The Future of Cyber Threats


Cyber threats appear as quickly as new technologies themselves, and with computers now being such a critical part of our infrastructure – from our smartphones and cars to national energy systems and even prisons – the potential for damage is catastrophic. Large global multinationals and small local businesses and startups use the online infrastructure to facilitate economic and technological innovation. Defense and intelligence agencies depend on cyber networks to manage far-flung operations, analyze intelligence data and implement homeland security, military logistics and emergency services.

Global dependence on the Internet grows every day and many nations are now depending on a cyber infrastructure that enables the operation of financial markets, transportation networks, taxation and energy grids, as well as the public agencies protecting the health and security of their citizens. With this growth come ever-greater risks as well as opportunities.Advanced persistent threats reflect the risks posed by adversaries with the sophistication, resources and determination to cause real and permanent damage by exploiting the architecture of networks, and of cyberspace itself.

The biggest threat is state involvement. Where a rogue phisher or malware attack might be the criminal equivalent of a street mugger, state-sponsored attacks come with all the resources and technological sophistication of James Bond. Resistance is extremely hard and these attacks are very difficult to attribute to anyone; they can be routed via any country or written in any language.

Because the Internet is an evolving technology that carries enormous potential and vulnerabilities, cybersecurity problems implicate questions of Internet freedom, network architecture and the economic potential for cyberspace. We are at the beginning of a new and dangerous era of cyberwarfare and governments should be encouraged to cooperate in order to identify and punish the criminals. But let's not be naïve about it, they will also be engaging in cyber espionage against each other.  

Cyberthreats for 2013

 

Cloud-Based Botnets


The trend to move the computer infrastructure to the cloud can not only jeopardize data, but can also be used to quickly create a “zombie army” – also known as botnet. Over the last years, Africa has become highly connected but many of the operating systems in use are pirated, meaning they are not receiving patches or updates. Therefore, Africa is a huge target for hackers and it is being used as a hub to target other countries – using command and control attacks, denial of service, phishing and spam.

The new undersea fiber optic cable along the east coast of Africa has enabled rapid growth in the number of users obtaining high speed connections to the internet creating a great opportunity for attackers to infect new machines and create new bots. A growing number of users in countries served by the cable had access to broadband links but without awareness about the need for computer protection, opening a new front for botnets.

Now, Africa is not attacking – they are being attacked and used. While businesses in Africa get some security, government and end users are totally exposed due to a of lack of awareness and money to invest in safe and legitimate software.
 

More Dangerous Malware



Malware creators will harden their software with techniques similar to those used in Digital Rights Management (DRM), which locks malware to infected systems. Malware attackers are also enhancing their abilities to compromise Mac operating systems and mobile devices, making their software cross platform and taking advantage of all the new smartphone features.

  Advanced Malware Lifecycle  

Malicious software developers will become more aggressive and will continue to refine their techniques to avoid defenses and to harden their software, making it extremely difficult for automated systems to detect, thus preventing its easy removal.

   Advanced Malware Infection  

Search History Poisoning



Search engine poisoning is what happens when attackers manipulate a search engine’s algorithms to control the search results. Criminals often do this to get their own websites or clients’ websites on the first page of results. Search history may be the next step. With search history poisoning, criminals or politicians can manipulate a victim’s search history using cross-site request forgery.

Instead of compromising a computer, the attacker benefits because the manipulated history can become part of a user’s online profile so wherever that person goes online the forged history follows regardless of what device is used. The goal of this technique is to change what the victim reads online and is already being used by governments censoring what their citizens read.

Therefore, this can be a very powerful propaganda technique for politicians but also a super marketing idea for businesses trying to promote their products and services. This type of manipulation can also be used on social media sites, such as Facebook and Twitter, to falsely create an impression that there are many viewpoints to a certain post or that something is popular, when in reality, all boils down to one person is manipulating the algorithms.

 Previous Chapter

Cyber Threats History: A New Cold War (Present)


This is the decade of cloud computing, the rise of hacktivism and the birth of real cyberwarfare. Who knows what else is going to happen? Cyber attacks continue to rise at a great pace, increasing 42 percent in 2012 from the previous year and IT security experts have no reason to believe that it'll slow down. On the contrary, most experts believe cyber threats will not only grow in frequency, but will also become more sophisticated. Hackers are now either criminals out to make money, activists out to protest or governments engaged in targeting their own citizens or attacking other governments, whether for espionage or cyberwarfare. This new level of resources and sophistication makes life very difficult for those charged with defending networks from attack.

Historical Landmarks


2010


Dozens of technology companies - most in Silicon Valley - have their computer networks infiltrated by hackers located in China. Google publicly reveals that it has been sustaining a highly sophisticated and targeted attack on their corporate infrastructure also originating from China that resulted in the theft of intellectual property. The attacks are named Operation Aurora and official Chinese media responds stating that the incident is part of a U.S. government conspiracy.

Operation Aurora

Britain announces it will devote $1 billion to building new cyber defenses. Iain Lobban, the director of the Government Communications Headquarters, says the country faces a "real and credible" threat from cyber attacks by hostile states and criminals as government systems are targeted 1,000 times each month, threatening Britain's economy.


Iran is attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is unusual in that while it spread via Windows computers, its payload targeted just one specific model and type of SCADA systems. Stuxnet is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare. It slowly becomes clear that it is a real cyber attack on Iran's nuclear facilities - with most experts believing that Israel is behind it - perhaps with US help. Stuxnet is the world's first publicly verified military-grade cyber weapon capable of destroying machinery and the attack significantly delays Iran's uranium enrichment program by damaging 1,000 centrifuges.

The first Malware Conference, MALCON takes place in India. Malware coders are invited to showcase their skills at this annual event and an advanced malware for Symbian OS is released.

MALCON

A group calling itself the Indian Cyber Army hacked the websites belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge for the Mumbai terrorist attacks, which had the confirmed involvement of Pakistani terrorists.

Indian Cyber Army

In response to Indian Cyber Army defacing Pakistani websites, 1000+ Indian websites were defaced by several Pakistani hackers.

A group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation.

Pakistan Cyber Army

A newspaper from Texas, uncovers evidence of cyber espionage attacks in 2008 and 2009 on at least three large US oil companies, which included the theft of proprietary "bid data" for energy discoveries worldwide. A Chinese connection is suspected by some at the attacked companies.

A California-based company files a $2.2 billion suit alleging that two Chinese companies stole software code and then distributed it to tens of millions of end users in China.

