A Brief History of #State-Sponsored #Hacking

Cyberwarfare is becoming an increasingly-hot button issue. From alleged Russian interference in the 2016 Presidential election and in the Brexit campaign in the UK to Chinese spies supposedly installing malicious microchips in US government and military servers, cyberwarfare is all around us.

Even in the wake of the 2016 election, this current cycle of midterms has been subject to Russian interference, with the government and social media companies powerless to halt the Russian troll farms.

However, countries using the internet to get one over on their rivals has a surprisingly long and storied history. And the perpetrators are closer to home than you might think…

Markus Hess and Cliff Stoll

The first incident of state-sponsored hacking took place during the Cold War.

Back in 1986, Markus Hess, a West German citizen working for the KGB, hacked into US military computers. Hess intercepted communications and stole “sensitive semiconductor, satellite, space and aircraft technologies” from the US armed forces, and sold the data to the Soviet Union for the equivalent of $56,000.

At the same time, Cliff Stoll had just started a new job as a systems administrator at the Lawrence Berkeley National Laboratory in California. On his second day, Stoll’s boss asked him to look into a 75 cent accounting error in the lab’s accounting system.

However, Stoll discovered that this accounting error was the tip of an enormous iceberg. Stoll would track Hess’ actions for nearly two years, eventually planting a trap in the network which would lead to the US authorities which by this time included the CIA and FBI to be able to work out who the hacker was.

Hess went to trial in 1990, after West German authorities tracked him down. He was given a 20-month suspended sentence for espionage — scant punishment for a crime that didn’t have the notoriety it deserved.

Stoll went on to become relatively famous as an internet pioneer and for his book, The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage which recounted his experience of catching Hess.

Yahoo Hack 2013

You probably remember this one. Yahoo was hacked in 2013, but didn’t reveal the full scale of the breach until last year when it finally announced that 3 billion (yes, with a “B”) user accounts had been compromised taking names, email addresses, phone numbers, dates of birth, passwords and security question answers.

At the time, it was recognized as a huge data breach. But it didn’t emerge until last year that two of four hackers involved in the breach were Russian Federal Security Service (FSB) agents — the Russian equivalent of the CIA.

Igor Suschin wanted poster

The two FSB agents, Dmitry Dokuchaev and Igor Sushchin, “protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions.” But what would the FSB want with Yahoo user data?

It has been speculated that the security service was after the personal accounts of Russian journalists, government officials, and private firms. Neither of the FSB agents have come to trial.

Stuxnet

Possibly the greatest bit of digital espionage you’ve never heard of, Stuxnet was a virus that crippled Iran’s nuclear weapons program.

Stuxnet was first identified in 2010, as a worm which only infected the Siemens-manufactured networks which controlled Iran’s uranium enrichment capability. When Stuxnet found its way onto a machine, it would check whether it was connected to functions specifically associated with centrifuge management.

The Natanz nuclear facility where Stuxnet was deployed. Credit: Hamed Saber

If Stuxnet found that it was connected to centrifuge management functions, it was alter the programming of the centrifuge, making it spin too quickly and for too long, effectively destroying the uranium.

While neither government has acknowledged that Stuxnet exists, it’s widely accepted that it was created by the US and Israeli intelligence agencies. In fact, some speculate that it had been in development since 2005, this would mean the program was in operation during the Bush and Obama administrations.

The uranium enrichment plant at Natanz, about 160 miles south of Tehran wasn’t connected to the internet, meaning that the worm had to be physically installed on the systems by intelligence agents or unsuspecting employees.

It’s a true piece of cyberwarfare and caused significant disruption to the Iranian nuclear program. And, according to researchers at Symantec it was “by far the most complex piece of code we’ve ever looked at.”

How To Protect Yourself From Hacks

If you’re not involved in the Iranian nuclear program, you probably don’t need to worry about Stuxnet getting hold of your laptop. But, hacks can hit closer to home, too, usually driven by phishing scams and day-to-day virus attacks than can cost the security of your online accounts.

There are a few simple ways to protect your online data against everyday hacks and scams:

  1. Use a password manager – While it might not be able to prevent one account being compromised, and there’s little individual users can do about this, using a password manager will prevent hackers from being able to access other accounts using the same password.
  2. Install good antivirus and anti-malware protection – Windows and MacOS both have built-in antivirus protection, and both work pretty well. However, malware and ransomware pose different threats, and a third-party solution can help round-out your security.
  3. Browse with a VPN – VPNs hide your IP address as you browse, and effectively create a secure tunnel between your computer and the internet. It’s a great way of keeping your data secure in real time.

Source: https://tech.co/brief-history-state-sponsored-hacking-2018-11