Cyber spying is now becoming more sophisticated and widespread both on the international and domestic stages. Cyber terrorists can attack you from any place in the world at any time if you don’t secure your computer properly. What more embarrassing about cyber espionage is that victims don’t often know that they are under constant threat for years. In the case of increasing business competition, even the smallest companies have to consider options for cyber espionage prevention. If you still don’t believe in enormous capabilities of cyber attackers, let’s look at the list of 10 biggest cyber espionage cases that affected companies, governments, and even nations.
In 1999, Newsweek revealed the first case of coordinated cyber espionage in the United States. A series of cyber attacks began in 1998 and resulted in thousands of stolen documents containing confidential information about American military technologies. Hackers broke into the network of Wright Patterson Air Force Base and then connected to military research institutions. The Russia was blamed in these attacks, but there was a lack of proves. The malware implemented during the Moonlight Maze operation is still widely used for modern attacks.
Within two years from 2003 to 2005, the U.S. government computers were under constant threat arranged by Chinese military hackers. Titan Rain also included attacks on the UK defense and foreign ministries that continued till 2007. This was the first case of cyber espionage sponsored by a state. The hackers penetrated into the network computers using different methods and tried to steal away as much information as possible. The complicity of the Chinese government in this operation wasn’t proven, but countries became more cautious about cyber espionage attacks.
In 1997, Gillette suffered from industrial espionage after its engineer disclosed corporate information to the company’s competitors. Steven Louis Davis worked on the development of a new razor, but then because of quarrels with his supervisor, the engineer stole the designed technology of the new shaver system and revealed it via email and fax to Gillette’s competitors. Davis was found guilty in industrial espionage and sentenced to 27 months in jail.
Starting from 2012, Chinese government hackers allegedly attacked the U.S. Office of Personnel Management and stole personal information about 21 million Americans. As the result of this cyber espionage, perpetrators gained an access to the sensitive data about people who worked or applied for the federal government, including military service. The data leakage was discovered in June 2015 when OPM personnel detected a malware that built a backdoor into the network. A Chinese national suspected in the malware development was arrested only in 2017. Though OPM representatives assured that no one suffered because of hacker’s intrusion, the long-term results of this data breach are still unknown.
In the beginning of 2010, Google claimed that the company was attacked by of a series of cyber threats originated from China. Apart from Google, hackers also attacked more than 20 international companies, including Adobe Systems and Yahoo. Google said that its intellectual property was stolen and Gmail accounts were also under persistent threats. The company even considered stopping censoring its search results in China. Attacks were performed exploiting a vulnerability in Internet Explorer and combining stealth programming and encryption techniques.
In 2009, Canadian researchers revealed a large spy network called GhostNet that arranged an intrusion into more than one thousand computers in 103 countries. Perpetrators got unauthorized access to the network of the Dalai Lama offices and used it for compromising other computers. Besides, the attacks were also performed on the foreign ministers and embassies of Germany, Pakistan, India, Iran, South Korea, and Thailand. The Chinese government denied any involvement in the attacks.
In 2011, McAfee reported about the Night Dragon operation initiated by Chinese hackers for attacking the largest European and American energy businesses, including Royal Dutch Shell and Baker Hughes. This was one of the biggest cyber espionage cases when intruders got an access to topographical maps with potential oil reserves. According to McAfee report, attackers used a range of unsophisticated hacking tools and techniques that were available on Chinese hacker websites.
Another case of cyber espionage infected the computers of John McCain and Barack Obama during their presidential campaigns in 2008. Chinese or Russian hackers allegedly installed spyware on the computers of these two presidential candidates and stole sensitive data related to foreign policy. The cyber attack was initially considered as a computer virus, but then technology experts discovered a leakage of the considerable amount of files. The data leakage was revealed only after the presidential election during the federal investigation.
In 2009, Pentagon reported that the Fighter-Jet Project came under assault from unknown intruders. This multi-billion project of the next generation fighter became a victim of coordinated cyber espionage attacks during two years. Attackers used computers located in China for stealing a massive volume of data about electronics and internal maintenance. Fortunately, the most sensitive information was kept offline and terrorists weren’t able to access it. Though, the U.S. officials suspected Chinese hackers, the true origin of the perpetrators remained undefined.
Operation Shady RAT is undeniably one of the biggest cyber espionage cases in the history, as it affected more than 70 companies and organizations in since 2006. Victims included the International Olympic Committee that was compromised during several months prior to the 2008 Olympic Games in Beijing. The United Nation and the World Anti-Doping Agency were also under the attack. McAfee identified previously unknown malware that was spread via e-mail with a link to a self-loading remote-access tool, or rat. Cyber terrorists got an authorized access to legal contracts, government secrets, and other sensitive data. Chinese hackers have allegedly arranged the operation, as all countries of Southeast Asia suffered from the attacks except China.
As you can see, cyber hackers can attack you either inside or outside the company, so you should always be ahead of the game. In order to protect your sensitive information against any unauthorized access, consider options for cyber espionage prevention that will ensure employee monitoring and external intrusion blocking.
About the Author Marcell Gogan
(Security Affairs – Cyber espionage, hacking)