With technology advancing faster than ever before, cybersecurity has become a major concern. Hackers aren’t the only ones, though, who are wreaking havoc online. Governments have also used cyberattacks as weapons against each other.
Stuxnet was a “worm” created in 2007, allegedly by the U.S. and Israel, that attacked Iran’s nuclear facilities. Neither government has claimed responsibility, but Stuxnet is now widely accepted as the first known cyberweapon to cause major physical damage to its intended target. The only problem was that the worm escaped Iranian facilities and spread among the general public.
It’s alleged that Iran launched a cyberattack on the world’s largest oil company, Saudi Aramco, in retaliation for Stuxnet in 2012, but that has not been confirmed. Although the attack was said to be primitive and unsophisticated, it still managed to wipe out the data in much of the company’s main computer network, and it affected 30,000 Aramco personal computers.
Last week in a cyberattack that shut down Sony Pictures for days, hackers released sensitive data from the studio’s network, including employee salaries and high-quality versions of several unreleased films.
Blame is being pointed at North Korea — and although Pyongyang has denied any involvement, it has praised the move nonetheless, citing the movie “The Interview” as offensive for alluding to an assassination attempt on North Korean leader Kim Jong Un. Previously, North Korea reached out to United Nations Secretary General Ban Ki-moon to file a complaint, calling the movie “an act of war.”
During Al Jazeera America’s Sunday night segment The Week Ahead, Thomas Drayton discussed cybersecurity and the ramifications of global cyberwarfare with Dan Guido, a hacker-in-residence at New York University’s Polytechnic School of Engineering, and with Allan Friedman, a research scientist at the Cyber Security Policy Research Institute of George Washington University.
Guido said it takes very little effort and small teams to break into major companies. He said, “It’s very simple to gather information about individuals on the Internet,” adding that clicking on the wrong link can give hackers complete control over the targeted computers and access to a company’s entire website, using very few resources.
Friedman said there are a number of different ways to trace the origin of a cyberattack. The forensics level is the most technical, unpacking clues as to who was involved. On an intelligence level, investigating things like who is the most likely to benefit or who may have been talking about an attack before one happens can help point to a culprit. On a national security level, hackers are generally trying to engage in a strategic attack to achieve a political outcome.
He added that there are different types of attacks. Organized crime groups may try to access random people’s credit card numbers. Some hackers engage in economic espionage, trying to steal companies’ secrets.
Al Jazeera’s Jacob Ward said certain hackers have the patience and skills to find vulnerabilities in a system, plant malicious code and comb through the results for what they need. But he said the most common type of hacking happens through social engineering, with predators gathering data from the plethora of information that Internet users give out voluntarily through social media.
Anyone can access personal information about a person’s likes, way of living and family members though sites such as Facebook or a person’s location through applications such as FourSquare. He added that anyone can do it with enough charm and creativity.