Cyberattacks by country explained

A cyberattack is any unauthorized effort against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

Azerbaijan

Hackers from Azerbaijan and Armenia have actively participated in cyber warfare as part of the Nagorno-Karabakh conflict cyber warfare over the disputed region of Nagorno-Karabakh, with Azerbaijani hackers targeting Armenian websites and posting Ilham Aliyev's statements.^{[1] [2]}

Canada

"Chinese state-sponsored actor" attacked a research facility in Canada in 2011. Unknown hackers attacked Canada's foreign ministry in 2022.^[3]

China

See main article: Cyberwarfare by China. China's People's Liberation Army (PLA) has developed a strategy called "Integrated Network Electronic Warfare" which guides computer network operations and cyber warfare tools. This strategy helps link together network warfare tools and electronic warfare weapons against an opponent's information systems during the conflict. They believe the fundamentals for achieving success is about seizing control of an opponent's information flow and establishing information dominance. The Science of Military and The Science of Campaigns both identify enemy logistics systems networks as the highest priority for cyberattacks and states that cyber warfare must mark the start of a campaign, used properly, can enable overall operational success.^[4] Focusing on attacking the opponent's infrastructure to disrupt transmissions and processes of information that dictate decision-making operations, the PLA would secure cyber dominance over their adversary. The predominant techniques that would be utilized during a conflict to gain the upper hand are as follows, the PLA would strike with electronic jammers, electronic deception, and suppression techniques to interrupt the transfer processes of information. They would launch virus attacks or hacking techniques to sabotage information processes, all in the hopes of destroying enemy information platforms and facilities. The PLA's Science of Campaigns noted that one role for cyber warfare is to create windows of opportunity for other forces to operate without detection or with a lowered risk of counterattack by exploiting the enemy's periods of "blindness", "deafness" or "paralysis" created by cyberattacks. That is one of the main focal points of cyber warfare, to be able to weaken your enemy to the full extent possible so that your physical offensive will have a higher percentage of success.

The PLA conducts regular training exercises in a variety of environments emphasizing the use of cyber warfare tactics and techniques in countering such tactics if it is employed against them. Faculty research has been focusing on designs for rootkit usage and detection for their Kylin Operating System which helps to further train these individuals' cyber warfare techniques. China perceives cyber warfare as a deterrent to nuclear weapons, possessing the ability for greater precision, leaving fewer casualties, and allowing for long-ranged attacks.

On March 2, 2021, Microsoft released an emergency security update to patch four security vulnerabilities that had been used by Hafnium, a Chinese nation-state-sponsored hacking group that had compromised at least 30,000 public and private Microsoft exchange servers.^[5]

Estonia

See main article: 2007 cyberattacks on Estonia.

The 2007 cyberattacks on Estonia were a series of cyberattacks that began on 27 April 2007 and targeted websites of Estonian organizations, including Estonian parliament, banks, ministries, newspapers, and broadcasters, amid the country's disagreement with Russia about the relocation of the Bronze Soldier of Tallinn, an elaborate Soviet-era grave marker, as well as war graves in Tallinn.^{[6] [7]} The attacks triggered a number of military organizations around the world to reconsider the importance of network security to modern military doctrine. The direct result of the cyberattacks was the creation of the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn.

Ethiopia

In an extension of a bilateral dispute between Ethiopia and Egypt over the Grand Ethiopian Renaissance Dam, Ethiopian government websites have been hacked by the Egypt-based hackers in June 2020.^[8]

India and Pakistan

See main article: India–Pakistan relations. There were two such instances between India and Pakistan that involved cyberspace conflicts, starting in the 1990s. Earlier cyber attacks came to be known as early as 1999.^[9] Since then, India and Pakistan were engaged in a long-term dispute over Kashmir which moved into cyberspace. Historical accounts indicated that each country's hackers have been repeatedly involved in attacking each other's computing database system. The number of attacks has grown yearly: 45 in 1999, 133 in 2000, 275 by the end of August 2001. In 2010, Indian hackers laid a cyber attack at least 36 government database websites going by the name "Indian Cyber Army".^[10] In 2013, Indian hackers hacked the official website of Election Commission of Pakistan in an attempt to retrieve sensitive database information. In retaliation, Pakistani hackers, calling themselves "True Cyber Army" hacked and defaced ~1,059 websites of Indian election bodies.^[11]

In 2013, India's Ministry of Electronics and Information Technology (MeitY) which was then known as Department of Electronics and Information Technology (DeitY), unveiled a cybersecurity policy framework called National Cyber Security Policy 2013 which officially came into effect on July 1, 2013.^[12]

According to the media, Pakistan's has been working on effective cyber security systems, in a program called the "Cyber Secure Pakistan" (CSP).^[13] The program was launched in April 2013 by the Pakistan Information Security Association and the program has expanded to country's universities.

