A timeline of government-sponsored hacking attacks
2004 suspected: Chinese group in Shanghai begins probing US companies and military targets.2005: "Titan Rain" pulls data from the Pentagon's systems, and a specialist says of a December 2005 attack on the House of Commons computer system that "The degree of sophistication was extremely high. They were very clever programmers."
2007: Estonia's government and other internet services are knocked offline by a coordinated attack from more than a million computers around the world – reckoned to have been run from a group acting at the urging of the Russian government. Nobody is ever arrested over the attack.
2008: Russia's government is suspected of carrying out a cyberattack to knock out government and other websites inside Georgia, with which it is fighting a border skirmish over the territory of Ossetia.
December 2009: Google's email systems in China are hacked by a group which tries to identify and take over the accounts of Chinese dissidents. Google withdraws its search engine from the Chinese mainland in protest at the actions. Wikileaks cables suggest that the Chinese government was aware of the hacking.
2010: The Flame virus begins silently infecting computers in Iran. It incorporates cutting-edge cryptography breakthroughs which would require world-class experts to write. That is then used to infect Windows PCs via the Windows Update mechanism which normally creates a cryptographically secure link to Microsoft. Instead, Flame puts software that watches every keystroke and frame on the PC. Analysts say that only a "wealthy" nation state could have written the virus, which breaks new ground in encryption.
The Stuxnet worm is discovered to have been affecting systems inside Iran's uranium reprocessing establishment, passing from Windows PCs to the industrial systems which control centrifuges that separate out heavier uranium. The worm makes the centrifuges spin out of control, while suggesting on their control panel that they are operating normally – and so break them. Iran denies that the attack has affected its project. The US and Israel are later fingered as being behind the code.
September 2011: a new virus that silently captures data from transactions in Middle Eastern online banking is unleashed. The principal targets use Lebanese banks. It is not identified until August 2012, when Russian security company Kaspersky discovers the name "Gauss" embedded inside it. The company says the malware it is "nation state-sponsored" – probably by a western state seeking to trace transactions by specific targets.
2012: About 30,000 Windows PCs at Saudi Aramco, the world's most valuable company, are rendered unusable after a virus called "Shamoon" wipes and corrupts data and the part of the hard drive needed to "bootstrap" the machine when it is turned on. In the US, Secretary of Defense Leon Panetta described Shamoon as "one of the most destructive viruses ever" and suggested it could be used to launch an attack as destructive as the 9/11 attacks of 2001.
No comments:
Post a Comment