If the Watergate scandal happened today it probably wouldn’t involve a physical break-in at all, but a cyber attack.
With, for example, the US Government now planning to elevate its cyber command to one of the most important commands within the Department of Defense, it is obvious that cyber threats are being taken more and more seriously at the top echelons of government.
But what hacks have already happened, and what were the results? CBR looks at some of the biggest politically motivated hacks and cyber attacks.
The dates refer to when the attacks were first publicised.
1. The US Democratic Party, 2016
The Democratic National Committee saw its private emails stolen in a breach. The emails were released on the website Wikileaks.
They were said to expose the bias within the DNC against Hillary Clinton’s main rival Bernie Sanders, with DNC Chair, Representative Debbie Wasserman Schultz of Florida, being forced to resign after the leaks were published.
Reuters also reported that the Democratic Congressional Campaign Committee (DCCC) was hit in a cyber attack that was being investigated by the FBI. The DCCC is a fundraising body for Democrats running for seats in the House of Representatives.
Information available may have included personal details of donors, such as names, email address and credit card details.
2. G20, 2011
The Group of 20 (G20) summit in February 2011 was rocked by a cyber attack that involved an email delivering malware to French government computers.
This malware was aimed at the French finance ministry. It hit 150 of the finance ministry’s 170,000 computers.
It was delivered through a PDF document with embedded malware.
The G20 summit involved the central bank governors of the respective countries rather than the heads of government.
3. Operation Cleaver, 2014
Operation Cleaver was a cyber attack on critical infrastructure in 16 countries around the globe, linked to Iranian hackers.
Cyber security firm Cylance documented Operation Clear in a two-year investigation. It was so-named because the word ‘cleaver’ was used several times in the software that was used in the attack.
There were 50 targets, in a variety of critical industries including airlines and airports, energy, oil and gas, telecommunications companies, government agencies and universities.
The hacking team was fronting as a construction engineering company based in Tehran.
Large amounts of data were extracted. This data included sensitive employee information and schedule details; identification photos; information about airport and airline security; and PDFs of network, housing, telecom, and electricity diagrams.
4. US Government cyber-attack, 2010
This cyber attack started in 2008 when a USB stick infected with malware was placed in a car park at a US military base in the Middle East.
This flash drive was inserted into a military laptop, with the code promptly uploading itself onto a network run by the US Central Command.
The code spread undetected, channelling data to servers under the attacker’s control.
Former Deputy Defense Secretary William J. Lynn described the details of the attack in an article for Foreign Affairs in 2010.
In this article, he said that the malicious code had been placed on the flash drive by a foreign intelligence agency.
Lynn called this attack the “most significant breach of US military computers ever” and said it amounted to a “turning point” and an “important wake-up call.”
The attack led to the establishment of the US Cyber Command (USCYBERCOM).
5. Shadow Network, 2010
The Shadow Network is an espionage operation that stole classified documents from the Indian government and the office of the Dalai Lama, amongst other targets.
These documents included documents related to Indian security, embassies abroad and NATO troop activity in Afghanistan.
Used in the attacks were social network and cloud computing platforms.
It was uncovered by Information Warfare Monitor with the use of Palantir technology.
The Shadow Network is based in China.
This article is from the CBROnline archive: some formatting and images may not be present.