A History of Cyber Warfare – Part 1

Cyberwarfare is becoming a more prevalent form of cyber-attack, and one that may be hard for an individual or a small business owner to understand or defend against.  Of Friday we took a look at the definition and practice of cyber war.  This week we will review the history cyberwar incidents, the attackers, the targets, and the outcome of the best known cyberwarfare incidents.

Serbia-Kosovo (May 1999)

Cyber attack attributed to China.  Target was United States. Initial military attack by US resulted in a cyber counter attack by China.

The Chinese embassy in Belgrade was providing  tactical radio support for the Yugoslav army.  A NATO jet bombed the embassy. In response, the Chinese Red Hacker Alliance launched thousands of cyber attacks against US government websites.

Titan Rain (2003)

Attack attributed to China.  Target U.S defence contrators Lookheed Martin, Sandia National Labs, Redstone Arsenal, NASA.  Classified as an advanced Persistent Threat, the purpose appeared to be corporate and military espionage.

Estonia (2007)

Attributed to Russia.  Target was organizations in Estonia, including their parliament, banks, governmental ministries, newspapers, television and radio networks.  This was the second largest cyberattack up to that time, after only Titan Rain.  This incident lead to NATO writing the Tallinn Manual on the International Law Applicable to Cyber Warfare.

Russian-Georgian War (August 2008)

Attributed to Russia.  Cyber attacks against Georgian government websites combined with traditional combat operations.

Operation Cast Lead (December 2008 to January 2009)

Attributed to the Israeli army.  Israel launched an attack against the Palestinian authority combining traditional combat operations with attacks against Hamas and Palestinian government web sites.

Ghostnet (2009)

Attributed to China.  Targets were the Tibetan community in exile, including the online assets of the Dalai Lama.  Also attacked were embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany, and Pakistan.  The offices of the Prime Minister of Laos and the foreign ministries of  Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados, and Bhutan were also targeted.  This attack was carried out through the use of spearphishing campaigns against key personnel.  An email attachment was provided to install a remote access Trojan horse, allowing the attackers real-time remote access to the infected computers.

Operation Aurora (2009-2010)

Cyber attack attributed to China, People’s Liberation Army.  Targets were corporate business networks of Adobe, juniper Networks, Rackspace, Yahoo, Symantec, Northrup Grumman, Morgan Stanley, Dow Chemical and others.  First reported by Google (also a target) in a Jan 10 2010 blog post. This attack was classified as an Advanced Persistent Threat.

On Wednesday we will continue our story on the history of cyber warfare.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts


Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.