Richard Clarke, former counterterrorism director for Presidents Bill Clinton and George W. Bush, publishes the book "Cyber War" He warns of the possibility of an "electronic Pearl Harbor" - a cyberattack that could induce power blackouts, refinery explosions, subway crashes, and other disasters in 150 cities across the US.

Cyber War

The Pentagon formally recognizes cyberspace as a "new domain of warfare."

A Pentagon official calls for the US and Europe to cooperate on a cybershield modeled after a nuclear missile shield NATO is developing.

The Cyber Conflict Studies Association in Washington reports that more than 100 counties now have cyber conflict capabilities.

CCSA

Germany's Interior Ministry announces it will set up a national cyber defense center.

Anonymous DDoS-attacked Australian government websites against the government's attempt to filter the Internet.

European Climate Exchange's website was targeted by hacktivists operating under the name of Decocidio #ϴ. The website showed a spoof homepage for around 22 hours in an effort to promote the contention that carbon trading is a false solution to the climate crisis.

Decocidio

The websites of both Mastercard and Visa are the subject of an attack by Anonymous, reacting to the two companies' decision to stop processing payments to Wikileaks.

Wikileaks

Reuters investigators discovered a series of serious security breaches that VeriSign had been less than forthcoming about. Some of these hacks had taken place two years earlier, with senior management at Verisign not being made aware of them until 2010. Verisign is one of the most important companies on the internet. It is a key part of the Domain Name System and it specializes in the SSL certificates that enable e-commerce sites to process payments via encrypted HTTPS. It is a business built entirely on trust and without it, the internet wouldn't work very well. The full extent of the Verisign hack is not clear.

Verisign

2011


Over 200,000 customers' names, contact details, account numbers and other information are compromised in an attack against Citigroup. The thieves manage to steal $2.7m from credit card accounts.

Citigroup
The personal information - including credit and debit card data - of tens of millions of PlayStation Network and Sony Online Entertainment users is stolen by an as yet unknown group of assailants. Experts estimate that the damage may range from $1 to $2bn, making it possibly the costliest cyber-hack ever.

Sony Playstation Network

The hacker group Lulz Security is formed.

Lulz Security

Dmitri Alperovitch, Vice President of Threat Research at McAfee picks up the trail of a huge number of hacks and security breaches involving multiple hackers and targeting private companies, governments all over the world and even the International Olympic Committee. Since 2006, defense contractors; entertainment companies; the United Nations and other groups have all been hacked by an army of hackers as part of what McAfee calls "a five year targeted operation by one specific actor." Alperovitch names the attacks Operation Shady RAT (from Remote Access Tool) and all evidence point to China.

TiGER-MATE, a Bangladeshi hacker, sets a new record for the most websites hacked in a single attack. By targeting the data center of web hosting company InMotion, TiGER-MATE is able to deface the home page of 700,000 sites in one fell stroke.

The websites of the government of Zimbabwe are targeted by Anonymous due to censorship of the Wikileaks documents.

Anonymous launches DDOS attacks against the Tunisian government websites due to censorship of the Wikileaks documents and the 2010-2011 Tunisian protests.

Anonymous, in response to the 2011 Egyptian protests, attacks Egyptian government websites.

LulzSec and Anonymous launch Operation AntiSec, an enormous hacktivist operation aiming many companies and government agencies.

Lulz Security & Anonymous

A hacker called AnonymousPEF attempts a Fire Sale, made famous by the film Live Free or Die Hard, but fails. However is still the first of its kind.

Estonia unveils plans to create a cybermilitia called the "Cyber Defense League," a group of volunteer scientists and others that in wartime would operate under military command.

Cyber Defence League

Creech Air Force Base's drone and Predator fleet's command and control data stream is keylogged, resisting all attempts to reverse the exploit, for two weeks The Air Force issues a statement that the virus had "posed no threat to our operational mission".

The YouTube channel of Sesame Street is hacked, streaming pornographic content for about 22 minutes.

Duqu, a computer worm related to the Stuxnet worm, is discovered in Budapest. It appears not to be destructive because the known components are only trying to gather information that could be useful in attacking industrial control systems.

2012


A group of Norwegians hackers, Team Appunity, is arrested for breaking into and publishing the user database of Norway's largest prostitution website.

Team Appunity

The Flashback trojan, which started spreading in late 2011 affecting personal computer systems running Mac OS X, is discovered. The trojan targets a Java vulnerability on Mac OS X and uses basic encryption to bind downloaded modules to the infected system.

Swagg Security, a rising hacker group, hacks Foxconn and releases a massive amount of data including email logins, server logins, and bank account credentials of large companies like Apple and Microsoft.

Swagg Security

Flame, a modular computer malware that attacks computers running Windows, is discovered while being used for targeted cyber espionage in Middle Eastern countries. Flame is a sophisticated attack toolkit, which is a lot more complex than Duqu. It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master. It can record audio, screenshots, keyboard activity, network traffic, Skype conversations and can turn infected computers into Bluetooth beacons which will attempt to download contact information from nearby Bluetooth-enabled devices.

Swagg Security hacks Farmers Insurance, Mastercard, and several other high-level government sites releasing several thousand usernames and logins, as well as other confidential information.

India is accused of hacking a U.S commission's e-mail communications, which primarily dealt with the economic and security relations between U.S and China.

Anonymous attacks the Department of Justice and the FBI websites in response to the shutdown of the file sharing website Megaupload.

Megaupload

Gauss, an espionage trojan created by the same actors behind the Flame malware, is discovered: The authors encrypted the payload of the attack using a key derived from a 10,000-iteration hash on two attributes of the infected system. Gauss is a complex cyber-espionage toolkit platform, highly modular and supports new functions which can be deployed remotely by the operators in the form of plugins. Gauss's use of DRM highlights sophisticated and forward-looking nature of nation-state threats.

2013


Read the next post…

Previous ChapterNext Chapter: The Future of Cyber Threats

Cyber Threats History: A New World (2000s)

In this new decade, the average consumer is persuaded to use the credit card on the Internet for purchases, raising the risks of cyber theft. Insurance policies are offered by most credit cards companies and former hackers are hired by the industry to design improved security measures.

Cyber attacks become more frequent and destructive and kids using automated programs that perform functions they could not perform on their own, conduct many of these actions, hitting big companies and causing severe financial losses. The denial-of-service attack becomes a tool of war and the attacks are designed to paralyze websites, financial networks and other computer systems by flooding them with data from outside computers.

Alongside with these criminal attacks against banks and every wire dependent industries, there a rise of the cyber terrorism threat. This is the 9/11 decade and the attacks in the United States spawn diverse reactions from different groups, with the FBI issuing warnings of potential terror attacks through the Internet. Some believe that the threat is real and possible at any given moment, while some countered that it is not that easy, and is almost impossible with all the existing security systems.

