Significant Cyber Incidents Since 2006

 

Let me introduce you to the "Centre for Strategic and International Studies." 

On their website they describe themselves as such:

"The Center for Strategic and International Studies (CSIS) is a bipartisan, nonprofit policy research organization dedicated to advancing practical ideas to address the world’s greatest challenges."

It's an interesting group and I highly encourage you to check out the website located in references.

There is one section of their site that caught my eye that I will highlight today.

"Significant Cyber Incidents"  

CSIS "... records significant cyber incidents since 2006. We focus on cyber attacks on government agencies, defense and high tech companies, or economic crimes with losses of more than a million dollars." [1]

Their list is eye opening!  Content like this plays well into my thought process because I often ponder on the state of the cyber-world and the nation states that attack each other.  This site[CSIS] puts a little perspective on the situation.  

I do want to say that cyber-warfare is usually a two-way relationship.  CSIS highlights foreign (to America) efforts to circumvent American and other global assets, but I did not see any documentation around American efforts to circumvent foreign assets.  Obviously they will not list how America is attacking other countries in cyber-space.

The list goes on-and-on for 54 pages and is actually quite an interesting read.  The draw for me is realizing the kinds of things that were happening in history.  "What was I doing in 2012? Oh my goodness there was a massive data breach in July of that year"  that kind of thing. 

On the list search for this: SCADA

If you are not sure what SCADA is, here is a definition "Supervisory control and data acquisition is a control system architecture comprising computers, networked data communications and graphical user interfaces."

It's a dull definition, yes.  However the economic and political risks of this as a target for nations states is astronomical.

"September 2012. Chinese hackers infiltrated Telvent Canada, an industrial automation company, and stole data related to SCADA systems throughout North America"

Krebs on Security referenced the attack in his article in September 2012 [4].  He outlined the details really well.  I included this incident as an example of the plethora of SCADA attacks that have occured.

SCADA is our ability to automate infrastructure.  If this data were stolen, or compromised it would allow an attacker to do massive amounts of damage.  You dream it and it can be done.

Maybe reading lists like this is making me more paranoid.  I don't know if I care.  

Cyber-space is massive and there is so much happening all the time that we are not aware of.

CSIS is one resource for you stay on top of the cyber-relations of our world.

 

Stay tuned, I am working on an article geared towards the security risks specifically pointing at critical infrastructure.

 

Thanks,

Andrew Campbell

 

 

 

Reference:

[1] https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents

[2] https://csis-website-prod.s3.amazonaws.com/s3fs-public/201218_Significant_Cyber_Events.pdf

[3] https://csis-website-prod.s3.amazonaws.com/s3fs-public/201222_Chinese_Espionage.pdf 

[4] https://krebsonsecurity.com/tag/telvent-canada-ltd/

Popular Posts