Jump to content

Cyberattacks by country

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by WarrenMichael1976 (talk | contribs) at 16:01, 12 July 2024 (Added Indonesia Ransomware attack 2024). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In Q2 of 2013, Akamai Technologies reported that Indonesia topped China with a portion 38 percent of cyber attacks, an increase from the 21 percent portion in the previous quarter. China was at 33 percent and the US at 6.9 percent. 79 percent of attacks came from the Asia Pacific region. Indonesia dominated the attacking to ports 80 and 443 by about 90 percent.[1]

Azerbaijan

Hackers from Azerbaijan and Armenia have actively participated in cyber warfare as part of the Nagorno-Karabakh conflict cyber warfare over the disputed region of Nagorno-Karabakh, with Azerbaijani hackers targeting Armenian websites and posting Ilham Aliyev's statements.[2][3]

Canada

"Chinese state-sponsored actor" attacked a research facility in Canada in 2011. Unknown hackers attacked Canada's foreign ministry in 2022.[4]

China

China's People's Liberation Army (PLA) has developed a strategy called "Integrated Network Electronic Warfare" which guides computer network operations and cyber warfare tools. This strategy helps link together network warfare tools and electronic warfare weapons against an opponent's information systems during the conflict. They believe the fundamentals for achieving success is about seizing control of an opponent's information flow and establishing information dominance.[5] The Science of Military and The Science of Campaigns both identify enemy logistics systems networks as the highest priority for cyberattacks and states that cyber warfare must mark the start of a campaign, used properly, can enable overall operational success.[5] Focusing on attacking the opponent's infrastructure to disrupt transmissions and processes of information that dictate decision-making operations, the PLA would secure cyber dominance over their adversary. The predominant techniques that would be utilized during a conflict to gain the upper hand are as follows, the PLA would strike with electronic jammers, electronic deception, and suppression techniques to interrupt the transfer processes of information. They would launch virus attacks or hacking techniques to sabotage information processes, all in the hopes of destroying enemy information platforms and facilities. The PLA's Science of Campaigns noted that one role for cyber warfare is to create windows of opportunity for other forces to operate without detection or with a lowered risk of counterattack by exploiting the enemy's periods of "blindness", "deafness" or "paralysis" created by cyberattacks.[5] That is one of the main focal points of cyber warfare, to be able to weaken your enemy to the full extent possible so that your physical offensive will have a higher percentage of success.

The PLA conducts regular training exercises in a variety of environments emphasizing the use of cyber warfare tactics and techniques in countering such tactics if it is employed against them. Faculty research has been focusing on designs for rootkit usage and detection for their Kylin Operating System which helps to further train these individuals' cyber warfare techniques. China perceives cyber warfare as a deterrent to nuclear weapons, possessing the ability for greater precision, leaving fewer casualties, and allowing for long-ranged attacks.

On March 2, 2021, Microsoft released an emergency security update to patch four security vulnerabilities that had been used by Hafnium, a Chinese nation-state-sponsored hacking group that had compromised at least 30,000 public and private Microsoft exchange servers.[6]

Estonia

The 2007 cyberattacks on Estonia were a series of cyberattacks that began on 27 April 2007 and targeted websites of Estonian organizations, including Estonian parliament, banks, ministries, newspapers, and broadcasters, amid the country's disagreement with Russia about the relocation of the Bronze Soldier of Tallinn, an elaborate Soviet-era grave marker, as well as war graves in Tallinn.[7][8] The attacks triggered a number of military organizations around the world to reconsider the importance of network security to modern military doctrine. The direct result of the cyberattacks was the creation of the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn.

Ethiopia

In an extension of a bilateral dispute between Ethiopia and Egypt over the Grand Ethiopian Renaissance Dam, Ethiopian government websites have been hacked by the Egypt-based hackers in June 2020.[9]

India and Pakistan

There were two such instances between India and Pakistan that involved cyberspace conflicts, starting in the 1990s. Earlier cyber attacks came to be known as early as 1999.[10] Since then, India and Pakistan were engaged in a long-term dispute over Kashmir which moved into cyberspace. Historical accounts indicated that each country's hackers have been repeatedly involved in attacking each other's computing database system. The number of attacks has grown yearly: 45 in 1999, 133 in 2000, 275 by the end of August 2001.[10] In 2010, Indian hackers laid a cyber attack at least 36 government database websites going by the name "Indian Cyber Army".[11] In 2013, Indian hackers hacked the official website of Election Commission of Pakistan in an attempt to retrieve sensitive database information.[12] In retaliation, Pakistani hackers, calling themselves "True Cyber Army" hacked and defaced ~1,059 websites of Indian election bodies.[12]

In 2013, India's Ministry of Electronics and Information Technology (MeitY) which was then known as Department of Electronics and Information Technology (DeitY), unveiled a cybersecurity policy framework called National Cyber Security Policy 2013 which officially came into effect on July 1, 2013.[13]

According to the media, Pakistan's has been working on effective cyber security systems, in a program called the "Cyber Secure Pakistan" (CSP).[14] The program was launched in April 2013 by the Pakistan Information Security Association and the program has expanded to country's universities.

