Also known as Skywiper and Flamer, Flame is a modular computer malware that was discovered in 2012 as a virus used to attacks computer systems in Middle Eastern countries that run on Microsoft Windows as their operating system. Used by hackers for espionage purposes, it infected other systems over a local network (LAN) or USB stick including over 1,000 machines from private individuals, educational institutions, and government organizations. It also recorded audio, including Skype conversation, keyboard activity, screenshots, and network traffic. It was discovered on May 28, 2012 by the MAHER Center of Iranian National Computer Emergency Response Team (CERT), the CrySys Lab and Kaspersky Lab.
July 2009 Cyber Attacks
These were a series of coordinated attacks against major government, financial websites and news agencies of both the United States and South Korea involving the activation of botnet. This involved a number of hijacked computers that caused servers to overload due to the flooding of traffic called DDoS attack. The numbers of hijacked computers varied depending on the sources and include 50,000 from the Symantec’s Security Technology Response Group, 20,000 from the National Intelligence Service of South Korea, and more than 166,000 from Vietnamese computer security researchers as they analyzed the two servers used by the invaders.
Canadian Government Hacking
The Canadian government has revealed in news sources that they became a victim of cyber attacks in February 2011 from foreign hackers with IP addresses from China. These hackers were able to infiltrate three departments within the Canadian government and transmitted classified information back to themselves. Canada eventually cut off the internet access of the three departments in order to cut off the transmission towards China.
Paypal became a victim of cyber attack in December 2010 after it permanently restricted the account used by WikiLeaks to raise fund, citing their violation of the Acceptable Use of Policy as their reason. However, it did not only result in multiple boycotts from individual users but also caused hackers to move in.
The biggest protest movement against the Church of Scientology was conducted by Anonymous, a leaderless group of internet-based hacktivist that originated from 4chan. The Project Chanology originated from the church’s attempt to remove the material from the highly-publicized interview of Tom Cruise, a prominent member of the church, in the internet in January 2008. It started with a YouTube “Message to Scientology” on January 21, 2008 and was followed by distributed denial of service attacks (DDoS), prank calls, black faxes and other methods due to their views of internet censorship implemented by Scientology.
An English-language image board website used for posting pictures and discussion of the Japanese manga and anime, 4chan was launched on October 1, 2003 by a bored 15-year-old student from New York City named Christopher Poole. Since users of the website can post anonymously, experts believed that its users were able to pull off the highest collective actions in the history of the internet. One of their victims includes Hal Turner, who was raided with DDoS attacks and prank calling in his radio show from December 2006 to 2007. Later that year, the private Yahoo!Mail account of Sarah Palin, who was running as a Republican vice presidential candidate in the 2008 US presidential election, was hacked by a 4chan user, resulting in criticisms in using private email accounts for government work.
Despite the country reputation for being an IT and software powerhouse, India has reported 13,301 cyber security breaches in 2011. However, the biggest cyber attack that the country has faced occurred on July 12, 2012 where hackers penetrated the email accounts of 12,000 people, which include high officials from Defense Research and Development Organization (DRDO), the Indo-Tibetan Border Police (ITBP), Ministry of Home Affairs, and the Ministry of External Affairs.
Iran was subjected to cyber attacks on June 2010 when its nuclear facility in Natanz was infected by Stuxnet, a cyber worm that was believed to be a combined effort of Israel and the United States, though no one claimed responsibility for its inception. The worm destroyed Tehran’s 1000 nuclear centrifuges and set back the country’s atomic program by at least two years, as it spread beyond the plant and infected over 60,000 computers as well. The Iranian government was also accused of its own cyber attacks to the United States, Israel and other countries in the Gulf Arabs, including their alleged involvement in the hacking of American banks in 2012.
A coordinated cyber attack by anti-Israel groups and individuals, #opiIsrael is a DDoS assault that was timed for April 7, 2012, the eve of Holocaust Remembrance Day with the aim of erasing Israel from the internet. Websites targeted by these hactivists include financial and business sectors, educational institutions, non-profit organizations, newspapers, and privately-owned businesses in Israel.
Yahoo was also subjected to cyber attacks that originated from China in an action called ‘Operation Aurora.’ This operation was conducted by the Elderwood Group, which was based in Beijing and has ties with the People’s Liberation Army, using advanced persistent threats that began in mid-2009 to December 2009. This was disclosed in a blog posted by Google on January 12, 2010 and has been aimed at a number of organizations besides Yahoo, which also include Rackspace, Juniper Networks and Adobe Systems to gain access and modify their source code repositories.
The Spamhaus Project
Considered as the biggest cyber attack in history, Spamhaus, a filtering service used to weed out spam emails, was subjected to cyber attacks wherein home and business broadband router owners became unsuspecting participants when their routers have been threatened. Thousands of Britons used Spamhaus on a daily basis determine whether or not to accept incoming mails. On March 18, 2013, Spamhaus added Cyberbunker to its blacklisted sites and Cyberbunker and other hosting companies retaliated by hiring hackers to put up botnets, which also exploited home and broadband routers, to shut down Spamhaus’ system.
Citigroup, one of the largest financial giants in the world, provides an ample incentive for hackers to organize an attack due to the vast amount of wealth and sensitive information that flows through the company daily. In 2011, over 200,000 customer information from contact details to account numbers were compromised, which resulted in $2.7 million loss for the company.
Heartland Payment Systems
The trusted payment processor Heartland Payment Systems also fell into the trap set by Albert Gonzales of the Shadowcrew fame, which were responsible for phishing out over 100 million individual card numbers, costing Heartland more then $140 million dollars in damages incurred in 2008. Besides the damages incurred, it also besmirched the company’s motto, “The highest standards – The Most Trusted Transactions.” However, this proved to be Gonzales’ last ruse as he was found guilty of his crimes and was sentenced to 20 years in prison.
