DIGITAL ARMS RACE
WORLD
WAR 3.0
SO FAR
Cyberattacks have created
an invisible war zone
across the globe
Words by Kim Zetter
EVERY MONTH, IT SEEMS
a mammoth cyberattack sponsored by
a nation state comes to light. In recent
years, more than 20 countries have
announced their intent to launch or beef
up their of ensive cyber capabilities.
h e result is a burgeoning digital arms
race that presents a major threat to the
security of our data.
Here’s a look at the countries that have
garnered the most headlines during the
past few years and a comparison of how
their cyber-of ensive capabilities stack up.
Our assessment is, of course, based only
on known attacks. Attribution is tricky.
It’s dii cult, forensically, to distinguish
nation-state attacks from those of
independent groups – even more so when
China and Russia use state hackers and
also pay freelancers when they gain
access to useful systems.
We’ve ranked a selection of attacks and
the players accused of launching them.
Amid the intrigue and mystery, one thing
is clear – the online world is becoming an
increasingly dangerous place.
2001-2017:Target: the world. Seriously, the
NSA’s reach appears to be limitless, according
to documents leaked by Edward Snowden,
which describe a vast hacking operation aimed
at subverting the internet’s infrastructure.
OUTCOME: Global paranoia and a subsequent
reduction in security for all.
2007: The US launched the Stuxnet worm
against Iran to sabotage that country’s nuclear
programme. OUTCOME:Stuxnet succeeded in
briefl y setting back the Iranian nuclear programme.
The attack set a precedent for cyberwarfare:
countries now launch digital assaults to resolve
political disputes.
U N ITE D STATE S
SEVERITY:^1
2009-2013: The UK hacked Google’s and
Yahoo’s undersea cables to siphon
unencrypted traffi c. OUTCOME: According to
documents leaked by Snowden, the UK accessed
data through taps of undersea cables belonging
not just to these companies, but to major
telecoms, too.
2012: The UK’s Government Communications
Headquarters (GHHQ) hacked Belgacom to
monitor all mobile traffi c passing through its
routers. OUTCOME: Although the hack
successfully penetrated the network, the
telecom has never been clear about whether
the attackers intercepted customer traffi c.
UNITED KINGDOM
IRAN
2012: Iran allegedly launched a virus called
Shamoon against oil conglomerate Saudi
Aramco’s computers. US offi cials blame Iran for
the attack but have not produced evidence.
OUTCOME: Shamoon wiped 30 000 machines
and destroyed fi les, while preventing reboots.
2011-2012: Iran launched a series of
denial-of-service attacks on US banks.
Although Izz ad-Din al-Qassam Cyber Fighters
took responsibility, US offi cials claimed Iran
was retaliating for Stuxnet and UN sanctions.
OUTCOME: The attacks consumed resources
but no long-term damage was reported.
W
H
O
’ S
20 GQ.CO.ZA MAY 2017