Just as our understanding of this critical infrastructure has changed and matured over time, so has the threat. These threats have existed for some time.
Back in May 1998, all seven members of the L0pht (Brian Oblivion, Kingpin, Mudge, Space Rogue, Stefan Von Neumann, John Tan, and Weld Pond) famously testified before the Congress of the United States that they could shut down the entire Internet in 30 minutes.
Shortly after this testimony, the first distributed denial-of-service (DDoS) attacks appeared. The first well-documented DDoS attack appears to have occurred in August 1999, when a DDoS tool called Trinoo (described below) was deployed in at least 227 systems, of which at least 114 were on Internet2, to flood a single University of Minnesota computer. This system was knocked off the air for more than two days.
In the following months, Yahoo!, Amazon, Buy.com, CNN, and eBay were all hit with similar attacks. These commerce sites suffered large financial losses during the downtime because of these attacks. Today, incredibly large and complex botnets exist that can be used to launch a variety of attacks against multiple targets.
The current focus of these botnets appears to be primarily SPAM and DDoS attacks, but they could easily be used in cyber warfare activities. Other attacks of historic significance include the following:
- Solar Sunrise: Solar Sunrise is the name given to a series
of attacks against the Pentagon and MIT in February 1998. The Department of
Defense called these attacks "the most organized and systematic attack to
date." The DoD actually declared the U.S. to be in a state of "cyber
These attacks appeared to be originating from Russian-owned IP address space, so the attack was considered to be "state-sponsored."
- Moonlight Maze: Moonlight Maze refers to an incident in
which U.S. officials accidentally discovered a pattern of probing of computer
systems at the Pentagon, NASA, Energy Department, private universities, and
research labs that began in March 1998 and went on for nearly two years.
It seems that these hackers had been able to access tens of thousands of files (including maps of military installations, troop configurations, and military hardware designs). The Defense Department traced the attacks back to a mainframe computer in the former Soviet Union.
- Titan Rain: Titan Rain is the name given to a
well-organized Chinese military hacking effort against the U.S. military.
The hackers, believed to have been based in the Chinese province of Guangdong, are thought to have stolen U.S. military secrets, including aviation specifications and flight-planning software. These attacks apparently started in 2003 and lasted until 2005.