Following Wednesday’s brief on cyber-terrorism, its origins and factors surrounding the spread of cyber attacks across the globe. Zimbabwe like any other country, has to start putting in place strong digital fortresses to guard against the consequences of digitalization.
To protect critical infrastructure, its high time Zimbabwe’s Security Forces start joining hands with the Ministry of ICT & Cyber Security to coordinate with other public sector agencies as well as private sector partners to share information about cyber-threats and vulnerabilities.
Biggest cyber-terrorism attacks in history
Opinions about what types of cyber-attacks constitute as acts of terrorism still differ between law enforcement agencies, information security experts and technology companies. However, here are some of the largest attacks and incidents that some considered to be acts of cyber-terrorism:
- The Russian government allegedly perpetrated a distributed denial-of-service attack in March 2014 that disrupted the Internet in Ukraine and allowed pro-Russian rebels to take control of the Crimea.
- In December 2016, 225,000 customers in Ukraine experienced a blackout, the result of remote intrusions at three regional electric power distribution companies. The cyber-terrorists blamed for the attack were thought to be from Russia. The cyber-criminals flooded phone lines with a DoS attack and also used malware to attack and destroy data on hard drives.In 2016, the U.S. Department of Justice announced that Ardit Ferizi, a citizen of Kosovo, was convicted and sentenced to 20 years in prison “for providing material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization, and accessing a protected computer without authorization and obtaining information in order to provide material support to ISIL.” John Carlin, then-assistant attorney general for national security, said: “This case represents the first time we have seen the very real and dangerous national security cyber-threat that results from the combination of terrorism and hacking.”
- Three days before Ukraine’s presidential election in May 2014, a hacking group based in Russia took down Ukraine’s election commission’s system, including the country’s back-up system. The cybercriminals launched the attack to throw the proceedings into chaos, damage the nationalist candidate and to help the pro-Russian candidate, who ultimately lost the election. Officials were able to get the systems up and running before the election.
- Hackers affiliated with the North Korean government were thought to be responsible for the cyber-attack on Sony Pictures Entertainment prior to Sony releasing the film The Interview, which depicted the death of North Korean leader Kim Jong-Un. The hacking group that claimed responsibility, known as the “Guardians of Peace,” expressed anger at The Interview and made vague threats of violence in reference to the 9/11 terrorist attacks, which led to Sony cancelling the film’s theatrical release. The FBI ultimately determined that the code, encryption algorithms, data deletion methods and compromised networks were similar to those previously used by North Korean hackers. Additionally, the FBI discovered that the hackers had used several IP addresses associated with North Korea.
- In 2015, cyber-criminals attacked the German parliament, causing widespread disruption. The hackers infected 20,000 computers used by German politicians, support staff members and civil servants, stealing sensitive data and then demanding several million euros to clean up the damage. A group of Russian nationalists who wanted the government of Berlin to stop supporting Ukraine claimed responsibility, but members of the Russian intelligence were also thought to be involved.
- In May 2017, major companies, government offices and hospitals around the world were hit by a ransomware called WannaCry, which seized control of victims’ computers until they paid ransom. Cyber-security firm Avast identified more than 75,000 ransomware attacks in 99 countries, making it one of the largest and most damaging cyber-attacks in history. Experts and government agencies agreed that the Lazarus Group, which was affiliated with the North Korean government, was responsible for releasing WannaCry.