Historical Landmarks


2000


Michael Calce, a 15-year-old Canadian with the handle "MafiaBoy", launches a series of DoS attacks against huge companies with high levels of security and numerous e-commerce sites. Amongst those attacked are computer manufacturer Dell, media giant CNN, and shopping sites Amazon and Ebay. In order to do so, MafiaBoy gains illegal access to 75 computers in 52 different networks and plants a DoS tool on them which he then activates and uses to attack several Internet sites causing about $1.7 billion losses.

Mafia Boy

Russian hackers penetrate Microsoft Corporation and view portions of the source code for key products such as Windows and Office suite.

Yahoo, eBay, Amazon and dozens of other high-profile Web sites go offline for several hours because of a series of so-called Distributed Denial-of-Service (DDoS) attacks. Investigators later discover that the attacks were orchestrated when the hackers co-opted powerful computers at the University of California-Santa Barbara.

The I LOVE YOU worm, also known as Love Letter and Love Bug worm, starts spreading from Manila and within ten days, over fifty million infections have been reported. It is a computer worm written in VBScript by an AMA Computer College student for his thesis.

I LOVE YOU

Vitek Boden, a disgruntled employee, hacks the Maroochy Shire Council's sewage control system in Queensland, Australia and releases millions of gallons of raw sewage on the town waterways.

Sewage

A Russian cracker attempts to extort $100K from online music retailer CD Universe, threatening to expose thousands of customers' credit card numbers. He posts them on a website after the attempted extortion fails.

CD Universe

Hactivists in Pakistan and the Middle East deface Web sites belonging to the Indian and Israeli governments to protest against oppression in Kashmir and Palestine.

A news release issued by Internet Wire, and reported by Bloomberg and other news organizations, causes Emulex stock to plunge from $110 a share to $43 on the NASDAQ exchange in minutes. A former Internet Wire employee, believed to have authored the bogus story, faced charges and is alleged to have pocketed $241,000 short-selling Emulex shares that day.

Kevin Mitnik is released from prison.

2001


Microsoft is targeted in a new type of attack against the Domain Name Servers. In this DoS attack, the DNS paths taking users to Microsoft's web sites are corrupted and millions of users are unable to reach Microsoft web pages for two days.

A Dutch cracker releases the Anna Kournikova virus. Promising digital pictures of the young tennis star, the virus mails itself to every person listed in the victim's Microsoft Outlook address book. Although being relatively benign, the virus frightens computer security analysts, because it appears to have been created using a software "toolkit" that allows even the most inexperienced user to create a computer virus.

Anna Kournikova Virus

Dmitry Sklyarov, a Russian programmer, is arrested at the annual Defcon hacker convention being the first person criminally charged with violating the Digital Millennium Copyright Act (DMCA).

Code Red, the first polymorphic worm, infects tens of thousands of systems running Microsoft Windows NT and Windows 2000 server software, causing an estimated $2 billion in damages. The worm is programmed to use the power of all infected machines against the White House web site at a predetermined date.

Code Red Worm

The 9/11 World Trade Center and Pentagon terrorist attacks spark US lawmakers to pass a barrage of anti terrorism laws (including the Patriot Act), many of which group hackers with terrorists.

Microsoft and its allies vow to end "full disclosure" of security vulnerabilities by replacing it with "responsible" disclosure guidelines.

Debuting just days after the Sept. 11 attacks, the Nimda virus wreaks havoc on the Internet infecting hundreds of thousands of computers around the world. The virus is considered one of the most sophisticated, with up to five methods of infecting systems and replicating itself.

EU publishes report on its investigation of the ECHELON system, purportedly used by the US, UK, Canada, Australia and NZ to spy on radio, telephone and Internet communications. Meant for military and defense use, there is suspicion it is being used to invade personal privacy and for commercial spying.

Echelon

A Chinese fighter collides with an American surveillance plane and tensions in Chinese-American diplomatic relations rise. US and Chinese hackers engage in web defacement skirmishes.

Melissa virus author David L. Smith, 33, is sentenced to 20 months in federal prison.

Melissa

FBI establishes a fake security start-up company in Seattle and lures two Russian citizens to U.S. soil on the pretense of offering them jobs, then arrests them. The Russians are accused of stealing credit card information, attempting to extort money from victims, and defrauding PayPal by using stolen credit cards to generate cash.

2002



U.S. Naval War College sponsors the Digital Pearl Harbour exercise in which analysts act as terrorists and simulate a large scale attack on several infrastructures. Conclusions are that such an attack would not result in catastrophic events and deaths but can cripple communications in heavily populated areas.

The Klez worm becomes the biggest malware outbreak in terms of machines infected. It sends copies of itself to all of the e-mail addresses in the victim's Microsoft Outlook directory, overwrites files and creates hidden copies of the originals. The worm also attempts to disable some common anti-virus products and has a payload that fills files with all zeroes. In spite all of this it causes little monetary damage.

Klez

A DDoS attack hits all 13 of the root servers that provide the primary DNS services for almost all Internet communications. Nine servers out of these thirteen are jammed but Internet users experience no slowdowns or outages because of safeguards built into the Internet's architecture. However, the attack raises questions about the security of the core Internet infrastructure.

DNS Root Servers

2003



The SQL Slammer worm infects hundreds of thousands of computers in less than three hours generating chaos on businesses worldwide. It holds the ranking as the fastest-spreading computer worm ever.

MS Blaster worm and variants (Welchia) are released. The worm may have contributed to the cascading effect of the Aug. 14 blackout, that affected an estimated 10 million people in Ontario and 45 million people in eight U.S. states.

MS Blaster

A worm disables critical safety systems at a nuclear power plant in Ohio.

Howard Carmack, also known as the Buffalo Spammer is arrested in New York after sending 825 million e-mails, fraudulently using the identities of two people from the city of Buffalo, as well as hundreds of aliases.

Howard Carmack

The hacker group Anonymous is formed.

A Russian hacker group known as the Hang-Up Team builds a Web site featuring administrative tools for attacking U.S. financial institutions.

2004


North Korea claims to have trained 500 hackers to crack computer systems in South Korea, Japan and their allies.

The My Doom worm claims to be a notification that an e-mail message sent earlier has failed, and prompts the user to open the attachment to see what the message text originally said. It is basic social engineering to persuade recipients to open attachments containing the virus.