In 2020, according to the Media reports, Pakistan Army confirms the series of Cyber Attacks that has been identified on Pakistani Government and private websites by the Indian Intelligence. ISPR also advised the government and private institutions to enhance cyber security measures.[15]

Indonesia

Indonesia said it has started to recover data that had been encrypted in a major ransomware attack in June which affected more than 160 government agencies.

The attackers identified as Brain Cipher asked for $8 million in ransom to unlock the data before later apologising and releasing the decryption key for free, according to Singapore-based cybersecurity firm StealthMole.[16]

Iran

On 8 February 2020, the telecommunication network of Iran witnessed extensive disruptions at 11:44 a.m. local time, which lasted for about an hour. The Ministry of Information and Communications Technology of Iran confirmed it as a Distributed Denial of Service attack. The Iranian authorities activated the "Digital Fortress" cyber-defense mechanism to repel. Also known as DZHAFA, it led to a drop of 75 percent in the national internet connectivity.[17]

On the noon of 26 October 2021, a cyberattack caused all 4,300 fuel stations in Iran to disrupt and disable government-issued cards for buying subsidized fuel. This cyber attack also caused digital billboards to display messages against the Iranian government.[18][19]

Ireland

On 14 May 2021, the Health Service Executive (HSE) of Ireland suffered a major ransomware cyber attack which caused all of its IT systems nationwide to be shut down.[20][21][22][23]

It was the most significant cybercrime attack on an Irish state agency and the largest known attack against a health service computer system.[24][25] The group responsible was identified as a criminal gang known as Wizard Spider, believed to be operating from Russia.[26][27][28] The same group is believed to have attacked Ireland's Department of Health with a similar cyber attack.

Israel

In April 2020, there were attempts to hack into Israel's water infrastructure of the Sharon central region by Iran, which was thwarted by Israeli cyber defenses. The cyberattack intended to introduce dangerous levels of chlorine into the Israeli water supply.[29]

North Korea

In February 2024 UN sanctions monitors were investigating claims that dozens of cyber attacks that North Korea is suspected of carrying out has raised around $3 billion which is being used to fund and develop it's nuclear weapons program.[30]

Norway

In August 2020 the Norwegian parliament Stortinget suffered a cyberattack on the email system belonging to several officials. In December 2020, the Norwegian Police Security Service said the likely perpetrators were the Russian cyber espionage group Fancy Bear.[31]

Russia

During the 2018 FIFA World Cup, Russia countered and stopped around 25 million cyber-attacks on IT Infrastructure.[32][33]

In June 2019, Russia has conceded that it is "possible" its electrical grid is under cyber attack by the United States.[34] The New York Times reported that American hackers from the United States Cyber Command planted malware potentially capable of disrupting the Russian electrical grid.[35]

On 19 October 2020, the US justice department charged six Russian military officers of a worldwide hacking campaign, which attacked targets like French election, the 2018 Winter Olympic Games opening ceremony, US businesses and Ukraine's electricity grid. The campaign was believed to have cost billions of dollars for the mass disruption it caused.[36]

Ukraine

A series of powerful cyber attacks began 27 June 2017, that swamped websites of Ukrainian organizations, including banks, ministries, newspapers and electricity firms. In January 2022, Microsoft disclosed activity of a ransomware and DoS attack on various government agencies and organizations.[37][38]

United Arab Emirates

In 2019, Reuters reported that United Arab Emirates launched a series of cyberattacks on its political opponents, journalists, and human rights activists under Project Raven, on an espionage platform namely Karma. The team included ex-US intelligence agents. Project Raven commenced in 2009 and was planned to be continued for the coming ten years.

