November 13, 2015
As the world becomes more and more integrated with technology, the need to protect our systems from cyber attacks only increases. Firewalls and security strategies are refined every year simply to try and stay ahead of the equally sophisticated cyber threats, but sometimes it isn’t enough. In recent memory, high profile attacks have procured the information of thousands of individuals. Ashley Madison, Target, and even the Sony Playstation Network have all been breached.
We have the notion that shadowy groups of rogue hackers infiltrate networks to steal information for profit, but governments have come to use cyber-warfare as well. In 2015, North Korea was implicated in an attack on Sony Pictures to disrupt the release of the comedy film The Interview.
Cyber attacks are diverse, widespread, and can range from standard identity theft to acts of terrorism. Understanding their methods, platforms, and origins is the first step to combating these threats.
Types of Cyber Attacks Today
- Trojan Horses: Named from the Greek fable, a Trojan Horse cyber-threat (or Trojan) works similarly to Odysseus’s ploy. Instead of being a threat in-and-of itself, a Trojan appears initially as an innocuous file often attached to an email as an image. Once inside the system, it remains hidden while it downloads the real threats to the computer like spyware, malware, or other viruses. The infected computer doesn’t even know it has been infected.
- Unpatched Software: When software is left unpatched, holes within the programs can be exploited, and hackers can gain entrance into networks. Programs such as Java, Adobe reader, Adobe Flash, and Windows updates are common targets for these sorts of attacks.
- Phishing Attacks: Where most cyber-threats exploit vulnerabilities in a computer’s system, phishing attacks exploit our own gullibility and trusting nature. A phishing attack can be a text message, email, or even a printed letter sent to a user from what appears to be a reputable source. The correspondence will instruct the user to submit personal information like account numbers, passwords, usernames, or similar data to the phisher. From there, the hacker can retrieve all the information they want.
- Network-Traveling Worms: The first internet attack was a network traveling worm (see below), and they still exist today. Many network worms will try to gain access to the network by using a list of bad passwords to gain entry. This approach can also be called a “brute force attack.”
- Advanced Persistent Threats (APT): These threats are designed to steal intellectual property. By using phishing tactics or specific Trojans, APTs enter a system and compromise an entire network in a very short amount of time. Hackers are no longer lone wolves, but instead work in sophisticated groups looking to steal assets and sell them to competitors or ransom them back to the victimized company.
The Morris Worm: The First Cyber Attack
The first cyber-attack began with good intentions and unexpected consequences. It was less of an attack and more of a monster accidentally unleashed. In 1988, Cornell University graduate student, Robert Tappan Morris, developed a program to assess the size of the internet. The program would crawl the web, install itself on other computers, and then count how many copies it made. Once tallied, the results would indicate the number of computers connected to the internet.
Problems arose as Morris tried to ensure accuracy in his program. The worm functioned by asking computers if it already had a copy of the worm installed in its system. If the computer answered “no,” the worm would install itself. Because of this simplicity, it was easy to counter. A process only needed to artificially command a computer to respond “yes” to the worm’s inquiries and the worm would uselessly move on. Morris addressed this concern by commanding the worm to install itself regardless of the answer every one out of seven times.
This rule made the worm install itself repeatedly over and over as it rapidly asked the same computers the same question. With each installation, the infected computers would become further debilitated until they finally crashed. It was the first Distributed Denial of Service (DDoS) attack, and it was entirely by accident.
In total, the worm damaged approximately 6,000 computers (10% of the entire internet at the time). The estimated cost of repairing the effects of the worm range between $100,000 and $1 million or between $201,000 and $2.9 million adjusted for inflation. Morris was charged with the violation of the Computer Fraud and Abuse Act, and his sentence included fines, plus three years of probation and community service.
Four Notorious Cyber Attacks
- LA KIIS FM Porsche (1995): In an amusing cyber-attack, Kevin Poulsen used his hacking ability to cheat in a radio contest. LA KIIS FM was giving away a Porsche to the 102nd caller, and Poulsen naturally wanted to win. He infiltrated the phone network to block their ability to receive calls, so Poulsen was assured the 102nd caller slot. Despite winning the Porsche, he was eventually caught and sentenced to five years in prison.
- Internet Attacked (2002): In 2002, the internet was hit directly. By targeting the thirteen Domain Name System (DNS) root servers, a DDoS attack assaulted the entire internet for an hour. While most users were unaffected, the DDoS attack could have shut down the internet if it had been sustained for a longer period. Up until this point there had never been such a sophisticated cyber-attack launched on such a large scale.
- The Church of Scientology (2008): A hacker group known as Anonymous targeted the Church of Scientology website for a DDoS attack. The attack was orchestrated as part of a political activism movement against the church called “Project Chanology.” In one week, the Scientology website was hit with as many as 500 DDoS attacks. Some of these were strong enough to even bring the website down. A New Jersey teenager was sentenced to two years’ probation and hefty fines for the crime.
- JPMorgan Chase (2014): The accounts of 76 million households and 7 million small businesses were compromised in a cyber-attack during the summer of 2014. The hackers gained access to names, addresses, phone numbers, and emails of the account holders, but there was no evidence that passwords or Social Security number had be retrieved.
Like what you read?
Mindsight, a Chicago IT consultancy and services provider, is an extension of your team. Our culture is built on transparency and trust, and our team is made up of extraordinary people – the kinds of people you would hire. We’ve always prided ourselves in delivering the full spectrum of IT services and solutions, from design and implementation to support and management. Our highly-certified engineers and process-oriented excellence have certainly been key to our success. But what really sets us apart is our straightforward and honest approach to every conversation, whether it is for a local business or global enterprise. Our customers rely on our thought leadership, responsiveness, and dedication to solving their toughest technology challenges.