Small cyber attacks, malware and botnets still do the rounds, large-scale hacks are rare. When they happen, they can be spectacular.
Here we mention the DDoS dross and minor acts of cyberhooliganism to list the five biggest hacks of all time.
Stuxnet is one of the best known names when it comes to cyber attacks. The worm destroyed a fifth of Iran’s nuclear centrifuges in 2009, seriously hindering the country’s atomic plans.
The worm – which has officially been confirmed was created by the United States and Israel, disrupted the operations of Siemens centrifuges in nuclear power plants, making them spin at uneven speeds and hide that from their operators.
The scary thing is that this is just the one we know about – there could be dozens of worms like it out there.
Chinese Compromise U.S. Weapons Systems
This is the most recent hack on this list, and it’s chilling one. A confidential report prepared for the Pentagon indicates that Chinese cyber criminals breached design files for over two dozen critical weapons systems, including important missile defense programs. Officially, the Obama administration hasn’t laid the blame on China, but the leaders of the two nations will meet this week to discuss cyber security concerns.
NASA and the Department of Defense Hack
In the movies and on TV, when a young hacker manages to breach military or government computer systems, they are offered a job working for the FBI. The reality is quite different.
At the turn of the millennium, NASA and the US Department of Defense (DoD) were successfully compromised by two hackers, 15 year old Floridian Jonathan James and 35 year old Scot Gary McKinnon.
James was the first to have a crack at the American space agency in 1999, which he crawled into by compromising computers at the US Defense Threat Reduction Agency. Among other things, he managed to make off with the source code for the life support systems on the International Space Station (ISS).
Estonian Cyber War
Yes, yes, we said we were clearing out the DDoS dross in the introduction, but what happened to Estonia in 2007 was no ordinary DDoS attack.
Kicking off at 10pm on 26 April, the Baltic state suffered three weeks of DDoS attacks, which completely crippled its IT infrastructure. The attackers first targeted the website of the ruling Reform Party and, over the course of the first week, went on to take down the sites of most other political parties, the official site of the Estonian Parliament and other government entities.
In the second week, the attack spread to the websites of Estonian news outlets, universities, schools and businesses.
But it was in the third week that the real hammer blow fell. At the stroke of midnight, Moscow time, on 9 May a huge torrent of traffic – peaking at over 4 million data packets per second – slammed into Estonia’s banking infrastructure. This was a critical attack for a country that had pioneered online banking and where, at the time, around 97% of all banking transactions took place online.
Within 24 hours Hansapank, the country’s largest bank, took the drastic step of shutting off all its internet-based operations. This not only disrupted online transactions, but also severed the connection between the bank and its cash machines, rendering them inoperable. Perhaps worse, Estonians outside of the country suddenly found their debit cards wouldn’t work, as the bank’s actions cut it off from the rest of the world.
The attacks eventually subsided on 19 May.
Mt. Gox Hack
How can millions of dollars disappear without trace? This is the question Mt. Gox, the largest Bitcoin exchange in the world, faced with in early 2014.
On 7 February, the exchange suddenly ceased trading, saying it had discovered a “transaction malleability” bug and locked customers out of their accounts. The organisation later blamed hackers for stealing $460 million-worth of Bitcoins over the course of three-to-four years, causing a crash in the value of the crypto-currency.
While this crisis led to the eventual bankruptcy of Mt. Gox, there was an earlier hack that foreshadowed what was to come in 2014.
On 13 June 2011, 478 Mt. Gox accounts were robbed of a total of 25,000 bitcoins (worth between $375,000 and $500,000 at the time), which were all transferred into a single account.