My Doom

From their lair in distant Romania, a group of hackers penetrate the computers controlling the life support systems of a research station in the Antarctic. The extortionists confront the 58 scientists and contractors with the sudden prospect of an icy death if their money demands are not met. The culprits are stopped before any damage is done.

After 4 years of investigation, US Secret Service's Operation Firewall discovers a network of over 4,000 members communicating through the Internet and conspiring on a series of crimes. The Secret Service seizes control of the Shadowcrew web site and arrests people in eight states and six countries.

Sven Jaschan, a 18 year old German student, releases the Netsky virus. It infects millions of computers around the world and disables the Delta Air Lines computer system, causing the cancellation of several transatlantic flights. Jaschan is arrested after a three-month hunt, during which Microsoft places a $250,000 bounty on the hacker's head. Multiple variants of the virus keep spreading in the following months.

Netsky T

Sanford Wallace, "The Spam King", is investigated by the FTC and fined four million dollars.

Shawn Carpenter, a Sandia National Laboratories employee, discovers an extensive series of infiltrations into US military security companies such as Sandia, Lockheed Martin, Redstone Arsenal and even NASA. FBI names these attacks Titan Rain and labels them as Chinese in origin, although their precise nature remains unknown.

2005


A Netcraft survey estimates more than 60M web sites online.

Netcraft

Hackers gain access to Paris Hilton's T-Mobile Sidekick smartphone and post her photos and phone numbers online.

Bank of America has 1.2M names and Social Security numbers stolen.

FBI's e-mail system is hacked.

The Samy worm makes everybody Samy's friend at MySpace.

Tel Aviv Magistrate's Court imprisoned several people from some of Israel's leading commercial companies and private investigators suspected of commissioning and carrying out industrial espionage against their competitors, which was carried out by planting Trojan horse software in their computers.

Jeanson James Ancheta, is taken into custody by the FBI. He allegedly is a member of the Botmaster Underground, a group of script kiddies mostly noted for their excessive use of bot attacks and propagating vast amounts of spam.

2006


Ancheta receives a 57-month prison sentence, and is ordered to pay damages amounting to $15,000 to the Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS attacks and hacking.

Jeason James Ancheta

Turkish hacker iSKORPiTX successfully performs the largest defacement in Web History, at the time, hacking 21,549 websites in one single shot.

Hacked by iSKORPiTX

US Air Force announces plans to create a Cyber Command to handle cyberwarfare and network defense.

Hackers break into Department of Homeland Security computers, install malware, and transfer files to a remote Chinese-language Web site; Unisys (the contractor) is charged with covering up the intrusion.

Hacker accesses Linden Lab's Second Life database and steals unencrypted account names, real life names and contact information, and encrypted passwords and payment data.

Second Life

A bank machine in Virginia Beach is reprogrammed to dispense $20 bills in place of $5 bills. The machine was left this way for 9 days before someone mentioned the discrepancy to the store clerk.

An Alabama nuclear power plant is shut down due to excessive network traffic.

A series of cyber attacks is launched against numerous organizations including governments and defense contractor. This will later be known as Operation Shady RAT.

In the war against Hezbollah, Israel alleges that cyberwarfare was part of the conflict, where the Israel Defense Forces (IDF) intelligence estimates several countries in the Middle East used Russian hackers and scientists to operate on their behalf.

According to a Gartner study, the 1.5M Americans were victims of identity theft in 2006.

2007


Estonia is subjected to a massive cyberattack by hackers inside the Russian Federation in the wake of the removal of a Russian World War II memorial from downtown Tallinn. In a very brief period of time, a variety of methods are used to take down key government websites, news sites and generally flood the Estonian network to a point that it is useless, disrupting the use of websites for 22 days.


Nearly all Estonian government ministry networks as well as two major bank networks are knocked offline and the whole attack is considered as the perfect example of how vulnerable a nation can be to cyberattacks during a conflict.

The Chinese government and military are accused of hacking other nations' networks, including US pentagon networks, and German and UK government computers.

Russian Business Network (RBN) offers bulletproof hosting, allowing sites which host illegal content to stay online despite legal takedown attempts.

Russian Business Network

Russian gang uses RBN hosting and SQL injection to penetrate US government sites.

Israel launches an airstrike on Syria dubbed Operation Orchard. U.S. industry and military sources speculate that the Israelis may have used cyberwarfare to allow their planes to pass undetected by radar into Syria.

The U.S. Department of Homeland Security conducts the "Aurora Generator Test" at Idaho National Laboratories, which shows that a cyberattack on an industrial-control system can damage a machine. The test involves the remote accessing of a generator control station by a foreign hacker and it causes a large diesel generator to shudder, hurl shards of metal, and emit smoke before dying altogether.

FBI Operation Bot Roast finds over 1 million botnet victims.

FBI Operation Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictments.

Paul Strassmann, former senior U.S. information security official, estimates that there are over 730,000 compromised computers "infested by Chinese zombies." This is a clear reference to possible effects of recent cyberattacks that left behind malicious software that can be activated later.

2008


A video of Tom Cruise espousing his belief in the Church of Scientology is leaked to YouTube and the Church attempts shut it down. As a response to this, the group calling itself 'Anonymous' starts "Project Chanology", an anti-Scientology movement aiming to systematically expel The Church from the internet. Over the following weeks, Scientology websites are intermittently knocked offline and private documents are stolen from Scientology computers and distributed over the Internet. The Church of Scientology moves its website to a host that specializes in protection from denial-of-service attacks but the cyber attacks and hacks against the celeb-addled religion continue until today.

Hundreds of government and corporate Web sites in Lithuania are hacked, and some are covered in digital Soviet-era graffiti, implicating Russian nationalist hackers.

MySpace and FaceBook private pictures exposed on-line using URL manipulation.

A computer hacker leaks the personal data of 6 million Chileans (including ID card numbers, addresses, telephone numbers and academic records) from government and military servers to the internet, to protest Chile's poor data protection.

Senior CIA analyst Tom Donahue, speaking at a conference, publicly acknowledges that attackers have targeted power-grid computers worldwide, causing at least one widespread electrical outage.

Russian forces invade Georgia, preceded by cyberattacks on Georgian government and business websites and network infrastructure, disabling the country's Web-based communication with the outside world.

Joel Brenner, national counterintelligence executive, calls China's cyber militia formidable. He says the Chinese operate both through government agencies and sponsoring organizations, which mount attacks on the US in "volumes that are just staggering."