United Arab Emirates, used and asked for help from couple of countries providing their best calibres to overcome this crisis, and to confine the damage and consequences upon Project Raven, and indeed big names did participate to help like the American master, Graham Dexter, and the Egyptian phenomenal name in cybersecurity, Elhamy El Sebaey.[39]

United States of America

In 2015. the Office of Personnel Management (OPM) and the Interior Department were hacked, resulting in data breaches of government and security records. Numerous reports claim that Chinese hackers conducted these attacks, as the Chinese government has used hackers to attack and target U.S. military networks the year prior.[40][41] In 2024, cyber-tensions remain between the United States and the People's Republic of China, as accusations of hacking the U.S. government continue to arise. Reuters claims that cyber-espionage operations have been attacking the U.S. infrastructure, including the electric grid, water plants, oil and gas pipelines, and transportation, placing an increased focus on civilian attacks. Government officials have expressed concern about these attacks, relating them to bombings that have no economic or political gain whatsoever.[42] Though neither of the claims are confirmed by the Chinese government, U.S. officials continue to emphasize Chinese involvement in cyberattacks against their country.

During the 2016 presidential election, an indictment of 12 Russian military intelligence officers revealed that Russian hackers conducted an attack against the Clinton administration that targeted staff and campaign email addresses, following her opponent's, Donald Trump's, discernment of missing emails from Democratic servers on the same day as the attack. Robert S. Mueller, a special counsel of the United States government, claimed that the Russian government was also guilty to laundering money and stealing voter information. Furthermore, he investigated a possible conspiracy between the Russian government and Trump's possible attempt to sway the 2016 election.[43]

In 2023, the United States Government was able to identify and stop an organized attack on numerous computers throughout the states. This attack was taken out by Volt Typhoon, a Chinese hacking group who used its ability to access computers with lowered cyber security to try and infiltrate different American systems.[44] In April 2024, the FBI reports that Volt Typhoon is still a threat and plans to target the US through different cyber attacks in the future.[45]

