10 most audacious hacking attacks of all time
IMAGINED TO BE super-high-tech geeks deciphering ridiculous lines of code or pimple-covered glass-wearing nerds hiding in their moms’ basements, these hackers have been orchestrating damaging attacks on the networks of governments, corporations, and other large organizations while simultaneously helping with the development of the World Wide Web and the founding of major tech companies.
Here are 10 of the most audacious hacker attacks in the past years.
1. Kevin Poulsen
Known as “Dark Dante”, Poulsen gained recognition for hacking L.A. radio’s KIIS-FM by taking over all of the station’s phone lines and “winning” a Porsche during a contest.
He ultimately ended up pissing off the FBI after wiretapping a Hollywood actress and hacking into the US Army and FBI computers.
After months on the run, he was eventually ambushed in a supermarket, and sentenced to 51 months in prison, ordered to pay $56,000 to the radio stations, and banned from using a computer for three years.
Today, Kevin Poulsen is a senior editor for Wired.com News and has helped identify over 700 sex offenders with MySpace profiles.
2. Adrian Lamo
Dubbed the “homeless hacker,” Adrian Lamo used Internet connections at Kinko’s, coffee shops, and libraries to infiltrate major organizations like The New York Times and Microsoft.
His intrusions consisted mainly of penetration testing, finding flaws in security, exploiting them and then informing companies of their shortcomings. His targets include Yahoo!, Bank of America, Citigroup and Cingular.
Things started heating up when, in February 2002, he broke into the New York Times’ intranet, added his name to a list of Op-Ed contributors, and spent countless hours searching himself on Lexis-Nexis. The FBI claimed the Lexis-Nexis searches cost the Times $300,000 and Lamo faced 15 years in jail for the breach.
In the end, he was sentenced to two years probation and ordered to pay $65,000.
3. Michael Calce
While other teenagers his age were thinking about parties and girls, 15-year-old Canadian Michael Calce (also known as “Mafiaboy”) spent his afternoons on his computer and became famous for executing the first major distributed-denial of service attack (DDoS) responsible for crippling some of the Internet’s most popular websites.
He set out to make a name for himself in February 2000 when he took down the website of the no.1 search engine and second most popular website at the time: Yahoo!
As if that feat wasn’t enough, he went on and hammered the servers of CNN, eBay, Dell, and Amazon in a wave of highly-publicized attacks that were the first to show the world how easily one kid can knockout major websites.
Calce was ultimately picked up by the Canadian police and faced 3 years in jail, but was sentenced to eight months in a juvenile detention center and forced to donate $250 to charity.
4. Jonathan James
In 1999, Jonathan James broke into military computers and installed a backdoor into a Defense Threat Reduction Agency (DTRA) server, part of the Department of Defense, and collected sensitive emails and employee usernames and passwords.
Just for fun, he also hacked into NASA computers, stealing approximately $1.7 million worth of software that controlled the living environment on the International Space Station, forcing the agency to shut down its computer systems for three weeks, and costing thousands of dollars in security upgrades. James later explained that he downloaded the code to supplement his studies on programming, but claimed that “the code itself was crappy [...] certainly not worth $1.7 million”.
He was arrested and banned from recreational computer use and was sentenced to serve 6 months under house arrest with probation. However, he served 6 months in prison for violation of parole.
But unlike other hackers, his story has a tragic twist: He committed suicide in 2007. In his suicide note, he denied having anything to do with a hacker attack he was being investigated for. The last words were: “I lost control over this situation, and this is my only way to regain control.”
5. Robert Tappan Morris
In 1988, while enrolled as a graduate student at Cornell University, Robert Tappan Morris created a monster: the Morris Worm.
He designed the first self-replicating computer worm and unleashed it in the world wide web to check how deep the internet hole goes.
He surely didn’t expect it to backfire, replicating itself beyond control as it infected thousands of computers, costing millions of dollars in damage, and inspiring the U.S. government to create a emergency response for computers known as the CERT.
