6 Real Hacker Attacks Straight Out of the Movies

| October 13, 2012 | 1 Reply
6 Real Hacker Attacks Straight Out of the Movies

6 Real Hacker Attacks Straight Out of the Movies

Danny Vittore
Cracked.com

 

Hacker attacks: Hollywood thinks that computers run on black magic and hackers are wizards. In movies, computers can blow up houses, shut down highways, release plagues and make Matthew Lillard appealing to women. However, our collective groaning about how laughably unrealistic these movies are may have been premature, because sometimes the real world of digital mayhem comes very close to sounding like the plot description of Swordfish 2: Travoltuna.

#6. A Logic Bomb Detonates Siberia

Remember how loud you shouted “bullshit” when the hackers in Live Free or Die Hard used their computer wizardry to ignite a bunch of natural gas pipelines? We do, too. Well, tuck your napkins into your collars and get ready to eat some exploding crow, because it turns out that that actually happened … in 1982, six years before the Die Hard franchise was even a thing.

You see, the CIA under the Reagan administration found out that the KGB had been stealing technology from the West for years. In response, the CIA decided to feed the KGB a big, fat booby trap in what may be one of the first uses of a Trojan virus. They more or less had a list of things they knew the KGB was going to steal, so they added a special item to the mix: a piece of software used to help regulate gas pipelines. The CIA then dropped a “logic bomb” in the software and waited, trying not to laugh.

A logic bomb essentially makes a program switch to a different mode after running several million cycles (changing its “logic”). The pipeline software’s logic bomb was set to go off after 10 million cycles. The KGB thieves weren’t stupid — they checked the stuff they were stealing — but since the software appeared to be working fine, they brought it back to a pipeline in Siberia that extended into Western Europe, singing songs of their good fortune.

The program ran fine for a few months (the aforementioned 10 million cycles), but after that, it took the pipeline’s pumps and compressors aside and told them, “Today is the day that we run a pressure test at dangerously high levels.” After careful calculations, the CIA expected the pipeline to merely spring leaks all the way across Siberia. Clearly, they overestimated Soviet engineering.

 

#5. A Laptop Brings the Department of Defense to Its Knees

While we’re picking on Live Free or Die Hard, there is another scene where Bruce Willis’ grandfather finds out that the bad guy was able to shut down NORAD with a laptop. And while tech-savvy audiences everywhere shared a hearty chuckle at the idea, it turns out you can totally do that. Holy shit, Die Hard 4 was a goddamned documentary!

Intensely classified American military computer networks were penetrated by a worm (a self-perpetuating piece of code armed with evil intent) dubbed Agent.btz, and all it took was someone stationed in Afghanistan inserting an infected flash drive into a laptop that was connected to the military’s Central Command. From there, Agent.btz worked its way through numerous networks used to relay secret materials for the U.S. State and Defense departments, beaming information back to its unknown master.

The U.S. scrambled together a response team called Operation Buckshot Yankee (after a spirited round of Mad Libs) to isolate and remove the malicious code from the top-secret networks. The problem was, Agent.btz had the ability to scan a computer to look for data, then open backdoors to let itself out and into other networks, transmitting both the data and the backdoors back to its mysterious creator. It’s like that guy nobody invited but who is supposedly someone’s cousin, just creeping from house party to house party, texting his friends which garage doors are unlocked so they can come by later and steal power tools.

Furthermore, Agent.btz mutated constantly, downloading new code to change its “signature” and evade detection. Just as older versions were being removed, newer and more complex variants of Agent.btz were appearing around the network, compromising both confidential and nonconfidential documents a year and a half after it first started operating, even with the full force of the U.S. government dedicated to tracking it down. It wasn’t finally defeated until hundreds of machines were taken offline and reformatted, and thousands of infected thumb drives had been confiscated. Ah, come on! What’s the worst that can happen? Oh, right. Giant explosions.

 

#4. Hackers Encrypt Medical Records and Hold Them Hostage

We’re guessing that no hacker outside of a made-for-Lifetime movie has ever broken into somebody’s system, then sent them a note made of letters clipped from magazines saying “iF YoU WAnt 2 sEe ur DAtA aGaiN U wiLL pAy US $50,000.” No, something that chilling yet cornball could only happen in real life.

For instance, in July 2012, a group of hackers got into the computer networks of a medical practice known as the Surgeons of Lake County, stuck a proverbial flag in the ground and encrypted all that shit down. The practice’s entire database of patient medical records and other sensitive documents was no longer accessible to anyone, completely shutting down the business. Then the hackers posted a digital ransom note to the medical practice, demanding an undisclosed amount of money for the release of the hostage information.

The medical practice shut down the server, records be damned, then contacted the police and notified their clients that their information had been compromised, because fuck ransoms.

And they weren’t the first victims of this sort of thing — in 2008, the prescription-drug benefits company Express Scripts was sent an email with the Social Security numbers and prescription records of 75 customers, demanding an unspecified sum to keep the information secure. Of course, Express Scripts decided to put their customers’ interests first and refused to pay, then emailed all 700,000 of their clients (remember, that’s 699,925 less than the hackers had actually compromised) to let them know that their information had probably been stolen. We guess that’s better than just giving in, although ideally there’d be some kind of computer code Liam Neeson you could call to deal with this kind of thing.

#3. The Virus That Was a Spy (or the International Virus of Mystery)

Imagine a chunk of code that could do everything James Bond or Ethan Hunt are supposed to do, but better.

