Today we may well be in the eye of the cyber storm, with hacking now at the core of a great deal of the organised crime plaguing the world.
CBR has taken this opportunity to reflect on some of the most famous instances of hacking so far recorded, having included both individuals and hacking groups.
By exploring the fame of both individual hackers and notorious groups of hackers, we see another changing pattern in the threat landscape. With the emergence of serious, business-driven organised crime and nation state activity, it is less common that one highly skilled individual is behind an attack.
For this reason we have included both examples of individuals and their names, but also groups associated with more recent, world famous attacks such as the WannaCry ransomware, thought by many to be nation state activity.
Gary McKinnon stands out among other hackers as he has been credited with the biggest military computer hack of all time.
The Scotsman made short work of the cyber defences of an alleged 97 US military and NASA computers, even leaving a note to tell those in charge what he thought about the barriers he had so easily bypassed. “Your security is crap”, read the message by the alleged cyber infiltrator.
In response to the the storm following the hack, McKinnon said he was merely looking to see whether the public was being kept in the dark regarding useful information, including information pertaining to UFOs. While this inquisitive approach appears to lack malice, he was accused by US authorities of erasing vital data from operating systems.
This activity, US authorities claimed, resulted in the shutting down of the Military District of Washington network for an entire day, causing 2,000 computers to be offline. In addition to destructively deleting data, he was also accused of copying critical data onto his own computer.
To top this story of a formidable hacker off, he carried these missions out by operating from the not so high tech control centre of his girlfriend’s aunt’s house.
Hacker groups play an important part in this list, as devastating attacks are commonly delivered by an organised unit of individual cyber adversaries working in unison. Hacking groups are also often associated with nation state hacking activity.
The Lazarus group is a prime example of this, having been linked to nation state activity thought to have been conducted by North Korea. Another factor making the Lazarus group stand out in terms of fame and notoriety is a connection to the crippling WannaCry ransomware attack. The attack swept the world recently, reducing organisations such as the NHS to pen and paper processes.
While WannaCry was a ransomware attack, the group has been known to use DDoS attacks too, being allegedly responsible for “Operation Troy” between 2009 and 2012. Major targets were involved in this instance that point to nation state motives, with the South Korean government found to be in the firing line.
The $81 million heist of a bank in Bangladesh in 2016 was also thought to be the work of the Lazarus Group, as well as a seemingly vengeful attack on Sony Pictures following the release of comedy that centred upon the assassination of leader of North Korea, Kim Jong-un.
The Condor/The Darkside Hacker, also known as Kevin Mitnick, is 54 and from the United States. The a high profile hacker has actually switched sides in recent times to head up a consulting firm that bears his name, Mitnick Security Consulting.
Despite his position now as a figure responsible for helping organisations test the strength of their security, he was previously sentenced to five years in prison for hacking related offenses. Mitnick started his hacking career young, when at 13 years old he managed to beat a process using social engineering that allowed him to use buses for free.
This fascination for beating the system did not leave Mitnick in his younger years, as he was only 16 when he gained entry to a computer network without authorisation. It was almost ten years later when we hacked into Digital Equipment Corporation’s network. After gaining access he copied information there, and for this he was sentenced.
Fancy Bear is another group that is thought to be connected to nation state cyber activity originating from a Russian military intelligence group known as GRU. This connection was made with some confidence by cybersecurity firm Crowdstrike.
Crowdstrike, and particularly the organisation’s CTO, Dmitri Alperovitch have played a part in characterising this group, with the name having been attributed from a system used by Mr Alperovich to identify those behind cyber activity.
Regardless of who is driving the activities of Fancy Bear, it is evident that it is principally involved in cyber espionage. This is down to the fact that the group is known to take aim at governments, security organisations and militaries of its targets.
The fame and threat associated with this hacker group is significant, having been found to have targeted critical areas of geopolitical influence. These are thought to include examples such as Emmanuel Macron’s campaign, the German parliament, and the Democratic National Committee.
Fancy Bear has made deadly use of malware attacks and spear phishing in subduing and infiltrating its targets, perhaps pointing to lacking cybersecurity defences of those within the sights of the allegedly Russia-linked group.
The “Homeless Hacker”, Adrian Lamo, is also among the most formidable hackers to have ever operated. His unique nickname was earned by his constant moving between locations, with this even including living in abandoned buildings and operating out of libraries.
His reputation moved quickly between being considered an agent of security protection, and a notorious hacker. In 2001 he worked toward creating more robust security for Worldcom, but only a year later he hacked The New York Times.
Following the issuance of his arrest warrant, Lamo evaded capture before surrendering to the police. In the years following this he faced an order to pay $65,000 to make up for the damage. The New York Times was not the only organisation he was found to have breached the security of Yahoo!, Microsoft, and LexisNexis.
Lamo was also connected to donating money to WikiLeaks when part of a donors list was revealed, this connection may have been concerning news for some as it aligns his formidable cyber skills with a will to reveal secret information.