The Obama and McCain presidential campaigns, during their run for the 2008 presidency, are heavily attacked. What is first thought of as simple cyberattacks on the computers used by both campaigns is discovered to be a more concentrated effort from a "foreign source" that violates emails and sensitive data. The FBI and secret service swooped in and confiscate all computers, phones and electronics from the campaigns. There are no final conclusions but the rumors point to the usual suspects: China or Russia

Obama McCain

Unknown foreign intruders use "thumb drives," portable memory sticks, to infect DOD networks. Inserted into a military laptop in the Middle East, the malicious code on the drive creates a - according to Deputy Secretary of Defense William Lynn - "digital beachhead, from which data could be transferred to servers under foreign control." The attack acted as another reality check in security, and results in what one Pentagon official would later call the "most significant breach of US military computers ever."

The Conficker worm starts infecting PCs, quietly recruiting them into the world's largest botnet, responsible for distributing viruses, malware and taking part in massive denial of service attacks on behalf of their masters. The source of the worm and its many variants is still unknown, although some researchers believe it originated in the Ukraine. The worm is still active today in spite of all the efforts made to eradicate it. Microsoft has a standing bounty of $250,000 for information leading to the arrest of its creators.

Trusted payments processor Heartland Payment Systems is victim of a plot to steal credit and debit card numbers. By secretly infesting the company's computer network with spyware, a criminal gang is able to steal over 100 million individual card numbers and this episode ended up costing them around $140m.

Heartland

Grocery retailer Hannaford Bros suffers a four-month long breach of their security. During this period, over 4.2 million credit and debit card numbers are exposed, along with other sensitive information. The costs are estimated in $252m.

Hannaford

One of the principal hackers involved is Albert Gonzalez, who had also hacked Heartland Payment Systems as well as TJ Maxx. Gonzales committed his crimes between 2005 and 2008. Ironically, he was hired as a U.S. Secret Service informant which earned him $75,000 annually during that time frame. The Secret Service was unaware of his activities until 2008.

Albert Gonzalez

The hacker called his scheme "Operation Get Rich or Die Tryin'" and was achieved through the installation of malware on store servers, which stands in contrast to the more common tactic of hacking company databases. To steal the debit and credit card information, he used a packet sniffer to obtain transaction data directly from retailers. The data was routed to servers leased in the Ukraine and Latvia. He then distributed the information to Maksym Yastranskiy, a Ukrainian card seller. Yastranskiy was captured in Turkey in 2007 and provided information that was used to build a cybercrime (link) case against Albert Gonzalez. After his arrest, Gonzalez tried to plea computer addiction and Asperger's disorder, which were dismissed by the court. Gonzalez is convicted to twenty years in prison

2009


The Israeli invasion of Gaza originates a  number of website defacements, denial-of-service attacks, and domain name and account hijackings, from both sides. These attacks are notable in being amongst the first ever politically motivated domain name hijackings.

During the Iranian election protests, Anonymous plays a role in disseminating information to and from Iran by setting up the website Anonymous Iran and releasing a video manifesto to the Iranian government.

Janet Napolitano, DHS Secretary, opens new National Cybersecurity and Communications Integration Center (NCCIC), a 24-hour "watch and warn" center.

NCCIC

The Melbourne International Film Festival is forced to shut down its website after DDoS attacks by Chinese vigilantes, in response to Rebiya Kadeer's planned guest appearance, the screening of a film about her which is deemed "anti-China" by Chinese state media, and strong sentiments following the July 2009 Ürümqi riots. The hackers booked out all film sessions on its website, and replaced festival information with the Chinese flag and anti-Kadeer slogans.

Conficker worm infiltrates millions of PCs worldwide including many government-level top-security computer networks.

Computers of the Climate Research Unit of East Anglia University are hacked in an attempt to expose a conspiracy by scientists to suppress data that contradicted their conclusions regarding global warming.

President Obama announces creation of a Cyber-security Coordinator under the National Security Council and the National Economic Council responsible for implementing cybersecurity policies and strategy.

Spammers began using automatic translation services to send spam in other languages in order to overcome the fact that, by 2009, the majority of spam sent around the world was in the English language.

Sanford Wallace received a $711 million dollar judgment for spamming damages on Facebook, posting spam messages on member's walls. He files for bankruptcy.

A series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States are detected. While many think the attack is directed by North Korea, one researcher traces the attacks to the United Kingdom.

A 10-month cyberespionage investigation of the GhostNet finds that 1,295 computers in 103 countries have been spied on, with circumstantial evidence pointing to China. GhostNet uses a malicious software program called gh0st RAT (remote-access tool) to steal sensitive documents and control webcams in infected computers.

Hackers break into Defense Department computers and download terabytes of data containing design information about the Joint Strike Fighter project, a $300 billion initiative to develop a stealth fighter plane.

Previous ChapterNext Chapter: A New Cold War (Present)

Cyber Threats History: The Internet Expansion (1990s)

Although hacking expanded and enjoyed glorification during the 80s, a divide was forming within the hacking community by the end of the decade. The hacker principle of “freedom of technology” was changing, and a younger generation interested in individual gain emerged leading to an increase in the number of hackers that were no longer satisfied with benign exploration of systems merely to learn how they worked.

This obscure side fragmented even further as several independent groups formed “electronic gangs,” driven to tap into the sensitive information housed within large institutions, like government and educational research centers. Similarly to what happens with conventional street gangs, it did not take long for these groups to begin fighting each other, and the early 1990s saw an escalation of infighting that jammed phone lines and networks, and ultimately led to the demise and criminal prosecution of several groups. On top of this, the end of the cold war is a very significant factor as it allows the Internet to spread freely across the former URSS, with great impact on both sides of the now rusty Iron Curtain.

Historical Landmarks:

 

1990



The Great Hacker War begins with Legion of Doom and Masters of Deception engaging in almost two years of online warfare –jamming phone lines, monitoring calls, trespassing in each other's private computers.

In response to the AT&T telephone system crash that left 60,000 customers without a phone line for nine hours on January 15, federal authorities burst into Mark Abene's (Phiber Optik) bedroom, guns drawn, and confiscate his computer equipment. Abene and other MOD members have their homes searched and property seized by the U.S. Secret Service largely based on government suspicions of having caused AT&T Corporation's network crash. Some weeks later, AT&T themselves admit that the crash was the result of a flawed software update to the switching systems on their long distance network, thus, human error on their part.

Phiber Optik

A role-playing game company called Steve Jackson Games in Austin, Texas is raided. The Secret Service seizes computers and disks at the company‘s offices and also at the home of one of their employees, Loyd Blankenship (The Mentor) a former member of the Legion of Doom. Blankenship is writing a role-playing game called GURPS Cyberpunk, which the agents interpret as a handbook for computer crime.