It was called Flame, and it was 20 megabytes of malicious programming that operated as a spy in several Middle Eastern nations, primarily Iran. While James Bond would be busy harpooning vaginas, Flame was doing the thing that spies are supposed to do — that is, collecting information. Flame can copy data files, capture sensitive screenshots, download instant messaging transcripts and remotely turn on a computer’s microphone and camera to record any conversations that are taking place near it.

Flame receives commands and data via Bluetooth like a raiding party in Azeroth, but it also has the innate ability to fake credentials to avoid detection. It executes an obscure cryptographic technique called prefix collision attack – basically, it wards off antiviruses by fooling them into thinking that it’s supposed to be there, the binary equivalent of novelty glasses and a Groucho mustache.

In the movies, when a spy gets busted, he or she typically bites open a cyanide capsule hidden in a false tooth and chokes to death on selflessness. Flame totally has that, in the form of a suicide command that automatically deletes the virus and all traces of it from an infected computer. Flame doesn’t just die when caught – it disintegrates itself and burns its birth certificate.

Flame was operating clandestinely for five years disguised as a Microsoft software update (yes, computers at the highest level of government run Windows Vista) until the shenanigans of a separate virus resulted in a crackdown that led to its discovery in Iran. Iran alleges that Flame was created by the U.S. and Israel, but, of course, both nations have disavowed all knowledge.

 

#2. In One Shot, a Tech Journalist Has His Life Deleted and All His Gadgets Frozen

The 1995 Sandra Bullock trivia question The Net tried to teach us the dangers of storing too much of our lives on the Internet and depicted hackers as being able to use computers to completely erase a person’s existence in a matter of days. Specifically, by crashing an airplane and poisoning Dennis Miller (both done with hacking).

Well, laugh all you want, but in reality, Mat Honan, a senior writer at Wired.com, had his entire life shanghaied in less than one hour. It started with the typical stuff — hackers deleted Honan’s Google account (including eight years of emails) and then used his Twitter account to vomit out racist and homophobic garbage. But hey, that’s the kind of hacking a bunch of you have probably endured. But then the attackers used his Apple ID to turn his iPhone, iPad and MacBook into shiny catatonic bricks. For someone who makes his living communicating and working online, they had effectively shut down his life. In minutes.

One of the hackers got in touch with Honan later and told him how they did it, presumably while Honan stabbed a voodoo doll to death. Basically, all it took was Honan’s billing address and credit card number, information that you give out on a frequent basis if you’ve ever ordered anything on the Internet (even a pizza). So pay attention:

First, they followed a link to his homepage from his Twitter account and used the information they found there to do a quick Internet search for his address. Next, they used his Gmail address to do an account recovery, which allowed them to see his partially obscured (but easily guessed) alternate email, which was his Apple ID. Then, they called Amazon’s tech support to add a bogus credit card to Honan’s Amazon account, which they were allowed to do after providing his email and billing addresses (two things that anyone on the Internet can see). Finally, they called right back and told tech support that they couldn’t access their (Honan’s) account. By providing Honan’s name and email address and the newly added bogus credit card number, they were allowed to add a new email address to the account and have a password reset sent to it.

The hackers now had access to Honan’s Amazon account, and access to all the credit cards on file — just the last four digits of each card, mind you, but all Apple tech support requires is a billing address and those last four numbers. With that information, they had his Apple account, which they used to brick his devices and burn his digital life to the ground.

The best and/or saddest part is that Honan himself was targeted for absolutely no reason. The hackers had no idea who he was — they just liked his Twitter handle and wanted to use it to troll for a while. They went through that whole complicated process and fucked his life over just so he wouldn’t be able to log back in to Twitter and disrupt their hijinks.

But don’t worry — unless you have a Google account, an Amazon account and an Apple account, you’re totally safe from something like this ever happening to you.

 

#1. Stuxnet Breaks Iran’s Nuclear Plants

As we mentioned in the first entry, it turns out that real-life hackers can do the “run a virus that makes the enemy’s shit explode” trick that we thought was Hollywood bullshit. So how do you top a virus that turns gas pipelines into giant smoking craters? How about crippling a country’s nuclear capability?

In June 2010, a virus called Stuxnet was found lying dormant in the networks of factories, power plants and traffic control systems worldwide. Stuxnet had the disquieting ability to disable major energy networks (like switch off an oil pipeline or cripple a nuclear reactor) without alerting the operators, but in every system where it was found, the virus wouldn’t do a single thing. It just kind of sat there, possibly collecting disability. As it turns out, Stuxnet was waiting.

Viruses, in general, tend to be indiscriminate. They just burst through the door like a werewolf and start destroying things. Stuxnet was different. It had a specific target — in this case, the centrifuges in Iran’s main uranium enrichment facility in Natanz. Its destructive programming would only activate under certain conditions, which could only be met while in Natanz. Once those conditions were met, Stuxnet would take complete control of the system.

So, what, it freezes up their computers? Maybe displays a little animated skull to let them know they’d been hit?

Hardly. The plant needs thousands of spinning centrifuges as part of the uranium enrichment process. Stuxnet was programmed to take over the machines and make them spin themselves to pieces.

A thousand of these centrifuges were deactivated by Iran in short order just around the time Stuxnet was believed to have been most active, accounting for 30 percent of the Natanz facility’s uranium enrichment ability. Iran did not admit to Stuxnet’s involvement, but did state that the virus’ presence in a separate nuclear facility still under construction prevented them from turning on the reactors there for fear of causing a nationwide blackout.

A blackout caused by hacking.


 



Tags: , , , , , , , , , ,

Category: News

Leave a Reply