Cyber attacks involve the use of malicious programs or pieces of code steal, alter or destroy information, disrupt operations or damage a system. The malicious programs may be transmitted via the internet or using physical devices like flash disks or CD-ROMs.
Today it’s no longer only individual hackers in private homes who are responsible for cyber-attacks. Instead large organizations and even governments have been implicated in attacks and Cyber Security not just in the World, but also in South Africa has become a hot topic.
Here are 10 of the worst examples of cyber-attacks to have taken place.
Discovered in June 2010, this worm is believed to have been created by the United States in partnership with the Israeli government in order to compromise Iranian nuclear facilities, and to obtain data about Iran’s uranium enrichment infrastructure. StuxNet was initially spread by Microsoft Windows, and specifically targeted Siemens systems.
Operation “Shady RAT”
The aptly named “RAT” in Shady RAT stands for “Remote Access Tool”, a type of software that allows remote access to a computer on which it’s installed. In an ongoing series of attacks in 2006, Shady RAT was used in attacks on at least 72 organizations, including defense contractors, the UN, the Olympic Committee and several large businesses. It’s widely assumed that the People’s Republic of China was behind these attacks.
Also referred to as “Operation Chanology”, this attack on the Church of Scientology was coordinated by a group calling itself Anonymous, or “Anon” for short, which originated on an online image board known as 4Chan. The attack on the church was announced on YouTube in a video titled “Message to Scientology”, in which the group threatened to wipe Scientology off the internet through a series of distributed denial-of-service (DDoS) attacks, which it subsequently carried out.
Starting in mid-2003, a series of cyber-attacks was executed in an attempt to gather information – both economic and military – from US systems. The attacks continued for at least three years, and are thought to be Chinese in origin. They were named “Titan Rain” by the US federal government.
The original logic bomb
A “logic bomb” is a piece of code inserted in a system and designed to set off a malicious function when certain conditions are met. The most well-known and possibly the first example of this kind of cyber-attack was on a Trans-Siberian pipeline in 1982. A software malfunction caused by a logic bomb forced the pipeline to operate at far higher pressure and temperature than it was designed to handle, with the result that the pipeline exploded.
The most dangerous flash drive
What the US military referred to as the “most serious breach” of sensitive information to date didn’t originate via complex DDoS attacks or involve support from foreign telecoms companies. Instead it originated from one flash drive inserted into a US government computer. In 2008, malicious code run from the flash drive allowed data to be transferred from US government servers to those under foreign control, in what then Deputy Secretary of Defense, William Lynn, called a “digital beachhead”. This attack prompted the Pentagon to create its own special “cyber” military command.
50 Days of lulz
In an attack perpetrated by users of the 4Chan image board, LulzSec, a splinter group from Anonymous, announced that ahead of its closure, it would be performing “50 days of lulz” – “lulz” being another way of writing “lols”, or “laughs”. The attacks weren’t motivated by political, ideological or economical agendas, with the result that nobody knew who was going to get hit. In the end, some of the largest targets included the CIA, whose web site was taken down, and AT&T, whose classified documents were released.
The SpamHaus breach
SpamHaus is a German-based anti-spam company. In 2013, it was subjected to the largest known DDoS attack, peaking at an incredible 300 gigabits per second. The attack forced the company to shut down its services, with the result that hundreds of thousands of people who used the SpamHaus service to remove spam from their e-mails and forums were left unprotected.
Citigroup, one of the largest banks in America, was the target of coordinated hacking in which the accounts of at least 350,000 people and organizations were compromised, resulting in net losses for the account holders in excess of $2.7 million. The attack exploited an easily detectible flaw – the hackers randomly changed numbers in the URLs generated by the Citigroup web site after valid customers logged in, allowing them to leap-frog from account to account, pilfering at will.
Presidential cyber threats
During the 2008 presidential elections in the United States, hackers compromised the computers systems of both Obama and McCain, forcing the FBI to confiscate all their electronic equipment and leaving both parties hoping that none of the sensitive information that had been dug up on the campaign trail would ever see the light of day.