GURPS
After two years of investigation, 150 FBI agents, aided by state and local authorities, launch Operation Sundevil raiding presumed criminal hacker organizations allegedly involved in credit card abuse and theft of telephone services. They seize 42 computers and 23,000 disks from locations in 14 cities. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity as the targets were mainly sites running discussion boards, some of which were classified as hacker boards.

The legal battles arising in the aftermath of Operation Sundevil, the Steve Jackson Games raid and the trial of Knight Lightning, prompt the formation of the Electronic Frontier Foundation. John Perry Barlow and Mitch Kapor form this organization when they felt that there was a need for increased protection for Internet civil liberties.

EFF Logo

The Internet has more than 300,000 hosts and while the T3 lines are being constructed, the Department of Defense disbands the ARPANET and most university computers that were connected to it are moved to networks connected to the National Science Foundation Network (NSFNET). The original 56Kbs lines of ARPANET are taken out of service being replaced by the NSFNET backbone.

NSFNET 1991

Australian federal police tracking Realm members Phoenix, Electron and Nom are the first in the world to use a remote data intercept to gain evidence for a computer crime prosecution.

The Computer Misuse Act is passed in the United Kingdom, criminalizing any unauthorized access to computer systems.

Each week, the Los Angeles KIIS-FM radio station ran the “Win a Porsche by Friday” contest, with a $50,000 Porsche given to the 102nd caller after a particular sequence of songs announced earlier in the day was played. Kevin Poulsen (Dark Dante) and his associates, stationed at their computers, seized control of the station’s 25 telephone lines, blocking out all calls but their own. Then he dialed the 102nd call — and later collected his Porsche 944.

1991



Although Abene is ultimately acquitted in the AT&T scandal, in February he is arrested and charged with computer tampering and computer trespass in the first degree. Being a minor, he pleads "not guilty" and ultimately accepts a plea agreement to a lesser misdemeanor charge, and is sentenced to 35 hours of community service.

Philip Zimmerman releases "Pretty Good Privacy" (PGP), a free, powerful data-encryption tool. The U.S. government begins a three-year criminal investigation on Zimmerman, alleging he broke U.S. encryption laws after his program spread rapidly around the globe.

PGP

The first browsable directory of files on the Internet, Gopher, is created providing a text based, menu-driven interface to access internet resources.

Wide Area Information Servers (WAIS) is created providing a mechanism for indexing and accessing information on the Internet.

The federal ban barring business from the Internet is lifted and the Commercial Internet eXchange (CIX) Association, Inc. formed after NSF lifts restrictions on the commercial use of the Net.

Linus Torvalds publicly releases Linux version 0.01
  Linux

World-Wide Web (WWW) released by CERN. Originally developed by Tim Berners-Lee to provide a distributed hypermedia system it allows easy access to any form of information anywhere in the world.
 WWW

Justin Petersen, arrested three months earlier for hacking, is released from prison to help the FBI track hacker Kevin Mitnick .

Michelangelo virus media panic begins.

Kevin Poulsen is arrested on charges of fraud and money laundering, after being featured on an episode of "Unsolved Mysteries".

By the end of the year Phiber Optik has appeared in Harper‘s Bazar, Esquire, The New York Times, in countless public debates and conventions and even on a television show hosted by Geraldo Rivera. He and four other members of the Masters of Deception are also arrested in December as a result of a major nationwide investigation by a joint FBI/Secret Service task force.

1992



A group of computer enthusiasts arranges to store their spare equipment in some rented space in Boston. They collaborate on analysis of vulnerabilities, especially on Microsoft products, and gain a reputation for contributing serious research to the field and for appearing at security conferences. It's the birth of L0pht Heavy Industries.

L0PHT

Bruce Sterling publishes The Hacker Crackdown, in which he documents a mounting legal resistance to hackers, provides an in-depth look at several actual hacks, and discusses the civil liberties side of hacking. The book gives the public yet another glimpse into the underworld of hacking, cracking, and phreaking. The combination of these events publicizes the dark side of hacking and raised the public’s awareness to its consequences.
  The Hacker Crackdown Front

Bulgarian virus writer Dark Avenger writes 1260, the first polymorphic virus. It is the first known use of a polymorphic engine to mutate the virus code while keeping the original algorithm intact. The idea behind the use of this polymorphic code, is to circumvent the type of pattern recognition used by Anti-virus software.

Five MOD members are indicted by federal court an 11-count charge. The indictment relies heavily on evidence collected by court-approved wire tapping of telephone conversations between MOD members.

The number of Internet hosts exceeds 1 Million.

The term "Surfing the Internet" is coined by Jean Armour Polly.

1993


Wired magazine is released.

Wired

Court rules in favor of Steven Jackson Games and the Secret Service is ordered to pay damages.

The First DefCon hacker conference is held in Vegas with the single purpose to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it became an annual event.
  Def Con 1 Logo

The Mosaic web browser is released, popularizing the World Wide Web. Developed at the National Center for Supercomputing Applications (NCSA), it provides a multimedia graphical interface that allows users to more easily navigate the web by converting text commands to images.
 Mosaic Logo

All five MOD member plead guilty and are sentenced to either probation or prison. Phiber Optik serves one year in a federal jail.
 

1994


Usenet becomes a popular target for spam messages. The first mass spam is sent by Clarence Thomas, a system administrator Andrews University. His message: Global Alert for All: Jesus is Coming Soon.

Mosaic is renamed Netscape Navigator and the company takes the 'Netscape' name.

  Netscape Navigator

Brian Pinkerton creates WebCrawler, the first Web search engine. It is a software robot that collects the full text of web pages and stores them in a database that can be searched using keywords. As other robots were developed to search the Web, they became known as "crawlers" or "spiders".
 Web Crawler

In addition to WebCrawler, EINst Galaxy, Lycos and Yahoo! search engines were created.

30-year-old Russian Vladimir Levin leads a group of hackers who break into Citibank's systems and steal 10 million dollars. Using his work laptop after hours, he transfers the funds to accounts in Finland and Israel. Levin stands trial in the United States and is sentenced to three years in prison.

AOHell is released as a freeware application that allows unskilled script kiddies to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multi-megabyte email bombs and their chat rooms disrupted with spam messages.

16-year-old student, nicknamed “Data Stream”, arrested by UK police for penetrating computers at the Korean Atomic Research Institute, NASA and several US govt. agencies.

Five members of the Aum Shinri Kyo cult's Ministry of Intelligence break into Mitsubishi Heavy Industry's mainframe and steal a significant amount of sensitive data.