In 2020, according to the Media reports, Pakistan Army confirms the series of Cyber Attacks that has been identified on Pakistani Government and private websites by the Indian Intelligence. ISPR also advised the government and private institutions to enhance cyber security measures.^[14]

Indonesia

Indonesia said it has started to recover data that had been encrypted in a major ransomware attack in June which affected more than 160 government agencies.

The attackers identified as Brain Cipher asked for $8 million in ransom to unlock the data before later apologising and releasing the decryption key for free, according to Singapore-based cybersecurity firm StealthMole.^[15]

Iran

On 8 February 2020, the telecommunication network of Iran witnessed extensive disruptions at 11:44 a.m. local time, which lasted for about an hour. The Ministry of Information and Communications Technology of Iran confirmed it as a Distributed Denial of Service attack. The Iranian authorities activated the "Digital Fortress" cyber-defense mechanism to repel. Also known as DZHAFA, it led to a drop of 75 percent in the national internet connectivity.^[16]

On the noon of 26 October 2021, a cyberattack caused all 4,300 fuel stations in Iran to disrupt and disable government-issued cards for buying subsidized fuel. This cyber attack also caused digital billboards to display messages against the Iranian government.^{[17] [18]}

Ireland

See main article: Health Service Executive ransomware attack. On 14 May 2021, the Health Service Executive (HSE) of Ireland suffered a major ransomware cyber attack which caused all of its IT systems nationwide to be shut down.^{[19] [20] [21] [22]}

It was the most significant cybercrime attack on an Irish state agency and the largest known attack against a health service computer system.^{[23] [24]} The group responsible was identified as a criminal gang known as Wizard Spider, believed to be operating from Russia.^{[25] [26] [27]} The same group is believed to have attacked Ireland's Department of Health with a similar cyber attack.

Israel

In April 2020, there were attempts to hack into Israel's water infrastructure of the Sharon central region by Iran, which was thwarted by Israeli cyber defenses. The cyberattack intended to introduce dangerous levels of chlorine into the Israeli water supply.^[28]

North Korea

In February 2024 UN sanctions monitors were investigating claims that dozens of cyber attacks that North Korea is suspected of carrying out has raised around $3 billion which is being used to fund and develop its nuclear weapons program.^[29]

Norway

In August 2020 the Norwegian parliament Stortinget suffered a cyberattack on the email system belonging to several officials. In December 2020, the Norwegian Police Security Service said the likely perpetrators were the Russian cyber espionage group Fancy Bear.^[30]

Russia

During the 2018 FIFA World Cup, Russia countered and stopped around 25 million cyber-attacks on IT Infrastructure.^{[31] [32]}

In June 2019, Russia has conceded that it is "possible" its electrical grid is under cyber attack by the United States.^[33] The New York Times reported that American hackers from the United States Cyber Command planted malware potentially capable of disrupting the Russian electrical grid.^[34]

On 19 October 2020, the US justice department charged six Russian military officers of a worldwide hacking campaign, which attacked targets like French election, the 2018 Winter Olympic Games opening ceremony, US businesses and Ukraine's electricity grid. The campaign was believed to have cost billions of dollars for the mass disruption it caused.^[35]

Ukraine

See main article: 2017 cyberattacks on Ukraine. A series of powerful cyber attacks began 27 June 2017, that swamped websites of Ukrainian organizations, including banks, ministries, newspapers and electricity firms. In January 2022, Microsoft disclosed activity of a ransomware and DoS attack on various government agencies and organizations.^{[36] [37]}

United Arab Emirates

In 2019, Reuters reported that United Arab Emirates launched a series of cyberattacks on its political opponents, journalists, and human rights activists under Project Raven, on an espionage platform namely Karma. The team included ex-US intelligence agents. Project Raven commenced in 2009 and was planned to be continued for the coming ten years.

United Arab Emirates, used and asked for help from couple of countries providing their best calibres to overcome this crisis, and to confine the damage and consequences upon Project Raven, and indeed big names did participate to help like the American master, Graham Dexter, and the Egyptian phenomenal name in cybersecurity, Elhamy El Sebaey.^[38]

United States of America

In 2015. the Office of Personnel Management (OPM) and the Interior Department were hacked, resulting in data breaches of government and security records. Numerous reports claim that Chinese hackers conducted these attacks, as the Chinese government has used hackers to attack and target U.S. military networks the year prior.^{[39] [40]} In 2024, cyber-tensions remain between the United States and the People's Republic of China, as accusations of hacking the U.S. government continue to arise. Reuters claims that cyber-espionage operations have been attacking the U.S. infrastructure, including the electric grid, water plants, oil and gas pipelines, and transportation, placing an increased focus on civilian attacks. Government officials have expressed concern about these attacks, relating them to bombings that have no economic or political gain whatsoever.^[41] Though neither of the claims are confirmed by the Chinese government, U.S. officials continue to emphasize Chinese involvement in cyberattacks against their country.