References

  1. ^ "Indonesia Tops China as Cyber Attack Capital". PC Magazine. 16 October 2013.
  2. ^ "Azerbaijani hackers broke into over 90 armenian websites – VIDEO". Azerbaycan24. 27 September 2020.
  3. ^ Giles, Christopher (October 26, 2020). "Nagorno-Karabakh: The Armenian-Azeri 'information wars'". BBC.
  4. ^ "Canada's foreign ministry hacked, services hit". Reuters. Reuters. 2022-01-24. Retrieved 2022-01-25.
  5. ^ a b c Krekel, Bryan. People's Republic of China. The US-China Economic and Security Review Commission.Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation. Virginia: Northrop Grumman, 2009. Web.
  6. ^ Krebs, Brian (5 March 2021). "At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft's Email Software". Krebs on Security. Retrieved 14 April 2021.
  7. ^ Ian Traynor (17 May 2007). "Russia accused of unleashing cyberwar to disable Estonia". The Guardian. Archived from the original on Aug 31, 2013.
  8. ^ "War in the fifth domain. Are the mouse and keyboard the new weapons of conflict?". The Economist. 1 July 2010. Archived from the original on Jul 5, 2010. Retrieved 2 July 2010. Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO's "centre of excellence" for cyber-defence. It was established in response to what has become known as "Web War 1", a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007.
  9. ^ Zelalem, Zecharias (27 June 2020). "An Egyptian cyber attack on Ethiopia by hackers is the latest strike over the Grand Dam". Quartz. Archived from the original on Apr 7, 2024.
  10. ^ a b Prichard, Janet, and Laurie MacDonald. "Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks." Journal of Information Technology Education. 3. (2004): n. page. Web.
  11. ^ "36 government sites hacked by 'Indian Cyber Army'". Express Tribune. 30 November 2010. Retrieved 8 June 2013.
  12. ^ a b Abbasi, Waseem (6 April 2013). "Pakistani hackers defaced over 1,000 Indian websites". The News International. Archived from the original on 23 July 2015. Retrieved 8 June 2013.
  13. ^ "National Cyber Security Policy-2013". Ministry of Electronics and Information Technology, Government of India. Retrieved 2020-08-19.
  14. ^ "Cyber Secure Pakistan' initiative launched". The News International. 22 April 2013. Archived from the original on 23 June 2013. Retrieved 10 June 2013.
  15. ^ "Major cyber attack by Indian intelligence identified: ISPR". The Express Tribune. 2020-08-12. Retrieved 2020-09-26.
  16. ^ https://www.reuters.com/technology/cybersecurity/indonesia-says-it-has-begun-recovering-data-after-major-ransomware-attack-2024-07-12/
  17. ^ "Iran Repels Cyber Attack Targeting Internet Backbone". Financial Tribune. 8 February 2020. Retrieved 8 February 2020.
  18. ^ فردا, رادیو (27 October 2021). "در حمله سایبری همه ۴۳۰۰ پمپ بنزین در ایران "دچار اختلال شدند"". رادیو فردا (in Persian). Retrieved 2021-11-02.
  19. ^ "A cyberattack paralyzed every gas station in Iran". NPR. Associated Press. 2021-10-27. Retrieved 2021-11-02.
  20. ^ "Some health service disruption after HSE cyber attack". RTÉ News and Current Affairs. Retrieved 14 May 2021.
  21. ^ "Irish health service hit by 'very sophisticated' ransomware attack". Reuters. Retrieved 14 May 2021.
  22. ^ "Irish health service hit by cyber attack". BBC News. Retrieved 14 May 2021.
  23. ^ "Ransomware attack disrupts Irish health services". The Guardian. Retrieved 14 May 2021.
  24. ^ "Cyber attack 'most significant on Irish state'". BBC News. 15 May 2021. Retrieved 18 May 2021.
  25. ^ Lally, Conor (18 May 2021). "Wizard Spider profile: Suspected gang behind HSE attack is part of world's first cyber-cartel". The Irish Times. Retrieved 5 September 2021.
  26. ^ Reynolds, Paul (18 May 2021). "Wizard spider: Who are they and how do they operate?". RTÉ News and Current Affairs. Retrieved 18 May 2021.
  27. ^ Gallagher, Conor; McQuinn, Cormac. "Dark web 'dump sites' being monitored for HSE data after hack". The Irish Times. Retrieved 18 May 2021.
  28. ^ Horgan-Jones, Jack; Lally, Conor. "Scale of damage from cyberattack on HSE systems will not be known for days". The Irish Times. Retrieved 2021-05-15.
  29. ^ attack-on-israels-water-supply-could-have-sickened-hundreds-report/ "Iran cyberattack on Israel's water supply could have sickened hundreds – report". The Times of Israel. 1 June 2020. {{cite web}}: Check |url= value (help)
  30. ^ "Cyber-attacks by North Korea raked in $3bn to build nuclear weapons, UN monitors suspect". The Guardian. Reuters. 2024-02-08. ISSN 0261-3077. Retrieved 2024-02-08.
  31. ^ "Norway accuses Russian hackers of parliament attack". The Local Norway. 8 December 2020. Retrieved 2020-12-21.(subscription required)
  32. ^ "Putin says Russia targeted by almost 25 million cyber-attacks during World Cup". The Telegraph. 16 July 2018. Archived from the original on 12 January 2022.
  33. ^ "Russia Fends Off 25 Million Cyber-Attacks During World Cup". Infosecurity Magazine. 16 July 2018.
  34. ^ "US and Russia clash over power grid 'hack attacks". BBC News. 18 June 2019.
  35. ^ "How Not To Prevent a Cyberwar With Russia". Wired. 18 June 2019.
  36. ^ Schmidt, Michael S. (19 October 2020). "U.S. Charges Russian Intelligence Officers in Major Cyberattacks". The New York Times. Retrieved 19 October 2020.
  37. ^ "Destructive malware targeting Ukrainian organizations". Microsoft Security Blog. 2022-01-16. Retrieved 2022-01-17.
  38. ^ "Malware attacks targeting Ukraine government". Microsoft On the Issues. 2022-01-16. Retrieved 2022-01-17.
  39. ^ "Inside the UAE's secret hacking team of American mercenaries". Reuters. Retrieved 30 January 2019.
  40. ^ Rushe, Dominic (2015-06-05). "OPM hack: China blamed for massive breach of US government data". The Guardian. ISSN 0261-3077. Retrieved 2024-04-24.
  41. ^ Menn, Joseph (June 19, 2015). "U.S. employee data breach tied to Chinese intelligence: sources". Reuters.
  42. ^ Martina, Michael; Zengerle, Patricia; Goudsward, Andrew (January 31, 2024). "US officials deliver warning that Chinese hackers are targeting infrastructure". Reuters. Retrieved April 23, 2024.
  43. ^ Nakashima, Ellen; Harris, Shane (July 13, 2018). "How the Russians Hacked the DNC and passed its emails to WikiLeaks". The Washington Post. Retrieved April 23, 2024.
  44. ^ "Office of Public Affairs | U.S. Government Disrupts Botnet People's Republic of China Used to Conceal Hacking of Critical Infrastructure | United States Department of Justice". www.justice.gov. 2024-01-31. Retrieved 2024-04-28.
  45. ^ Bing, Christopher (April 18, 2024). Chang, Richard (ed.). "FBI says Chinese hackers preparing to attack US infrastructure". Reuters.