Prof. James Der Derian coins term "cyber deterrence" in Wired Magazine.

Kevin Poulsen pleads guilty in U.S. District Court in Los Angeles to seven counts of mail, wire and computer fraud, money laundering and obstruction of justice in connection with the KIIS-FM incident and others.

A hacker steals Tsutomu Shimomura's personal files and distributes them over an online community for expert computer programmers. The culprit is Kevin Mitnick.

The Intervasion of the UK orchestrated by a group called the Zippies on Guy Fawkes Day, is the first public use of DDoS as a form of protest.

A husband and wife team of lawyers, Laurence Canter and Martha Siegel, use bulk Usenet posting to advertise immigration law services creating the first major commercial spam incident when they cross-post their Green Card Assistance Services to 6,000 newsgroups at once. The enraged Usenet users reply with insulting email messages (flames) and mail-bombs (a large email that takes up a huge amount of space on the receiver's server that clogs the system and can cause it to crash). Defiant in the face of widespread condemnation, the attorneys claimed their detractors were hypocrites or zealots and write a controversial book entitled How to Make a Fortune on the Information Superhighway: Everyone's Guerrilla Guide to Marketing on the Internet and Other Online Services." In this book, they support spamming as a viable marketing tool and they claim everyone has a right to advertise on all the newsgroups in any way as they saw fit. This sets a precedence that most spammers still abide by: If you don't like it, delete it, we're just exercising our right to free speech.
 

1995


Alta Vista, Excite, and InfoSEEK search engines are created.

Microsoft releases Windows 95. Anti-virus companies worry that the operating system will be resistant to viruses.
  Windows 95

Macro viruses appear and are able to corrupt the new Windows operating system.

Microsoft releases Internet Explorer as part of the Windows 95 Plus! Pack.

Internet Explorer

Using a trace-dialing technique and locating telephone loop signals, Tsutomu Shimomura, from the San Diego Supercomputer Center tracks down Kevin Mitnick.
  Tsutomo Shimonura

In a highly publicized case, Kevin Mitnick, probably the world’s most prolific and best-known hacker, is arrested (again), this time in Raleigh, N.C., He is charged with stealing at least $1 million worth of sensitive project data from computer systems.
  KevinMitnick

Mitnick is the very first person to be convicted of gaining access to an interstate computer network for criminal purposes and is also the first cracker to have his face appear on an FBI "Most Wanted" poster.

KevinMitnick Poster

Mitnick is charged of snagging thousands of credit card numbers from online databases, breaking into the California motor vehicles database, and remotely controlling New York and California's telephone switching hubs on various occasions. Mitnick is a master of what hackers refer to as social engineering, gathering information simply by asking people for it. Many times the passwords he used to enter computer networks were provided by the systems administrators of those networks, who had been convinced that Mitnick had good reasons for needing the passwords. He will remain in jail for 4 years without trial.

The "Netstrike", a strike action directed against French government computers is one of the earliest documented hacktivist events.

Spamware, or spamming software is created. In August, a list of two million e-mail messages is offered for sale.

Kevin Poulsen is sentenced to 51 months in prison and over $56,000 in restitution to radio stations he scammed.
 

1996


Cult of the Dead Cow member Omega coins the term "hacktivism."

Hackers deface the Web sites of the United States Department of Justice, the CIA, and the U.S. Air Force.

Canadian hacker group, Brotherhood, angry at hackers being falsely accused of electronically stalking a Canadian family, breaks into the Canadian Broadcasting Corporation web site and leave message: "The media are liars." Family's own 15-year-old son eventually is identified as stalking culprit.

The U.S. General Accounting Office reports that hackers attempted to break into Defense Department computer files some 250,000 times in 1995 alone. About 65 percent of the attempts were successful, according to the report.

John Deutsh, CIA director, testifies foreign organized crime groups behind hacker attacks against the US private sector.

US Communications Decency Act (CDA) passed – makes it illegal to transmit indecent/obscene material over Internet.

South Korean media reports that North Korean government officials are engaging in efforts to obtain foreign proprietary technology through indirect methods.

Bell Research Labs in the US announce they have found a way to counterfeit the electronic money on smart cards.

A computer hacker allegedly associated with the White Supremacist movement temporarily disabled a Massachusetts ISP and damaged part of the ISP's record keeping system. The ISP had attempted to stop the hacker from sending out worldwide racist messages under the ISP's name. The hacker signed off with the threat, "you have yet to see true electronic terrorism. This is a promise."

1997

US Supreme court rules Communications Decency Act (CDA) unconstitutional.

America On-line (AOL), one of the largest Internet service providers in the US, cuts direct access for its users in Russia due to the high level of fraud.

The german Chaos Computer Club claims it was able to penetrate Microsoft's Internet software and the financial management program Quicken, and transfer money between accounts without either the account holder or bank realizing the transaction was unauthorized.

FBI’s National Computer Crimes Squad reports 85% of companies have been hacked, and most never know it.

A hacker disables the computer system of the airport traffic control tower at Worcester Airport, Massachusetts. No accidents are caused, but regular service is affected.

A hacker from Sweden jams the 911 emergency telephone systems in the west-central Florida. This indicates that an attack could be launched from anywhere in the world.

Electronic Disturbance Theater (EDT) starts conducting Web sit-ins against various sites in support of the Mexican Zapatistas. At a designated time, thousands of protestors point their browsers to a target site using software that floods the target with rapid and repeated download requests. Animal rights groups have also used EDT's software against organizations said to abuse animals.

A 15-year-old Croatian youth penetrates computers at a U.S. Air Force base in Guam.

The Eligible Receiver 97 exercise tests the American government's readiness against cyberattacks. The NSA Red Team used hacker techniques and software that was freely available on the Internet at that time. The Red Team was able to crack networks and do things such as deny services; change and manipulate emails to make them appear to come from a legitimate source; disrupt communications between the National Command Authority, intelligence agencies, and military commands. Common vulnerabilities were exploited which allowed the Red Team to gain root access to over 36 government networks which allowed them to change/add user accounts and reformat server hard drives.

First high-profile attacks on Microsoft's Windows NT operating system.

Sanford Wallace, “The Spam King”, starts his of spamming career creating a spamming company called Cyber Promotions to send junk faxes and then moves to email and other Internet tactics.
 Sanford Wallace

A group calling themselves PANTS/HAGIS Alliance hacks Yahoo! and threatens to set off a computer virus. Yahoo! notifies internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted by hackers claiming a "logic bomb" will go off on Christmas Day 1998 if Kevin Mitnick is not released from prison. It turns out to be just a hoax.

