The Worst Hacks of the Decade

Over the last decade, hacking became less of a novelty and more of a fact of life for billions of people around the world. Regular people lost control of their data, faced invasive surveillance from repressive regimes, had their identities stolen, realized a stranger was lurking on their Netflix account, dealt with government-imposed internet blackouts, or, for the first time ever, literally found themselves caught in the middle of a destructive cyberwar.

It’s been apparent for decades that an increasingly computerized world would inevitably invite constant digital threats. But the actual evolution of hacking—with all its scams, criminal black markets, and state sponsored forces—has been characteristically human, not a sterile, dispassionate artifact of an unknown future. Here in chronological order are the data breaches and digital attacks that helped shape the decade. Take an anxiety-inducing stroll down memory lane—and stay safe out there.

Stuxnet

Stuxnet was the first piece of malware to cause physical damage to equipment in the wild, crossing a long-feared line. Created by the United States government and Israel, the worm was used in 2010 to destroy centrifuges in an Iranian nuclear enrichment facility. Stuxnet chained four so-called zero day vulnerabilities together to first target Microsoft Windows, and then search for an industrial control software called Siemens Step7 on the compromised network. From there, Stuxnet manipulated the programmable logic controllers that automate industrial processes. Though Stuxnet hit the Iranian nuclear program, it could have been used in other industrial settings as well.

Shamoon

Shamoon is a Windows “wiper” that indexes and uploads a computer’s files for attackers and then wipes the data and destroys the target computer’s “master boot record,” the fundamental first sector of a computer’s hard drive. Shamoon can spread across a network, and was famously used in a destructive attack in August 2012 against the Saudi Arabian oil company Saudi Aramco, essentially bricking 30,000 computers. A few days later, Shamoon struck the Qatari company RasGas.

Shamoon was developed by Iranian state-backed hackers, seemingly drawing inspiration from offensive hacking tools created by the National Security Agency, including Stuxnet and the espionage tools Flame and Duqu. An evolved version of Shamoon resurfaced in a series of attacks during 2017 and 2018. The worm is significant for being one of the first used in nation state attacks that was built both for data destruction and to render infected devices inoperable.

Sony Hack

On November 24, 2014 a red skeleton showed up on computer screens across the United States operations of Sony Pictures Entertainment. Hackers calling themselves “Guardians of Peace” had infiltrated the company’s networks and claimed to have stolen 100 terabytes of data. They later dumped hundreds of gigabytes, including unreleased Sony films, emails, internal emails, actor compensation details, and employee information like salaries, performance reviews, sensitive medical data, and Social Security numbers. The attackers wreaked havoc on Sony’s systems, not only stealing data, but releasing wiper malware to delete files and configurations so Sony would have to rebuild large portions of its digital infrastructure from scratch. The hack was eventually revealed to be the work of the North Korean government, in apparent retaliation for the release of The Interview, a comedy about the assassination of Kim Jong-un.

Office of Personnel Management Breach

One of the most insidious and important data breaches of the decade is the Office of Personnel Management breach, which was really a series of breaches and infections orchestrated by China during 2013 and 2014. OPM is the human resources and administrative department for US government employees, and it stores a large amount of very sensitive data, because it manages security clearances, conducts background checks, and keeps records on every past and present federal employee. For hackers seeking insight into the US federal government, it’s an unparalleled treasure trove.

Decade in Review

WIRED looks back at the promises and failures of the last 10 years

Hackers linked to the Chinese government entered OPM’s network twice, first stealing the technical blueprints for the network in 2013, then initiating a second attack shortly thereafter in which they gained control of the administrative server that managed the authentication for all other server logins. In other words, by the time OPM fully realized what had happened and acted to remove the intruders in 2015, the hackers had been able to steal tens of millions of detailed records about every aspect of federal employees’ lives, including 21.5 million Social Security numbers and 5.6 million fingerprint records. In some cases, victims weren’t even federal employees, but were simply connected in some way to government workers who had undergone background checks. (Those checks include all sorts of extremely specific information, like maps of a subject’s family, friends, associates, and children.)

social experiment by Livio Acerbo #greengroundit #wired https://www.wired.com/story/worst-hacks-of-the-decade