After a hack on the German federal prosecutor’s office, we review other damaging hits.
A cyberattack on the German federal prosecutor’s office last week is only the latest incident of hacking against governments and public bodies from around the world.
As public bodies have moved to bring more of their infrastructure online the ease with which hackers can infiltrate and damage communications, websites and even infrastructure has become greater than ever before.
That in mind, CBR decided to create a list of some of the heaviest cyberattacks against government and public bodies in history – at least so far.
1. Edward Snowden
The actions of Edward Snowden, a former contractor for the US’ National Security Agency, are perhaps not always recognised as cyberattacks, but are a classic example of what security folk term "insider threat".
Using his extensive access Snowden was able to download some 1.7 million files, according to estimates provided by the House of Representatives intelligence committee, in what at the time qualified as the greatest breach of US secrets in history.
Whilst supporters of Snowden will dispute how damaging the leak was for the US military, many inside the various agencies undoubtedly considered it a major breach.
2. Office of Personnel Management
The admission that personal data belonging to some 22 million American federal employees and their families and friends was leaked must rank as one of the most embarrassing facts ever revealed by a US official.
Yet in some ways the number of people affected in the breach of the Office of Personnel Management, a human resources body, understates the quality of the data mined, with much of the detail on file required as a security clearance for sensitive roles within various government agencies.
The theft of the data was said to have taken place over several months, with stolen contractor logins and passwords used to steal the information.
3. Shady Rat
Companies are increasingly warned by the cybersecurity trade about the dangers of advanced persistent threats (APTs), a type of cyberattack that takes place over weeks and months rather than minutes.
Shady Rat was a prominent example of this. Uncovered by McAfee (now Intel Security), the campaign lasted five years from 2006, hitting 70 government agencies, companies and nonprofits in the process. Among the victims were six US federal government bodies, and five US state government agencies.
Like many other seemingly sophisticated, long-term attacks, the malware behind Shady Rat (the "Rat" standing for remote access tool) was installed onto a system off the back of a spear-phishing email. The end goal? Data.
4. Red October
Kaspersky Lab is no stranger to the world of cyber-espionage, the firm’s founder Eugene Kaspersky having studied at a school that was funded by the Russian defence ministry, and often forced to rebut accusations he is still linked to Russian secret services.
Towards the end of 2012 the company detected hacking against a number of international diplomatic service agencies, mostly those operating in the former USSR. They named the campaign Red October after the Tom Clancy novel.
Victims were infected through the classic tactic of malicious email attachments, with the hackers looking to steal sensitive data of geopolitical importance. The campaign was later resurrected under the name Cloud Atlas.
Perhaps the most famous virus ever created, Stuxnet earned notoriety for attacking Iranian nuclear infrastructure, even damaging centrifuges.
The malware is believed to have been first used way back in 2007, but first came to prominence in July 2010, with researchers from various security firms concluding that a virus of Stuxnet’s calibre must have been backed by a country.
Specifically the virus is thought to have been created by US and Israeli hackers, with the intention of undermining the Iranian nuclear programme. It remains the biggest act of cyber-war yet uncovered, and rare for the physical damage it caused.