We get a little taste of cyber attacks all the time — look no further than this week's Twitter virus — but what about full-on cyber warfare? Recently the true destructive potential of a cyber attack became frighteningly clear: whole government, banking and military networks overloaded and shut down, vital data and money stolen, and even physical damage if the right components are targeted. The worst part? We usually only find out after the fact.
1. Titan Rain
Target: U.S. military intel
Damages: In 2004, a Sandia National Laboratories employee, Shawn Carpenter (pictured above), discovered a series of large "cyber raids" carried out by what is believed were government-supported cells in China. "Titan Rain" is the name given to these attacks by the FBI, and it was found that several sensitive computer networks were infiltrated by the hackers, such as those at Lockheed Martin and Sandia (owned by Lockheed), but also at the likes of NASA. The danger here is not only can the attackers make off with military intel and classified data; they can also leave backdoors and "zombify" machines — as you'll read below — that make future cyber espionage easier. Titan Rain is considered one of the largest cyberattacks in history.
(It's worth mentioning that Carpenter lost his job for blowing the whistle. You can read about him here.)
2. Moonlight Maze
Target: Military maps and schematics, U.S. troop configurations
Attacker: Russia (Denies involvement)
Damages: Much like Titan Rain, Moonlight Maze represents an operation in which hackers penetrated American computer systems and could pretty much raid at will. It's also one of the earlier major cyber infiltrations that we know of, starting in 1998 and continuing on for two whole years as military data was plundered from the Pentagon, NASA, the Department of Energy and even from universities and research labs.
3. The Estonian Cyberwar
Attacker: The Nashi, a pro-Kremlin youth group in Transnistria
Damages: What happened to Estonia in 2007 is considered a model of how vulnerable a nation can be to cyberattacks during a conflict. In a very brief period of time, a variety of methods were used to take down key government websites, news sites and generally flooded the Estonian network to a point that it was useless. The attack is one of the largest after Titan Rain, and was so complex that it's thought that the attackers must have gotten support from the Russian government and large telecom companies. Pictured above is the Bronze Soldier of Tallinn, an important icon to the Russian people and the relocation of which played a part in triggering the attacks.
4. Presidential-level Espionage
Target: Obama, McCain presidential campaigns
Attacker: China or Russia (Suspected)
Damages: No one wants to get a message from the FBI saying, "You have a problem way bigger than what you understand," but that's exactly what happened to both Obama and McCain during their run for the 2008 presidency. What was first thought of as simple cyberattacks on the computers used by both campaigns was discovered to be a more concentrated effort from a "foreign source" that accessed emails and sensitive data. The FBI and secret service swooped in and confiscated all computers, phones and electronics from the campaigns and — with the kind of stuff that gets dug up on the campaign trail — there are probably plenty of folks hoping the FBI keeps them.
5. China's "750,000 American zombies"
Target: U.S. computer networks, all levels
Attacker: Chinese hackers (Government-supported, organized crime related, cyber gangs)
Damages: The worst fallout from a cyberattack can be what it leaves behind, such as malicious software that can be activated later. That, compounded with ongoing efforts by hackers to infect as many machines as possible using bogus email offers, harmful website code and what-have-you can leave a lot of "zombified" machines. Those machines can then be made into cyber weapons, which can overload a network, website or other machine with a deluge of data known as a DDoS, or distributed denial of service attack. Even back in '07, former senior U.S. information security official Paul Strassmann (pictured above) estimated that there were over 730,000 compromised computers "infested by Chinese zombies."
6. The Original Logic Bomb
Target: Siberian gas pipeline in Soviet Russia
Attacker: U.S. Central Intelligence Agency
Damages: One of the scariest implications of cyberwarfare is that the damage isn't always limited to networks and systems. It can get physical, too. In 1982, the CIA showed just how dangerous a "logic bomb" — a piece of code that changes the workings of a system and can cause it to go haywire — can be. The agency caused a Soviet gas pipeline in Siberia to explode in what was described by an air force secretary as "the most monumental non-nuclear explosion and fire ever seen from space," without using a missile or bomb, but a string of computer code. Today, with the proliferation of computer control, the possible targets are virtually endless. Pictured above and right is William J. Casey, director of the CIA in 1982.
7. "The Most Serious Breach"
Target: U.S. military computer network
Attacker: "Foreign intelligence agency" (unspecified)
Damages: A cyber attack can come in any shape or size — digitally or physically — and one of the worst on an American network happened in 2008. Did it involve thousands of zombie machines and the muscle of a national telecom giant? Nope, you could have held it in the palm of your own hand: a corrupt flash drive. Inserted into a military laptop in the Middle East, the malicious code on the drive created a — according to Deputy Secretary of Defense William Lynn (pictured above) — "digital beachhead, from which data could be transferred to servers under foreign control." The attack acted as another reality check in security, and prompted the Pentagon to form a special cyber military command.