- Sputnik International
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

High-Profile Cyber-Attacks, 2000-2014

© Vincent Diamante/ wikipedia.orgMembers of the group "Anonymous" wearing the mask in Los Angeles, 2008
Members of the group Anonymous wearing the mask in Los Angeles, 2008 - Sputnik International
On August 14, the Russian government's press service announced that Prime Minister Dmitry Medvedev’s Twitter account had been hacked and its most recent tweets were fake, one of which said that the prime minister had decided to resign.

MOSCOW, August 19 (RIA Novosti) - On August 14, the Russian government's press service announced that Prime Minister Dmitry Medvedev’s Twitter account had been hacked and its most recent tweets were fake, one of which said that the prime minister had decided to resign. The tweets were deleted from the premier’s microblog within 30 minutes of the attack.

On July 29, a powerful distributed denial of service (DDoS) attack took down Ukrainian President Petro Poroshenko’s website. CyberBerkut, a hacker group set up after the Ukrainian Interior Ministry’s special operations police unit Berkut was dissolved, claimed responsibility for the attack. It accused Poroshenko of committing genocide against his own people. The hackers thanked their colleagues at the Ukrainian State Service for Special Communications and Information Protection for help, saying that close cooperation between them would continue.

Poroshenko’s website remained inaccessible for nearly a full day.

On July 10, The New York Times reported, citing senior US officials, that suspected Chinese hackers penetrated some of the databases of the United States’ Office of Personnel Management and stole data of federal employees, who had applied for top-secret security clearances, in March. As soon as the intrusion was discovered, the databases were blocked from the network. It is still unclear how much data was stolen.


On November 8, the websites of the president and prime minister of Singapore were hacked. The double attack came after the authorities vowed to crack down on the Anonymous hacker group. The hackers defaced a section of Singaporean President Tony Tan’s website with an image of a woman raising her middle finger, accompanied by an offensive inscription. Insulting messages revealing the Anonymous’ involvement in the attack was posted on Prime Minister Lee Hsien Loong’s website.

On October 28, Time magazine reported that hackers had seized control of the link to US President Barack Obama’s social media updates, yet failed to penetrate his Facebook and Twitter accounts. Organizing for Action (OFA), a nonprofit advocacy group that manages Obama’s pages on Facebook and Twitter, said visitors had been redirected to the website of the so-called Syrian Electronic Army as a result of the hack.

On September 20, unidentified hackers broke into the office computer of Belgian Prime Minister Elio Di Rupo. Earlier, it was reported that the Belgian Foreign Ministry’s computer network had also been hacked.

The Belgian security service pointed the finger at China.

On August 7, the RIA Novosti news agency came under a cyber-attack. Hackers penetrated the Twitter accounts of the agency’s International Multimedia Press Center and that of its German service, and tweeted fake reports of the death of former Soviet President Mikhail Gorbachev. The fakes were deleted five minutes later. It was not the first time RIA Novosti had been hacked. Earlier that year, the agency survived two massive DDoS attacks – one in May 2013 and the other in July.

On July 29, hacktivists from the Anonymous group breached and defaced the official website of the Peruvian president and several government agencies in Peru, leaving questions for the authorities to answer as the country celebrated the 192nd anniversary of its independence.

On July 26, Venezuela came under a sweeping cyber-attack. A total of 12 government websites were hacked, including those of the Army, the Air Force and the National Guard. The country’s stock exchange was also targeted. The Anonymous Venezuela and Venezuelan Hackers groups claimed responsibility for the attack.

In June, the FBI and Microsoft conducted a joint operation and disrupted about 1,000 botnets associated with the Citadel malware. Worming its way into personal computers, Citadel enables hackers to access personal data and online bank accounts. Citadel botnets had reportedly stolen around $500 million over the period of 18 months.

On April 23, The Associated Press news agency’s Twitter account was hacked. The hackers left a fake tweet saying that two explosions had ripped through the White House and that US President Barack Obama had been wounded. White House press secretary Jay Carney dismissed the allegations, saying that the president was “fine.”