Morris was eventually charged for his accidental crimes and ordered to pay $10,000 and do 400 hours of community service.
He is currently working as a professor at the MIT, and the worm’s source code is archived on a black 3.5-inch floppy disk on display at the Boston Museum of Science.
6. David Smith
In 1999, David L. Smith, pleased by a stripper’s performance in Florida, decided to immortalize her memory by creating a computer virus baring her name.
Using a stolen America Online account, Smith posted a Word document infected with “Melissa” to a discussion group on America Online, purporting it to be a list of usable log-in information to pornography sites.
Smith’s virus spread like wildfire through email, forwarding itself to fifty email accounts on every infected computer, and which, over time, overloaded email servers and forced companies such as Microsoft, Intel, Lockheed Martin, and Lucent Technologies to shut down their email networks.
In the end, more than one million PCs were infected, causing $80-million dollars in damage worldwide. For his idea of a virtual lapdance, Smith faced 10 years in jail, $5,000 in fines, but served just 20 months behind bars.
7. Kevin Mitcnick
No hacker article is complete without mentioning Kevin Mitnick, one of the most notorious hackers in the last two decades. His mischief was hyped by the media but his actual offenses may be less notable than his notoriety suggests.
Described as “the most wanted computer criminal in United States history”, Mitcnick started out exploiting the Los Angeles bus punch card system to get free rides, then dabbled in phone hacking.
Mitnick’s mischief got serious when he went on a hacking spree targeting Motorola, NEC, Nokia, and Fujitsu Siemens systems, stealing corporate secrets, scrambling phone networks and infiltrating the national defense warning system.
He ultimately made his biggest mistake by breaking into fellow hacker Tsutomu Shimomura’s home computer, which led to his undoing.
After a well-publicized pursuit, the FBI arrested Mitnick on Valentine’s Day, 1995. He served five years in jail and about 8 months of it in solitary confinement thanks to law enforcement officials who claimed he could “start a nuclear war by whistling into a pay phone”.
The most audacious hacker attack on this list was most likely committed by a nation, according to experts, which perpetrated against a very specific and sophisticated target.
Discovered in June 2010, the worm Stuxnet spread out, mainly in Iran, and shut down a fifth of the country’s nuclear centrifuges causing them to self-destruct by spinning wildly out of control.
Researchers all agree that the worm was built by a very sophisticated and capable attacker and designed to harm computers and networks that met specific configuration requirements. The worm also avoided being detected by creating “situation normal” messages on computers monitoring centrifuges while it was in fact busy destroying them. A real marksman’s job.
The source of the worm was never discovered.
9. Sony and the Playstation Network
One of the most recent hacker attacks that made the headlines this year, thanks to thousands of angry geeks unable to access their favorite games online, was perpetrated on Sony’s Playstation Network database.
More than 100 million Sony customers were affected last year when an unknown group of hackers breached into the network and scooped up data on their names, addresses, emails, login IDs, passwords, and credit-card numbers.
Nobody to date knows who was behind the massive attack, even though many pointed fingers at one of the biggest hacker groups in the last few years, which finally leads us to number 10.
10. Anonymous group
I couldn’t end the article without mentioning the most famous and active group of hackers in recent times.
“Anonymous” is a nebulous collective of hackers who, for the past few years, have been engaged in various types of protests and civil disobedience and have been orchestrating campaigns against institutions and governments who seek to censor the web and hinder free expression.
They are famous for their attack against the Scientology church, the Westboro Baptist church, the HBGary Federal, and the Bay Area Rapid Transit shutdown, as well as their support to Wikileaks, the Iranian Green Revolution and The Arab Spring revolutions.
Their public statements are generally rife with mischief, often mocking their targets for their lack of security, but the bigger picture is that their actions are increasingly conscientious and pointed, supporting social movements and fighting for a bigger cause.
Will this new brand of cyber activism referred to as “hacktivism” help tip the balance in favor of Change around the world?