Computer crimes have had a long standing history with major events changing and shaping the future of the information security field over the years. While some of these attacks were carried out by hobbyists testing out their skills not knowing the magnitude of the damage they can cause, other have been planned and were evidently ominous. We’ll take a look at the major events and how the response to these attacks has shaped has shaped how we respond to attacks the cybersecurity landscape.
Physical Damage
If you followed the previous posts on the evolution of computers, you’d notice that physical damage to equipment posed the most risk to computer systems in the ‘60s and ‘70s as these devices were stand-alone devices. You’d think that’s a threat that could be easily defended against but in a production environment in large corporations that run data centres, it’s a different story altogether. Major events have occurred in the past that still hold a place in history. Examples include:
1968 Olympia, WA: An IBM 1401 in the state is shot twice by a pistol-toting intruder
1970 University of Wisconsin: Bomb kills one and injures three people and destroys $16 million of computer data stored on site
1970 Fresno State College: Molotov cocktail causes $1 million damage to computer system
1972 Johannesburg, South Africa: Municipal computer is dented by four bullets fired through a window
1972 New York: Magnetic core in Honeywell computer attacked by someone with a sharp instrument, causing $589,000 of damage
1978 Lompoc, CA: Vandenburg Air Force Base: A peace activist destroys an unused IBM 3031 using a hammer, a crowbar, a bolt cutter, and a cordless power drill as a protest against the NAVSTAR satellite navigation system, claiming it gives the United States a first-strike capability.
The damage caused by each one of these events cost a good deal amount of money especially if converted to today’s dollars. The increase in other methods of sabotaging computer security hasn’t reduced the physical abuse to computers.
Albert the Saboteur
This in an interesting story of physical damage. In the early 70’s in Denver at the National Farmers Union Service Corporation, a computer system (Burroughs B3500) crashed a 56 times within a two-year period. Several experts were flown from several parts of the country to investigate and find a permanent solution to the problem but most concluded that power fluctuation is the reason why this issue exists; The corporation spent a significant amount of money to ensure power stability and a CCTV camera was also installed in the computer room when the issue persisted.
Old Albert, a night-shift operator helped called in the crash more than once and helped the experts and technicians get coffee and food to make them feel comfortable. Somehow Old Albert knows the exact time the crashes occur as he’s always spot on when he calls in and all the crashes also happened to occur on is shift. However, something strange occurred after this CCTV was installed, security guards saw good old Albert open up a disk cabinet and poke his car key into the read/write head solenoid, shorting it out and causing the 57th head crash.
Old Albert was confronted and he admitted to crashing the systems intentionally. AN interesting fact was however discovered when psychological investigation was launched, Old Albert felt useful again when he helped the experts clean and run errands as he doesn’t have human interaction due to his shift timing so he longed for the attention.
Impersonation
This is a technique used by attackers to present themselves as someone else either over the phone or physically in order to gain access to restricted information, product or services. It is a major part of Social Engineeringand has a long standing history. Examples of individuals that made their mark here includes, Jerry Neal Schneider and Kevin Mitnick.
Jerry Neal Schneider
A notorious computer-related crime started in 1970, when teenager Jerry Neal Schneider used Dumpster diving to retrieve printouts from the Pacific Telephone and Telegraph (PT&T) company in Los Angeles. After years of collection, he had enough knowledge of procedures that he was able to impersonate company personnel on the phone. He collected yet more detailed information on procedures. Posing as a freelance magazine writer, he even got a tour of the computerized warehouse and information about ordering procedures. In June 1971, ordered $30,000 of equipment to be sent to a normal PT&T drop-off point—and promptly stole it and sold it. He eventually had a 6,000-square-foot warehouse and 10 employees. He stole over $1 million worth of equipment—and sold some of it back to PT&T. He was finally denounced by one of his own disgruntled employees and became a computer security consultant after his prison term.
Extortion
This is a situation that occurs when an important file or device is stolen and money is being requested for its release. Also called ransom and where the term Ransomware(a type of malware that encrypts a file on an compromised computer and a decryption key only known to the attacker is needed to decrypt the file) is coined.
Russian Hacker
An example of this occurred in the past when a 19-year old Russian hacker in 1990 that stole over 300,000 credit card records from the CD Universe website. He sent an extortion note that read: “Pay me $100,000 and I’ll fix your bugs and forget about your shop forever … or I’ll sell your cards [customer credit data] and tell about this incident in news.” Refused by CD Universeowners, he promptly released 25,000 credit card numbers via a Web site that becameso popular with criminals that Maxus had to limit access to one stolen numberper visit.
Trojan Horses
A program that looks and pretend to be clean and useful but contains a harmful payload. The term Trojan has been used in history long before the days of computer systems. During the war, soldiers would hide underneath carts pulled by horses to infiltrate enemy camp.
Haephrati Trojan
A case that made the news in the mid-2000s began when Israeli author Amon Jackont was upset to find parts of the manuscript on which he was working posted on the Internet. Then someone tried to steal money from his bank account. Suspicion fell on his stepdaughter’s ex-husband, Michael Haephrati. Police discovered a keystroke logger on Jackont’s computer. It turned out that Haephrati had also sold spy software to clients; the Trojan was concealed in what appeared to be confidential email. Once installed on the victims’ computers, the software sent surveillance data to a server in London, England. Haephrati was detained by U.K. police and investigations began in Germany and Israel. Twelve people were detailed in Israel; eight others were under house arrest. Suspects included private investigators and top executives from industrial firms. Victims included Hewlett-Packard, Ace hardware stores, and a cable-communications company. Michael and Ruth Haephrati were extradited from Britain for trial in Israel on January 31, 2006. They were accused of installing the Trojan horse program that activated a key logger with remote-reporting capabilities. In March 2006, the couple were indicted in Tel Aviv for corporate espionage. They pleaded guilty to the charges and were sentenced to four and two years of jail, respectively, as well as punished with fines.
The story did not end there, however. Two years later, “Four members of the IsraeliModi’in Ezrahi private investigation firm were sentenced on Monday after they werefound guilty of using Trojan malware to steal commercially sensitive information fromtheir clients’ competitors.”
Worms & Viruses
Several attacks of warms and viruses have occurred in the past and we’re used to them already but the one that tops the chart for me is Stuxnet. It tops because this was used to attack a foreign system to destroy weapons of mass destruction.
Stuxnet
In July 2010, reports surfaced of a zero-day threat to SCADA systems using Siemens AG’s SimaticWinCC and PCS 7 software. Analysts found that the Stuxnet worm was designed for industrial espionage; however, the same techniques could have been used for sabotage. Experts expressed concern that the worm was signed using valid digital certificates from Taiwanese companies and that the complex code implied considerable knowledge of the SCADA software. Further analysis of the malware code suggested that the software was developed by the United States and Israel and used at least as early as November 2007
To be Continued…..
Credits: Computer Security Handbook
