country’s atomic program by at least two years, as it spread beyond the plant and infected over 60,000 computers as well. The Iranian government was also accused of its own cyber attacks to the United States, Israel and other countries in the Gulf Arabs, including their alleged involvement in the hacking of American banks in 2012.
A coordinated cyber attack by anti-Israel groups and individuals, #opiIsrael is a DDoS assault that was timed for April 7, 2012, the eve of Holocaust Remembrance Day with the aim of erasing Israel from the internet. Websites targeted by these hactivists include financial and business sectors, educational institutions, non-profit organizations, newspapers, and privately-owned businesses in Israel.
Yahoo was also subjected to cyber attacks that originated from China in an action called ‘Operation Aurora.’ This operation was conducted by the Elderwood Group, which was based in Beijing and has ties with the People’s Liberation Army, using advanced persistent threats that began in mid-2009 to December 2009. This was disclosed in a blog posted by Google on January 12, 2010 and has been aimed at a number of organizations besides Yahoo, which also include Rackspace, Juniper Networks and Adobe Systems to gain access and modify their source code repositories.
The Spamhaus Project
Considered as the biggest cyber attack in history, Spamhaus, a filtering service used to weed out spam emails, was subjected to cyber attacks wherein home and business broadband router owners became unsuspecting participants when their routers have been threatened. Thousands of Britons used Spamhaus on a daily basis determine whether or not to accept incoming mails. On March 18, 2013, Spamhaus added Cyberbunker to its blacklisted sites and Cyberbunker and other hosting companies retaliated by hiring hackers to put up botnets, which also exploited home and broadband routers, to shut down Spamhaus’ system.
Citigroup, one of the largest financial giants in the world, provides an ample incentive for hackers to organize an attack due to the vast amount of wealth and sensitive information that flows through the company daily. In 2011, over 200,000 customer information from contact details to account numbers were compromised, which resulted in $2.7 million loss for the company.
Heartland Payment Systems
The trusted payment processor Heartland Payment Systems also fell into the trap set by Albert Gonzales of the Shadowcrew fame, which were responsible for phishing out over 100 million individual card numbers, costing Heartland more then $140 million dollars in damages incurred in 2008. Besides the damages incurred, it also besmirched the company’s motto, “The highest standards – The Most Trusted Transactions.” However, this proved to be Gonzales’ last ruse as he was found guilty of his crimes and was sentenced to 20 years in prison.
In 2007, Hannaford Bros, a grocery retailer, suffered a four-month long breach wherein over 4.2 million credit and debit card numbers and other sensitive data were stolen by a group of hackers that installed malware on the stores’ servers, instead of the company’s databases. This was masterminded by Albert Gonzales, who also hacked TJX, Heartland Payment Systems, BJ’s Wholesale Club, Barnes & Noble, DSW, Boston Market, and Sports Authority. Gonzales was behind the Shadowcrew.com where stolen account numbers and counterfeit documents were auctioned out to the 4,000 users who registered on the site, and also offers tutorials and how-to’s in using cryptography in magnetic strips on credit cards – a virtual playground for thieves.
Operation Shady Rat
An ongoing series of cyber attacks that started in mid-2006, Operation Shady Rat have hit at least 72 organizations worldwide including the International Olympic Committee, the United Nations, businesses, and defense contractors. Discovered by Dmitri Alperovitch, Vice President of Threat Research of McAfee in 2011, it was assumed that the People’s Republic of China was behind this. The operation was derived from the common security industry acronym for Remote Access Tool (RAT) and was behind the cyber attack on the 2008 Summer Olympics.