CyberWAR Timeline #ourCOG Roundup

2001

July

The worm named Code Red affects computer networks running a Microsoft operating system. Some websites, including the White House site, are disabled.

2003

Anonymous, the group of hackers who refer to themselves as “Internet activists” and attack government, corporate, and religious websites, is organized. While the group avoids adhering to a strict philosophy, its members seem united in their opposition to censorship.

February

President George Bush announces the creation of a new office under the Department of Homeland Security, the National CyberSecurity Division, and lays out a National Strategy to Secure Cyberspace to protect the nation’s computer and information systems from a cyberattack.

November

Hackers, believed by U.S. officials to be backed by the Chinese military, search to find vulnerable computers in the military’s computer network and steal sensitive information. The attacks continued for about three years and were given the name Titan Rain by U.S. officials.

2006

December

NASA begins to block emails with attachments prior to the launch of space shuttles to prevent hackers from sabotaging launch plans by gaining unauthorized access to the agency’s computer network.

2007

April–May

Estonia’s government websites are hacked by distributed-denial-of-service-attacks and are compromised for 22 days. The hackers are believed to be backed by the Russian government. Targets include the president’s office, Parliament, law enforcement officials, and Estonia’s two biggest banks.

June

The email account of U.S. Secretary of Defense Robert Gates is hacked. Officials blame China’s People’s Liberation Army.

September

British government officials announce that hackers have breached the computers of the Foreign Office and other government agencies. The hackers are believed to be members of China’s People’s Liberation Army.

2008

July

In the weeks before the war between Russia and Georgia, Georgia is hit by distributed-denial-of-service-attacks and many of the government’s computer networks are disabled, including that of President Mikheil Saakashvili. Media and transportation companies are also affected. Georgian officials accused Russia of launching the attack.

October

Pentagon officials discover that a flash drive containing a covert program was inserted into a laptop at a base in the Middle East. The program collected data from a classified Department of Defense computer network and transferred it to computers overseas. Government officials say the hack was carried out by a foreign intelligence agency and called the intrusion, “most significant breach of US military computers ever.”

2009

January

Israel’s government Internet sites are attacked during the conflict with Hamas in the Gaza Strip. Government computers are barraged with as many as 15 million junk emails per second, and the computers are temporarily paralyzed. Israel suspects Hamas financed the hack.

March

Canadian researchers at the Munk Center for International Studies at the University of Toronto, announce that hackers based in China had penetrated almost 1,300 computers in 103 countries, including those belonging to embassies, government offices, and the Dalai Lama, and stole documents and other information.

December

News reports say that Iraqi insurgents had hacked into live feeds being sent by U.S. drones to military officials on the ground.

2010

April

University of Toronto researchers report that hackers broke into India’s Defense Ministry and stole classified information about the country’s national security system. The report, which points the finger at China, also says that the computers of embassies throughout the world had been compromised.

June

Security experts discover Stuxnet, the world’s first military-grade cyber weapon that can destroy pipelines and cause explosions at power plants and factories, as well as manipulate machinery. It is the first worm that corrupts industrial equipment and is also the first worm to include a PCL (programmable logic controller), software designed to hide its existence and progress. In August, security software company Symantec states that 60% of the computers infected with Stuxnet are in Iran.

August

The Pentagon declares cyberspace the “new domain of warfare.”

November

Iranian president Mahmoud Ahmadinejad acknowledges that the Stuxnet worm destroyed about 1,000 of the country’s 6,0000 centrifuges at its nuclear facility in Natanz. Israel and the U.S. are believed to be behind the attack in an attempt to slow Iran’s progress toward obtaining nuclear weapons.

December

Anonymous attacks several businesses seen as “enemies” of WikiLeaks. The action was in response to the arrest of WikiLeaks founder, Julian Assange. In 2010, WikiLeaks provided several news organizations with hundreds of thousands of secret government and military documents about the wars in Iraq and Afghanistan, as well as cables that gave a behind-the-scenes look at American diplomacy from the perspective of high-level officials.

2011

June

Officials at the International Monetary Fund report that in the previous months it had been hit by “a very major breach” of its computer systems. The FBI announced evidence linking the Chinese government to the attack.

December

Malware, named Mahdi after the Messiah in Islam, infiltrates about 800 computers of government officials, embassy employees, and other businesspeople in Iran, Israel, Afghanistan, the United Arab Emirates, and South Africa. The malware was embedded in email attachments and users who opened the documents were susceptible to having their emails and instant messages read by hackers.

2012

May

Flame, malware that attacks computers using Microsoft Windows, is discovered. Its development is believed to have been state-sponsored. A report, released by Budapest University’s CrySyS Lab, states that “arguably, it is the most complex malware ever found.” Flame is capable of recording Skype conversations, audio, keyboard activity, network traffic and screenshots. It is spread over a local network or USB stick. Flame also has a kill command, wiping out all traces of it from the computer.

May

The U.S. Department of Homeland Security announces that spear fishers have penetrated the computer systems of U.S. gas pipeline systems.

August

Hackers, who say they are Islamic and call themselves the Cutting Sword of Justice, infiltrate the computer networks of Saudi Aramaco, a Saudi Arabian oil company, and wipe out the hard drives of about 30,000 computers. Hackers left their calling card on each affected computer, displaying an image of an American flag on fire.

September

Nine banks in the U.S., including the Bank of America, Wells Fargo, and JP Morgan Chase, were hit by a distributed-denial-of-service attack that denied customers access to the banks’ websites for several days. The Islamic hacktivist group Izz ad-Din Al-Qassam Cyber Fighters (also called the Al-Qassam Brigades) takes responsibility for the attack. The group is linked to the military wing of Hamas.

October

U.S. Secretary of Defense Leon Panetta warns that the U.S. must protect itself against a “cyber Pearl Harbor.”

2012–2013

The New York Times is hacked several times between late 2012 and early 2013 after publishing an article that investigated how members of former Prime Minister Wen Jiabao’s family benefitted financially from state contracts. The hacking included gaining access to the paper’s computer systems and acquiring employee’s passwords. A day after The New York Times reported the incident, the Wall Street Journal reveals in a statement that hackers had infiltrated it, too, “for the apparent purpose of monitoring the newspaper’s China coverage.”

2013

August 27

The New York Times website is shut down for about 20 hours after being hacked, allegedly by the Syrian Electronic Army, a group of hackers who back Syrian president Bashar al-Assad. The attackers accessed the site through Melbourne IT, the vendor that registers domain names.

2014

May

The U.S. the Justice Department unsealed an indictment of five members of Unit 61398 of the Chinese People’s Liberation Army, charging them with hacking into the computer networks of Westinghouse Electric, U.S. Steel Corp., and other companies. Shanghai-based Unit 61398 is the cyber division of China’s national army. The move is considered largely symbolic since there is little chance the men will surrender.

July

American officials announced that Chinese hackers had breached the computer network of the Office of Personnel Management in March. They said they believe the hackers were targeting employees applying for top security clearances.