4. The First Cyber War
Yes, yes, we said we were clearing out the DDoS dross in the introduction, but what happened to Estonia in 2007 was no ordinary DDoS attack. Kicking off at 10pm on 26 April, the Baltic state suffered three weeks of DDoS attacks, which completely crippled its IT infrastructure.
During first week, went on to take down the sites of most other political parties, the official site of the Estonian Parliament and other government entities. In the second week, the attack spread to the websites of Estonian news outlets, universities, schools and businesses. But it was in the third week that the real hammer blow fell. At the stroke of midnight, a huge torrent of traffic – peaking at over 4 million data packets per second – slammed into Estonia’s banking infrastructure.
It’s suspected that all the perpetrators were either Russians or ethnic Russian Estonians. The attack followed two days of rioting in the Estonian capital Tallinn over the relocation of a bronze war memorial dating from the Soviet era. Perhaps even more damningly, the third wave of the attack commenced on the Russian Victory Day of 2nd world war.
3. The Bedroom Hacker who made US armory disappear.
At the turn of 200, NASA and the US Department of Defense (DoD) were successfully compromised by two hackers, 15-year-old Jonathan James and 35-year-old Gary McKinnon.
James was the first to have a crack at the American space agency in 1999, which he crawled into by compromising computers at the US Defense Threat Reduction Agency.
Among other things, he managed to make off with the source code for the life support systems on the International Space Station (ISS).
Among other things, he managed to make off with the source code for the life support systems on the International Space Station (ISS).
Gary McKinnon has the dubious honour of being accused by US prosecutors of perpetrating “the biggest military computer hack of all time”.
2. Bitcoin’s Black Day
How can millions of dollars disappear without trace? This is the question Mt. Gox, the largest Bitcoin exchange in the world, was faced with in early 2014. On 7 February, the exchange suddenly ceased trading, saying it had discovered a “transaction malleability” bug and locked customers out of their accounts. The organisation would later blame hackers for stealing $460 million-worth of Bitcoins over the course of three-to-four years, causing a crash in the value of the cryptocurrency.
On 13 June 2011, 478 Mt. Gox accounts were robbed of a total of 25,000 bitcoins (worth between $375,000 and $500,000 at the time), which were all transferred into a single account.
What made the attack possible and successful, though, wasn’t just the SQL injection vulnerability in the Mt. Gox code that gave hacker access to the user database, or the fact that usernames and email addresses were stored in plain text, or that it used the MD5 hashing algorithm rather than a more secure SHA-2 alternative, or even that about 1,600 of the passwords were hashed but unsalted. It was Karpeles’ own unique brand of hubris and naïveté. Failure to take seriously the complaints of the original 478 customers whose accounts were compromised – or even to consider it a bit weird that nearly 500 people were hacked on the same day – was a serious misstep; following it up by seemingly not caring that someone had stolen an entire user database is mind-blowing.
1. The Virus that destroyed nuclear equipment (Stuxnet)
Stuxnet is one of the best known names when it comes to cyber attacks, and for good reason. The worm (a self replicating, self propagating computer virus). This worm program that was less than a megabyte in size was released into Iran’s nuclear refinement plants. Once there, it secretly took over the Siemens SCADA control systems. This sneaky worm commanded over 5000 of the 8800 uranium centrifuges to spin out of control, then suddenly stop and then resume, while simultaneously reporting that all is well. This chaotic manipulating went on for 17 months, ruining thousands of uranium samples in secret, and causing the staff and scientists to doubt their own work. All the while, no one knew that they were being deceived and simultaneously vandalized.
But what makes Stuxnet really stand out among all the destructive malware out there was just how well crafted it was. The Stuxnet payload consisted of three parts: the worm itself (WORM_STUXNET), an execution .LNK file (LNK_STUXNET) that allowed the worm to auto-execute, and a rootkit (RTKT_STUXNET) that hid the worm’s existence.
This hack is memorable because of both optics and deceit: it attacked a nuclear program of a country that has been in conflict with the USA and other world powers; it also deceived the entire nuclear staff for a year and a half as it performed its nasty deeds in secret.
Posts
No comments:
Post a Comment