Hacking and hackers are the stuff of mythology, film, and often breathless headlines. From the attacks that brought down MasterCard and Visa’s websites in 2010 to the Xbox Live and PlayStation outages of Christmas 2014, it sometimes feels like our systems are under permanent assault from those who would take them offline.
And yet, none of these are true hacks — most simply involve overloading websites with requests until they cease to function.
Hacking, as first demonstrated in 1903 by magician John Nevil Maskelyne when he hijacked a public demonstration of Macaronis telegraph , involves gaining unauthorised access to a computer or IT system and requires some skill.
While small-scale attacks, malware and botnets still do the rounds, large-scale disruptive hacks are rare. When they do happen, though, they can be spectacular.
Here we clear out the DDoS dross and minor acts of cyberhooliganism to bring you the five biggest hacks of all time.
The 5 biggest hacks of all time:
- 1. The virus that destroyed nuclear equipment
- 2. The bedroom hacker who made an entire US Armory disappear
- 3. The first cyber war
- 4. Bitcoins black Monday
- 5. lulz sec costs Sony 171 million dollars
Stuxnet
Stuxnet is one of the best known names when it comes to cyber attacks, and for good reason. The worm (a self replicating, self propagating computer virus) destroyed a fifth of Iran's centrifuges in 2009, seriously hindering the country’s atomic plans.
But what makes Stuxnet really stand out among all the destructive malware out there was just how well crafted it was.
According to Trend Micro, the Stuxnet payload consisted of three parts: the worm itself (WORM_STUXNET), an execution .LNK file (LNK_STUXNET) that allowed the worm to auto-execute, and a rootkit (RTKT_STUXNET) that hid the worm’s existence.
It was also propagated by an unusual means. For four years, it was thought the virus was introduced into the Natanz uranium enrichment facility, the primary target of the attack about 1,000 centrifuges were damaged, via an infected USB stick. However, researchers at Kaspersky Lab discovered in 2014 that the vector of attack was in fact the plant’s supply chain.
So why wasn’t the worm detected at this initial point of infection? The answer lies in what Stuxnet did.
As Ralph Langner, one of the first people to decode the worm, described it, to describe it in an interview with the New York Times,Stuxnet was “a marksman’s job”. Unless you were running a uranium enrichment facility, it lay dormant, with the rootkit hiding its presence. There was no way for the Stuxnet Typhoid Marys to know they were being used by the attackers.
Speaking of whom, this leads us to the last question — whodunnit?
The sophistication of the Stuxnet program led many to believe it was created by a nation state and, given the target, that the US and Israel were probably involved.
In the end, the only reason we even know of Stuxnet’s existence is thanks to a botched software update that led to the worm escaping into the wild, where security experts were able to analyse it.
Sanger’s sources told him this led to panic in the newly installed Obama administration for precisely the reason that analysts would be able to dissect the virus and determine its creators. Vice President Joe Biden allegedly blamed the incident on the Israelis, which all but confirmed the two countries collaborated on the virus.
NASA and the Department of Defense hack
In the movies and on TV, when a young hackling manages to get into military or government computer systems, they are normally offered a job working for the FBI. The reality is quite different.
At the turn of the millennium, NASA and the US Department of Defense (DoD) were successfully compromised by two hackers,15-year-old Floridian Jonathan James and 35-year-old Scot Gary McKinnon.
James was the first to have a crack at the American space agency in 1999, which he crawled into by compromising computers at the US Defense Threat Reduction Agency.
Among other things, he managed to make off with the source code for the life support systems on the International Space Station (ISS). The Register reported it cost NASA alone $41,000 to repair the damage he had done.
According to American authorities, between February 2001 and March 2002 he hacked into 97 computers, 16 belonging to NASA and 81 belonging to other parts of the DoD.
During his actions, which he claims were carried out in search of evidence of UFOs and the suppression of new energy technologies, McKinnon managed to paralyze munitions supplies to the US Naval Fleet in the Atlantic in the immediate aftermath of 9/11 by deleting weapons logs. He is also alleged to have stolen 950 passwords and dozens of documents in the course of his actions.
The cost of repairing the damage alleged to have been caused by McKinnon was in excess of £550,000, the US government claimed.
James, on the other hand, was convicted in September 2000 of hacking the DoD and NASA. However, as he was a minor when he carried out the crimes, he was sentenced to six-months house arrest, probation until the age of 18, and had to write letters of apology to NASA and the DoD.
Estonian cyber war
Yes, yes, we said we were clearing out the DDoS dross in the introduction, but what happened to Estonia in 2007 was no ordinary DDoS attack.
Kicking off at 10pm on 26 April, the Baltic state suffered three weeks of DDoS attacks, which completely crippled its IT infrastructure.
The attackers first targeted the website of the ruling Reform Party and, over the course of the first week, went on to take down the sites of most other political parties, the official site of the Estonian Parliament and other government entities.
