What are some little-known cybersecurity incursions of the early 21st century?

How about a great story about a cybersecurity incursion in the late 20th century?

What’s instructive about this one is it has all the essential elements of today’s cyber-attacks:

  • A global computer network was used by a foreign government to conduct espionage against the US.
  • The attackers used multiple hops through several different computers prior to attacking to mask the origin of the attack.
  • The cyber attackers illicitly escalated their privileges to “root” (also called “superuser” or “administrator”) on targeted systems.
  • Discovery of the attack came as Cliff Stoll tracked down a 75-cent accounting error in the charge back of computing time. This highlights the importance of event logging, conducting regular event reviews, and prompt investigation of suspicious system events.
  • The use of a “honeypot” (which is a cache of fake but realistically attractive data files) by Stoll to slow down the attackers long enough to trace their origins (a form of what we now call Active Defense).
  • Pioneering coordination of AT&T, the FBI, and the West German government.
  • Eventual arrest and conviction of a cyber-attacker, but only through heroic efforts.

This online theft of military technologies by the “Hanover Hackers” was discovered in 1986 and documented in Cliff Stoll’s fantastic book The Cuckoo’s Egg.

I talk about it in the April 2, 2019 episode of my podcast:

What the last 30 years of cyber risks tells us about what’s ahead

Leave a Reply

2 × five =