In 2007, Hannaford Bros, a grocery retailer, suffered a four-month long breach wherein over 4.2 million credit and debit card numbers and other sensitive data were stolen by a group of hackers that installed malware on the stores’ servers, instead of the company’s databases. This was masterminded by Albert Gonzales, who also hacked TJX, Heartland Payment Systems, BJ’s Wholesale Club, Barnes & Noble, DSW, Boston Market, and Sports Authority. Gonzales was behind the Shadowcrew.com where stolen account numbers and counterfeit documents were auctioned out to the 4,000 users who registered on the site, and also offers tutorials and how-to’s in using cryptography in magnetic strips on credit cards – a virtual playground for thieves.
Operation Shady Rat
An ongoing series of cyber attacks that started in mid-2006, Operation Shady Rat have hit at least 72 organizations worldwide including the International Olympic Committee, the United Nations, businesses, and defense contractors. Discovered by Dmitri Alperovitch, Vice President of Threat Research of McAfee in 2011, it was assumed that the People’s Republic of China was behind this. The operation was derived from the common security industry acronym for Remote Access Tool (RAT) and was behind the cyber attack on the 2008 Summer Olympics.
TJX, a Massachusetts-based retailing company and owner of TJ Maxx and Marshalls, was just one of the many retailer companies hacked by Albert Gonzales and a group of hackers from the Shadowcrew. They were able to siphon 45 million credit and debit card information, which they used to fund their million-dollar shopping spree of electronic goods from Wal-Mart. The data breach has resulted in $250 million in damages as Gonzales and 10 of his crew seek their targets while wardriving and looking for vulnerabilities in wireless networks along US Route 1 in Miami.
Sven Jaschan, a German college student who confessed as the author of Netsky worms and Sasser computer worms, has unleashed a virus in 2004 on his 18th birthday that has resounding effects all around the world. Though the estimated damage was pegged at $500 million dollars, experts believed that it could have been more as it disabled the Delta Air Lines’ computer system and resulted in a number of cancellations of several transatlantic flights. Microsoft placed a $250,000 bounty on his head. He was captured after a three-month manhunt operation.
Michael Demon Calce from West Island, Quebec is just an ordinary 15-year-old, but in the cyberspace; he is very famous as ‘MafiaBoy.’ He gained notoriety in the year 2000 for hacking companies with high-level of securities, which include computer giant Dell, Yahoo, Fifa.com, Amazon, Ebay and CNN with estimated damages of $1.2 billion dollars, not including his attacks in 9 out of 13 root name servers. However, he only received eight months of ‘open custody,’ one year of probation, a small fine and restricted use of internet by the Montreal Youth Court.
During the 2008 presidency run, suspected hackers from China or Russia attacked the computer systems used in the campaigns of both Barrack Obama and John McCain, which include emails and sensitive data used in the campaign. Because of the breach, the FBI confiscated all the computers and all the electronic devices; while a lot of people hoped that the FBI will keep secret all the things they might dug up during the campaign trail.
In 2011, 77 millions of Playstation Network and Sony Online Entertainment accounts, including credit and debit card information users were stolen by an unknown group of cyber hackers. The outage from external intrusion has an estimated damage at $1 to $2 billion dollars; and the worst thing that can happen to dedicated gamers happened, where hackers were able to log on even when the company was trying to fix the breach, which lasted for 24 days.
The Estonian Cyberwar
The government of Estonia was subjected to cyber terrorism on April 27, 2007 by the Nashi, a pro-Kremlin group from Transnistria. One of the largest after Titan Rain, they employed a number of techniques such as ping floods and botnets to penetrate and take down key government websites rendering them useless. Their method was so complicated that the Estonian government believed that they might have had aids from the Russian government. What triggered these attacks was an important icon to the Russian people, the Bronze Soldier of Tallinn, an elaborate Soviet-era war grave marker and the war graves that were relocated by the Estonian government.
One of the costliest cyber attacks in history, the data breach in Epsilon, the world’s largest provider of marketing and handling services to industry giants such as JP Morgan Chase, Best Buy, and other major financial services, retailers and other major companies in 2011, has an estimated damage cost that ranged from $225 million to $4 billion dollars. The targets of the hackers were email addresses that they can use for their criminal activities, making its implications a lot greater than estimated.
One of the earliest forms of major infiltration where hackers penetrated American computer systems at will; Moonlight Maze was an accidental discovery made by the US officials and was believed to be conceived by the Russians although they denied their involvement. In this cyber attack, hackers targeted military maps and schematics and other US troop configurations from the Pentagon, the Department of Energy, NASA and various universities and research labs in unremitting attacks that was discovered in March 1988, but had been going on for nearly two years.
In 2004, Shawn Carpenter discovered a series of coordinated ‘cyber raids’, in what the FBI believed to originated from government-supported cells in China. Dubbed as ‘Titan Rain,’ hackers were able to infiltrate several computer networks including those at NASA and the Lockheed Martin, Redstone Arsenal, and Sandia National Laboratories. Considered as one of the biggest cyber attacks in history, these acts posed the dangers of not only making off with military intelligence and classified data, but also paved the way for other hackers and espionage entities to infiltrate these systems as they leave backdoors or ‘zombify’ these machines.
The Original Logic Bomb
During the cold war in 1982, the CIA found a way to disrupt the operation of a Siberian gas pipeline of Russia without using traditional explosive devices such as missiles or bombs. Instead, they caused the Siberian gas pipeline to explode using a portion of a code in the computer system that controls its operation in what they tagged as “logic bomb.” The chaos that ensued was so monumental that the resulting fire was even seen from space.