On April 14, unidentified hackers broke into Venezuelan presidential candidate Nicolas Maduro’s Twitter account. The attack that some said originated in neighboring Peru, occurred hours before polling stations closed. Fake messages allegedly tweeted by Maduro warned voters of attempts being made to defraud them during the elections. Other Venezuelan government websites were also hacked.

In March 2013, the biggest-ever DDoS slowed down the Internet in a number of European countries. Spamhaus, a nonprofit spam-tracking organization, was hit the hardest.


On December 21, hackers withdrew $5 million from 4,500 bank accounts, having broken into an India-based processor of prepaid Visa and MasterCard credit cards, and then raising the withdrawal limits on prepaid accounts at a UAE-based bank and re-encoding credit cards in 20 countries. Two months later, on February 19, 2013, cyber thieves stole $40 million from bank accounts in 36,000 transactions worldwide. A US-based processor of prepaid cards had been hacked and cash withdrawal limits were raised at an Omani bank.

On November 28, hackers broke into one of the servers of the International Atomic Energy Agency (IAEA) and released personal e-mail addresses of 100 IAEA employees. A hacker group calling itself Parastoo, a popular Iranian female name meaning “swallow” in Farsi, claimed responsibility for the incident and urged the employees whose data had been stolen to sign a petition for an open investigation into Israel’s activities in the field of nuclear power engineering.

On June 12, a number of Russian mass media outlets complained of DDoS attacks on their websites. The Novaya Gazeta newspaper, the Slon.ru news portal, the Ekho Moskvy radio station and the Dozhd television channel were all attacked by a botnet of 133 infected computers at a rate of up to 800 megabytes per second. Slon.ru was the least affected with traffic peaking at 450 megabytes per second, while the attacks on Dozhd and Ekho Moskvy reached 2 gigabytes per second. Earlier, similar complaints came from several other Russian media outlets, including RIA Novosti, which suffered a massive DDoS attack on May 10.

On May 22, cyber criminals gained unauthorized access to a website run by the US Justice Department. A department spokesperson said the hackers had penetrated a server that contains data about all crimes committed in the United States, including computer hacks. The Anonymous hacker group claimed responsibility for the attack.

In May, the Kaspersky Lab computer security company and the International Telecommunication Union (ITU) announced the discovery of a highly sophisticated malware, Flame, belonging to the category of super cyber weapons, with Iran as its possible target. According to the Washington Post, US and Israeli secret services developed Flame to steal industrial blueprints from government computers in Iran and other Middle East countries.


In June, Citigroup announced that more than 360,000 of its credit card holders were affected by a hacker attack. The hackers breached the bank’s online security system and accessed customer data, including the names, account numbers and contact details of Citigroup customers in North America.

In March, hackers infiltrated the RSA, a security division of the EMC Corporation, stealing the SecurID program, hailed as the most reliable anti-hacking software for corporate computer networks. SecurID has been widely used by governments and businesses throughout the world to protect sensitive corporate data.

In October 2011, EMC published a list of companies whose networks could have been compromised by the hack, probably through the same resources as those used during a cyber-attack against the RSA. It included IT giants like Facebook, eBay, Google, Cisco, Motorola, IBM, Intel, defense firms like Northrop Grumman and financial groups and research institutions like the European Space Agency.


In November and December, the Anonymous hacker group launched a series of DDoS attacks against companies and organizations perceived as hostile to the WikiLeaks whistleblowing organization. PayPal, Visa and MasterCard were among those attacked. Later, Anonymous teamed up with the LulzSec hacker group that targeted Sony, Nintendo, PBS, the US Senate, the government websites of Brazil, Mexico and Italy, and other web resources.

In September, Iran claimed that the personal computers of some of the Bushehr nuclear power plant’s employees had been infected with the Stuxnet worm. Almost two months later, then Iranian President Mahmoud Ahmadinejad admitted that the “enemies of Iran” had partially disabled some of the centrifuges at the Natanz Fuel Enrichment Plant (FEP) by installing sophisticated malware in its computers.

