Cyberwarfare is becoming a more prevalent form of cyber-attack, and one that may be hard for an individual or a small business owner to understand or defend against. Of Friday we took a look at the definition and practice of cyber war. This week we will review the history cyberwar incidents, the attackers, the targets, and the outcome of the best known cyberwarfare incidents.
Serbia-Kosovo (May 1999)
Cyber attack attributed to China. Target was United States. Initial military attack by US resulted in a cyber counter attack by China.
The Chinese embassy in Belgrade was providing tactical radio support for the Yugoslav army. A NATO jet bombed the embassy. In response, the Chinese Red Hacker Alliance launched thousands of cyber attacks against US government websites.
Titan Rain (2003)
Attack attributed to China. Target U.S defence contrators Lookheed Martin, Sandia National Labs, Redstone Arsenal, NASA. Classified as an advanced Persistent Threat, the purpose appeared to be corporate and military espionage.
Estonia (2007)
Attributed to Russia. Target was organizations in Estonia, including their parliament, banks, governmental ministries, newspapers, television and radio networks. This was the second largest cyberattack up to that time, after only Titan Rain. This incident lead to NATO writing the Tallinn Manual on the International Law Applicable to Cyber Warfare.
Russian-Georgian War (August 2008)
Attributed to Russia. Cyber attacks against Georgian government websites combined with traditional combat operations.
Operation Cast Lead (December 2008 to January 2009)
Attributed to the Israeli army. Israel launched an attack against the Palestinian authority combining traditional combat operations with attacks against Hamas and Palestinian government web sites.
Ghostnet (2009)
Attributed to China. Targets were the Tibetan community in exile, including the online assets of the Dalai Lama. Also attacked were embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany, and Pakistan. The offices of the Prime Minister of Laos and the foreign ministries of Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados, and Bhutan were also targeted. This attack was carried out through the use of spearphishing campaigns against key personnel. An email attachment was provided to install a remote access Trojan horse, allowing the attackers real-time remote access to the infected computers.
Operation Aurora (2009-2010)
Cyber attack attributed to China, People’s Liberation Army. Targets were corporate business networks of Adobe, juniper Networks, Rackspace, Yahoo, Symantec, Northrup Grumman, Morgan Stanley, Dow Chemical and others. First reported by Google (also a target) in a Jan 10 2010 blog post. This attack was classified as an Advanced Persistent Threat.
On Wednesday we will continue our story on the history of cyber warfare.
Share
FEB
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com