• For full details of graphics available/in preparation, see Menu -> Planners
 State-sponsored cyber-attacks infographic
Graphic shows major state-sponsored cyber attacks in recent years.
GN40913AR

TECH

State-sponsored cyber-attacks

By Duncan Mil

December 28, 2020 - According to California-based internet security company SonicWall, for the past five years, the annual number of attempted malware, or malicious software, attacks have averaged nine billion.

Among those 24.6 million attacks every day are shadowy state-sponsored hacking groups -- cyber warriors in Russia, China, North Korea, Iran, Israel, the United Kingdom and the United States.

Of the publicly known state-sponsored attacks, the Stuxnet attack against Iran’s nuclear programme stands out as the first example of cyber warfare.

Stuxnet, discovered in 2010, is widely believed to have been developed by the U.S and Israel. However, according to researchers at the U.S. computer-security firm, Symantec Corp., Stuxnet was in development as early as 2005, when Iran set up its uranium enrichment facility. The worm was deployed in 2007 when Iran’s Natanz facility went online.

The U.S. group that developed Stuxnet were known as the Office of Tailored Access Operations (TAO) at the National Security Agency (NSA) at Fort Meade in Maryland. The TAO’s cyber activities were revealed in 2013 by former NSA systems analyst Edward Snowden.

Closely linked to TAO, now part of the Directorate of Operations, is the Equation Group, a shadowy group that in 2012 created the Flame hacking toolkit -- so-called “ops disks.”

In August 2016 the NSA -- the most secretive “No Such Agency” -- was itself hacked. The Equation Group’s cyberweapons, developed at massive expense to U.S. taxpayers, had been stolen. The Shadow Brokers passed the ops disks to Russia and North Korea.

The Shadow Brokers leak’s continued into 2020 when North Korea-linked hacker DarkHotel was identified as responsible for disrupting the World Health Organization’s operations earlier this year.

The Shadow Brokers, a sole hacker still within the NSA or group of threat actors, have yet to be identified.

Sources
PUBLISHED: 28/12/2020; STORY: Graphic News; PICTURES: Associated Press, Getty Images
Advertisement