According to experts, the Stuxnet virus became the world’s first cyber weapon.

In September 2010, US prosecutors brought charges against more than 60 members of a cyber gang involved in a major bank hacking scheme. Between May 2009 and September 2010, the gang stole at least $3 million from bank accounts in the United States and at least $9.5 million in the United Kingdom, using Trojan horse computer malware ZeuS, allegedly developed in Russia.


On December 21, Fox News reported that the FBI was probing a security breach that cost Citigroup tens of millions of dollars in stolen money. The hack allegedly involved a Russian-based cyber gang and took aim at Citigroup’s Citibank subsidiary consisting of North American banks that work with individuals, as well as other companies.

On July 8, a series of massive DDoS attacks paralyzed government and financial sector websites in South Korea. According to the Korean Information Security Agency, the websites of 11 organizations, including the presidential administration, the Defense Ministry, the parliament, several banks and the popular search portal Naver experienced access problems due to a malicious code that infected more than 18,000 personal computers.

On April 21, The Wall Street Journal reported, citing unnamed government sources, that hackers had broken into the Pentagon’s computer system and accessed information about the Joint Strike Fighter fifth-generation jet, also known as F-35 Lightning II. The intruders copied terabytes of data related to the jet’s design and electronics. The hack apparently originated in China, but its true origin was extremely hard to trace due to the ease of hiding identities online.

On April 8, The Wall Street Journal quoted unnamed sources in the US Homeland Security Department, who claimed that cyber spies traced to Russia and China had broken into computers crucial to the US electricity grid. The hackers allegedly left behind software tools that could potentially be used to disrupt power supply as well as water, sewage and other infrastructure in the event of crisis or war.

On March 30, Latvia’s Chas daily cited the findings of a 10-month-long cybercrime study, which showed that the Foreign Ministries of Iran, Bangladesh, Latvia, Indonesia, the Philippines, Brunei, Barbados and Bhutan had been attacked by hard-to-detect surveillance software known as GhostNet. Electronic spies had left their “footmarks” at the embassies of Germany, Portugal, India, Pakistan, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand and Taiwan. According to the report, GhostNet’s developers had access to 1,295 government and private computers.


In November 2008, a new computer worm, Conficker, was first detected.

By April 2009, it had infiltrated more than 12 million computers, affecting the digital systems of the British Royal Navy and the House of Commons. Conficker easily cracked passwords, using infected computers to send out spam or store stolen data.


In April 2007, a series of DDoS attacks crippled Estonian government websites. On April 27, hackers broke into the website of the ruling Estonian Reform Party. The same day, the website of the Estonian government was partially inaccessible. On April 28, the websites of the president, the parliament and the Foreign Ministry were completely blocked. The attacks followed the authorities’ decision to exhume and identify the remains of Soviet soldiers from the mass grave at the Bronze Soldier war memorial in central Tallinn.

Estonia rushed to blame Moscow and Russian security agencies, but experts reckoned that the attacks had been global and had come from more than one country.


On August 16, a computer virus attacked leading US mass media outlets. The worm identified as Zotob shut down computer systems running on operating system Windows 2000. Among those hit were The New York Times and the ABC and CNN television channels. The hacker that released the worm broke into several bank databases, tampered with accounts and disrupted transaction systems. Zotob infected hundreds of thousands of computers worldwide.


On May 3, the Sasser worm emerged. Spreading through vulnerable ports in the Windows operating systems, it infected tens of thousands of personal computers and crippled the computer systems of Italian railway system, its postal service, and even of the Interior Ministry. Microsoft announced a $250,000 reward for information about the worm’s author.


On January 25-26, Slammer worm attacks intensified, slowing the Internet down dramatically in Europe and North America and cutting off providers in certain regions, South Korea included.


In May, the I Love You virus was released, becoming one of the most damaging worms ever. It caused more than $10 billion in losses worldwide.

To participate in the discussion
log in or register
Заголовок открываемого материала