During the 2016 presidential election, an indictment of 12 Russian military intelligence officers revealed that Russian hackers conducted an attack against the Clinton administration that targeted staff and campaign email addresses, following her opponent's, Donald Trump's, discernment of missing emails from Democratic servers on the same day as the attack. Robert S. Mueller, a special counsel of the United States government, claimed that the Russian government was also guilty to laundering money and stealing voter information. Furthermore, he investigated a possible conspiracy between the Russian government and Trump's possible attempt to sway the 2016 election.^[42]

In 2023, the United States Government was able to identify and stop an organized attack on numerous computers throughout the states. This attack was taken out by Volt Typhoon, a Chinese hacking group who used its ability to access computers with lowered cyber security to try and infiltrate different American systems.^[43] In April 2024, FBI Director Christopher Wray said Volt Typhoon's plan is to target the US civilian infrastructure through different cyber attacks in the future.^[44] Wray warned that China is developing the "ability to physically wreak havoc on our critical infrastructure at a time of its choosing."

In September 2024, under a court order, the FBI took control of a network of hundreds of thousands of internet routers and other devices that had been hacked by Chinese government-linked hackers who were using the massive web of hacked devices (known as botnet) to pose a threat to critical infrastructure both in the United States and abroad.^[45]

Notes and References

1. News: Azerbaijani hackers broke into over 90 armenian websites – VIDEO . Azerbaycan24 . 27 September 2020 . en .
2. Web site: Giles . Christopher . Nagorno-Karabakh: The Armenian-Azeri 'information wars' . BBC . October 26, 2020.
3. News: Reuters. 2022-01-24. Canada's foreign ministry hacked, services hit. en. Reuters. 2022-01-25.
4. Krekel, Bryan. People's Republic of China. The US-China Economic and Security Review Commission.Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation. Virginia: Northrop Grumman, 2009. Web.
5. News: Krebs . Brian . At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft's Email Software . 14 April 2021 . Krebs on Security . 5 March 2021.
6. News: The Guardian . 17 May 2007 . Russia accused of unleashing cyberwar to disable Estonia . Ian Traynor . live . https://web.archive.org/web/20130831075221/http://www.theguardian.com/world/2007/may/17/topstories3.russia . Aug 31, 2013 .
7. News: War in the fifth domain. Are the mouse and keyboard the new weapons of conflict? . subscription . Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO's "centre of excellence" for cyber-defence. It was established in response to what has become known as "Web War 1", a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007. . The Economist . 1 July 2010. 2 July 2010 . live . https://web.archive.org/web/20100705121639/http://www.economist.com/node/16478792 . Jul 5, 2010 .
8. News: An Egyptian cyber attack on Ethiopia by hackers is the latest strike over the Grand Dam . . 27 June 2020 . Zecharias . Zelalem . live . https://web.archive.org/web/20240407204259/https://qz.com/africa/1874343/egypt-cyber-attack-on-ethiopia-is-strike-over-the-grand-dam . Apr 7, 2024 .
9. Prichard, Janet, and Laurie MacDonald. "Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks." Journal of Information Technology Education. 3. (2004): n. page. Web.
10. News: 36 government sites hacked by 'Indian Cyber Army' . 8 June 2013. Express Tribune. 30 November 2010.
11. News: Waseem. Abbasi. Pakistani hackers defaced over 1,000 Indian websites. 8 June 2013. The News International . 6 April 2013. 23 July 2015. https://web.archive.org/web/20150723222623/http://www.thenews.com.pk/Todays-News-13-22095-Pakistani-hackers-defaced-over-1000-Indian-websites. dead.
12. Web site: National Cyber Security Policy-2013 . 2020-08-19. Ministry of Electronics and Information Technology, Government of India .
13. News: Cyber Secure Pakistan' initiative launched. 10 June 2013. The News International . 22 April 2013. 23 June 2013. https://web.archive.org/web/20130623033931/http://www.thenews.com.pk/Todays-News-6-172840-Cyber-Secure-Pakistan-initiative-launched. dead.