The Portuguese hacking group UrBaN Ka0s hacks the site of the Republic of Indonesia and 25 other military and government sites as part of the hacking community campaign against the Indonesian government and the state of affairs in East Timor.
 

1998


Search giant Google is founded by Larry Page and Sergey Brin in the follow-up of their research project of while studying for their Ph.Ds. at Stanford University.


Intruders infiltrate and take control of more than 500 military, government and private sector computer systems. The attacks, dubbed "Solar Sunrise" after the well-known vulnerabilities in Sun's Solaris operating system, implant sniffer programs to pilfer sensitive data and appear to come from servers around the world. Investigators originally suspect operatives in Iraq, but later learn that a group of California teenagers was responsible for the incursions. The experience gives the US Department of Defense its first taste of what hostile adversaries with greater skills and resources would be able to do to the nation's command and control center, particularly if used in tandem with physical attacks.

CIA Director George Tenet gives speech on "information security risks" and, for the first time, a US spy chief refers publicly to the threat of "cyberattack."

US military coordinates cyberdefense efforts under a Joint Task Force – Computer Network Defense.

Ethnic Tamil guerrillas swamp Sri Lankan embassies with over 800 e-mails a day for more than two weeks. The messages read, "We are the Internet Black Tigers and we're doing this to disrupt your communications."Intelligence authorities claim this is the first known attack by terrorists against a country's IT infrastructure.

U.S. Attorney General Janet Reno unveils National Infrastructure Protection Center, which is given a mission to protect the nation's telecommunications, technology and transportation systems from hackers.

The members of the elite hacker group known as L0pht testify in front of the US congressional Government Affairs committee on "Weak Computer Security in Government". L0pht claims it can shut down nationwide access to the Internet in less than 30 minutes and therefore the group urges stronger security measures.

Hackers break into United Nation's Children Fund Web site, threatening a "holocaust" if Kevin Mitnick is not freed.

Information Security publishes its first annual Industry Survey, finding that nearly 75% of organizations suffered a security incident in the previous year.

The Federal Bureau of Labor Statistics is inundated for days with hundreds of thousands of fake information requests.

Hacking group Cult of the Dead Cow releases a Trojan horse program called Back Orifice at Defcon. Once installed a Windows 9x machine the program allows for unauthorized remote access.
  Back Orifice

Timothy Lloyd is indicted for planting a logic bomb on the network of Omega Engineering, causing millions in damage.

Hackers alter The New York Times Web site, renaming it HFG (Hacking for Girlies).

During heightened tensions in the Persian Gulf, hackers break into unclassified Pentagon computers and steal software programs allegedly for a military satellite system. They threaten to sell the software to terrorists.

U.S. officials accidentally discover a pattern of probing of computer systems at The Pentagon, NASA, United States Department of Energy, private universities, and research labs. This series of incidents form an operation later to be known as Moonlight Maze in which hackers penetrate American computer systems systematically marauding through tens of thousands of files - including maps of military installations, troop configurations and military hardware designs.

The Legions of the Underground (LoU) declare cyberwar on Iraq and China with the intention of disrupting and  disabling their Internet infrastructure.

1999


An international coalition of hackers (including Cult of the Dead Cow, 2600's staff, Phrack's staff, L0pht, and the Chaos Computer Club) issue a joint statement condemning the LoU's declaration of war. The LoU responds by withdrawing its declaration.

US Defense Dept. acknowledges 60-80 attacks per day.

Assassins hack into a hospital computer to change the medication of a patient so that he would be given a lethal injection. He is dead within a few hours.

Hackers in Serbia attack NATO systems in retaliation for NATO’s military intervention in Kosovo. Computers are blasted with e-mail bombs and hit with denial-of-service attacks. In addition, many businesses, public organizations, and academic institutes have their websites defaced.

NATO accidentally bombs the Chinese embassy in Belgrade, spawning a wave of cyberattacks from China against U.S. government Web sites where Chinese hacktivists post messages such as "We won't stop attacking until the war stops!"

Electrohippies, another group of hacktivists, conducted Web sit-ins against the WTO when they meet in Seattle.

The Electronic Civil Disobedience project, an online political performance-art group, uses the FloodNet software to attack the Pentagon calling it conceptual art and claiming it to be a protest against the U.S. support of the suppression of rebels in southern Mexico by the Mexican government.

Cult of the Dead Cow releases Back Orifice 2000 at DEF CON.
 Back Orifice 2000

A hacker interviewed by Hilly Rose during the Art Bell Coast-to-Coast Radio Show exposes a plot by Al-Qaida to derail Amtrak trains. This results in all trains being forcibly stopped over Y2K as a safety measure.

Hacktivists attempt to disrupt ECHELON (an international electronic communications surveillance network filtering any and all satellite, microwave, cellular, and fiber-optic traffic) by holding "Jam Echelon Day" (JED).

New Jersey programmer David Smith unleashes the first self-replicating worm to attack the Internet since Robert Morris' 1988 worm. Traveling via Microsoft Outlook email software, Melissa (named after a bar dancer) brings down computer networks at some 300 corporations. The virus is attached along with emails which have the following message: “Here is that document you asked for, don’t show it to anybody else.” As soon as it is activated, it sends copies of itself to the first 50 names listed in the recipient's Outlook e-mail address book. It also infects Microsoft Word documents on the user's hard drive, and mails them out through Outlook to the same 50 recipients.
 David Smith

Kevin Mitnick, detained since 1995 on charges of computer fraud, signs plea agreement and is sentenced to 5 years of which over 4 years had already been spent pre-trial.

Final words:


By the late 1990s hacking comes full circle and is the subject of scholarly research and discussion. Major colleges and universities are teaching and establishing programs of study focused on cyberculture and cyber security. The hacker mystique is continuously growing and evolving since its early days as a benign activity carried out within obscure computer labs in the 1960s. Participants have played many different roles and have been popularized through many mediums. They have been everything from computer tourists and network voyeurs to dangerous criminals and nihilist anarchists; from computer nerds to cyberpunks; from public nuisance to catalysts for technology advancement. No matter how much new legislation passes or how many new security roadblocks are devised, hacking will be practiced as long as computers and technology-driven communication systems are with us. However, this is also the end of anarchy, the death of the frontier. Hackers are no longer considered romantic antiheroes, kooky eccentrics who just wanted to learn things. A burgeoning online economy with the promise of conducting the world's business over the Net needed protection. Suddenly hackers are crooks.

Previous ChapterNext Chapter: A New World (2000s)