In the second week, the attack spread to the websites of Estonian news outlets, universities, schools and businesses.
But it was in the third week that the real hammer blow fell. At the stroke of midnight, Moscow time, on 9 May a huge torrent of traffic — peaking at over 4 million data packets per second — slammed into Estonia’s banking infrastructure. This was a critical attack for a country that had pioneered online banking and where, at the time, around 97% of all banking transactions took place online.
Within 24 hours Hansapank, the country’s largest bank, took the drastic step of shutting off all its internet-based operations. This not only disrupted online transactions, but also severed the connection between the bank and its cash machines, rendering them inoperable. Perhaps worse, Estonians outside of the country suddenly found their debit cards wouldn’t work, as the bank’s actions cut it off from the rest of the world.
The attacks eventually subsided on 19 May.
Within 24 hours Hansapank, the country’s largest bank, took the drastic step of shutting off all its internet-based operations. This not only disrupted online transactions, but also severed the connection between the bank and its cash machines, rendering them inoperable. Perhaps worse, Estonians outside of the country suddenly found their debit cards wouldn’t work, as the bank’s actions cut it off from the rest of the world.
The attacks eventually subsided on 19 May.
Mt. Gox hack
On 7 February, the exchange suddenly ceased trading, saying it had discovered a “transaction malleability” bug and locked customers out of their accounts. The organisation would later blame hackers for stealing $460 million-worth of Bitcoins over the course of three-to-four years, causing a crash in the value of the cryptocurrency.
Hacking, Distributed has done a good rundown of all the explanations given for what happened in 2014 — which may ultimately have been fraud or negligence, according to two lawsuits.
While this crisis led to the eventual bankruptcy of Mt. Gox, there was an earlier hack that foreshadowed what was to come in 2014.
On 13 June 2011, 478 Mt. Gox accounts were robbed of a total of 25,000 bitcoins (worth between $375,000 and $500,000 at the time), which were all transferred into a single account.
However, the 25,000 bitcoin theft was just the beginning. Towards the end of the same week, it became apparent the reason the 478 accounts were compromised using their own passwords was because a hacker had managed to access the Mt. Gox database and steal the usernames and passwords of all 60,000+ customers.
By 20 June, though, he was taking things a bit more seriously, when a huge Bitcoin sale from one of the compromised accounts caused the value of the cryptocurrency to crash to near zero.
In an official announcement on the Mt. Gox site, Karpeles explained that an admin account had been compromised and the attacker responsible had used the associated permissions to “arbitrarily assign himself a large number of bitcoins, which he subsequently sold on the exchange”.
In doing this, the hacker flooded Mt. Gox with more bitcoins than were actually in the exchange’s wallet, bringing the value of the cryptocurrency crashing down from $17.50/btc to $0.01/btc, while also relieving another account of 2,000 bitcoins.
In light of what happened in 2011, Mt. Gox’s complete failure in 2014 was perhaps inevitable.
PlayStation Network 2011 hack
Sometimes hackers manage to pull of something so audacious it becomes part of infosec legend: the 2011 LulzSec hack of the PlayStation Network is one such case.
In mid-April 2011, users trying to log in to the PlayStation Network (PSN) were greeted with a message stating the system was “currently undergoing maintenance” or simply that “an error [had] occurred”, preventing them from logging in.
On 20 April, Sony acknowledged there was a problem with “certain functions of PlayStation Network” and that it would report back with more information when it was available.
Instead, later that night, Sony shut down the network completely — an outage that would last a month.
One of the defining features of the early part of the PSN hack was Sony’s reticence to share information with the public. It took two days for Sony to give any kind of explanation as to why it shut down the PSN, and what information it did give was brief
Between 17 and 19 April, LulzSec hackers managed to completely breach Sony’s security measures gaining access to all 77 million users’ real names, postal addresses, country, email address, date of birth, PSN and/or Qriocity username and password, and security answers.
This led to Sony advising users not only to change their PSN password once the service was online again, as well as that of any other service where they’d used the same username and/or password, but also “to be especially aware of email, telephone, and postal mail scams”.
It also advised customers “to remain vigilant, to review [their] account statements and to monitor [their] credit reports” in order to protect against identity theft and financial fraud.
By the time full service was resumed on 31 May, the 2011 PSN hack had cost Sony $171 million and was, by volume, one of the biggest hacks ever at the time.
HOWEVER HACKING IS ILLEGAL BUT THESE GREATEST HACKS SHOW THAT HACKING HAS LIMITLESS POSSIBILITIES. BUT HACKING SHOULD BE PROPERLY UTILIZED TO PROTECT THE DATA FROM BEING STOLEN AND OTHER SECURITY BREACHES. IN THIS WAY IT WILL MAKE THIS GLOBAL VILLAGE OF WORLD WIDE WEB MORE SAFE.
THANK YOU
