Tuesday, June 12, 2012

Only seven cyber attacks. The term is widely over used.

Many analysts misuse the term cyber attack, making it seem that operations better classed as espionage or vandalism are more dramatic than they really are. According to the Department of Defense, Computer Network Attack(CNA) consists of actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves(see Joint Pub 3-13). I would be even more strict that the DoD and suggest that denial of service operations have to be extremely significant for them to be classed as an attack. A bank or government website being unusable for a few days is hardly in the same class of operation as destroying information throughout an organization to cripple its operations.

I would argue that there has been only 7 publicly known cyber attacks in history and 3 of them are probably by North Korea. It is not surprising that all the attacks relate to significant real world conflicts.

June 2012, South Korean Newspaper JoongAng Ilbo
In June 2012 cyber actors linked to North Korea attempted to destroy the newspaper's article database and the editing system which moves articles through the paper's intranet. Link.

April 2012, Iranian Oil Ministry
Unknown cyber actors launched an attack against the Oil Ministry to destroy key ministry information. Link.

March 2012, Al Qaeda forums knocked offline
Unknown cyber actors disabled several major Al Qaeda online forums, the forums remained offline for many weeks. Link.

February 2012, BBC news
In early 2012 cyber actors linked to Iran launched an attack against the BBC's Persian language service, the attack seemed to be coordinated with Iranian satellite jamming efforts. Link.

April 2011, South Korean National Agricultural Co-operative Federation(NACF, Nonghyup Bank)
In April 2011 cyber actors linked to North Korea destroyed 100s of the Nonghyup Bank's internal computer servers disrupting banking services for millions of customers for over a week. Link.

March 2011, DDoS against South Korean websites
In March 2011 an advanced DDoS attack was launched against a number of South Korean websites, the computers used by the botnet which launched the attack were rendered unusable after the attack by overwriting the hard drive's Master Boot Record(MBR). Link.

2008-2010 Natanz, the Iranian centrifuge plant
According to the New York Times the US launched a cyber attack against Natanz to destroy centrifuges. Link.

No comments:

Post a Comment