14. Web site: 2020-08-12. Major cyber attack by Indian intelligence identified: ISPR. 2020-09-26. The Express Tribune. en.
15. https://www.reuters.com/technology/cybersecurity/indonesia-says-it-has-begun-recovering-data-after-major-ransomware-attack-2024-07-12/
16. Web site: Iran Repels Cyber Attack Targeting Internet Backbone . 8 February 2020. Financial Tribune. 8 February 2020 .
17. News: در حمله سایبری همه ۴۳۰۰ پمپ بنزین در ایران "دچار اختلال شدند". 2021-11-02. رادیو فردا. 27 October 2021 . fa . فردا . رادیو .
18. News: Associated Press. 2021-10-27. A cyberattack paralyzed every gas station in Iran. en. NPR. 2021-11-02.
19. News: Some health service disruption after HSE cyber attack . . 14 May 2021.
20. News: Irish health service hit by 'very sophisticated' ransomware attack . . 14 May 2021.
21. News: Irish health service hit by cyber attack . . 14 May 2021.
22. News: Ransomware attack disrupts Irish health services . . 14 May 2021.
23. News: 15 May 2021. Cyber attack 'most significant on Irish state'. BBC News. 18 May 2021.
24. News: Wizard Spider profile: Suspected gang behind HSE attack is part of world's first cyber-cartel. Lally. Conor. 18 May 2021. 5 September 2021. The Irish Times.
25. News: Reynolds. Paul. 18 May 2021. Wizard spider: Who are they and how do they operate?. RTÉ News and Current Affairs. 18 May 2021.
26. News: Gallagher. Conor. McQuinn. Cormac. Dark web 'dump sites' being monitored for HSE data after hack. 18 May 2021. The Irish Times. en.
27. News: Horgan-Jones. Jack. Lally. Conor. Scale of damage from cyberattack on HSE systems will not be known for days. 2021-05-15. The Irish Times. en.
28. Web site: Iran cyberattack on Israel's water supply could have sickened hundreds – report. The Times of Israel. 1 June 2020.
29. News: Reuters . 2024-02-08 . Cyber-attacks by North Korea raked in $3bn to build nuclear weapons, UN monitors suspect . 2024-02-08 . The Guardian . en-GB . 0261-3077.
30. News: 8 December 2020. Norway accuses Russian hackers of parliament attack. 2020-12-21. The Local Norway.
31. News: Putin says Russia targeted by almost 25 million cyber-attacks during World Cup . https://ghostarchive.org/archive/20220112/https://www.telegraph.co.uk/news/2018/07/16/putin-says-russia-targeted-almost-25-million-cyber-attacks-world/ . 12 January 2022 . subscription . live . The Telegraph . 16 July 2018.
32. Web site: Russia Fends Off 25 Million Cyber-Attacks During World Cup . Infosecurity Magazine . 16 July 2018.
33. News: US and Russia clash over power grid 'hack attacks . BBC News . 18 June 2019.
34. How Not To Prevent a Cyberwar With Russia . . 18 June 2019.
35. News: U.S. Charges Russian Intelligence Officers in Major Cyberattacks . 19 October 2020 . The New York Times. 19 October 2020 . Schmidt . Michael S. .
36. Web site: 2022-01-16. Destructive malware targeting Ukrainian organizations. 2022-01-17. Microsoft Security Blog. en-US.
37. Web site: 2022-01-16. Malware attacks targeting Ukraine government. 2022-01-17. Microsoft On the Issues. en-US.
38. News: Inside the UAE's secret hacking team of American mercenaries. Reuters. 30 January 2019.
39. News: Rushe . Dominic . 2015-06-05 . OPM hack: China blamed for massive breach of US government data . 2024-04-24 . The Guardian . en-GB . 0261-3077.
40. Web site: Menn . Joseph . June 19, 2015 . U.S. employee data breach tied to Chinese intelligence: sources . Reuters.
41. Web site: Martina . Michael . Zengerle . Patricia . Goudsward . Andrew . January 31, 2024 . US officials deliver warning that Chinese hackers are targeting infrastructure . April 23, 2024 . Reuters.
42. News: Nakashima . Ellen . Harris . Shane . July 13, 2018 . How the Russians Hacked the DNC and passed its emails to WikiLeaks . April 23, 2024 . The Washington Post.
43. Web site: 2024-01-31 . Office of Public Affairs U.S. Government Disrupts Botnet People's Republic of China Used to Conceal Hacking of Critical Infrastructure United States Department of Justice . 2024-04-28 . www.justice.gov . en.
44. Web site: Bing . Christopher . April 18, 2024 . Chang . Richard . FBI says Chinese hackers preparing to attack US infrastructure . Reuters.
45. News: Lyngaas . Sean . September 18, 2024 . FBI says it has disrupted major Chinese hacking operation that threatened US critical infrastructure . October 14, 2024 . CNN.