This article was taken from the October 2015 issue of Wired magazine. Be the first to read Wired's articles in print before they're posted online, and get your hands on loads of additional content by subscribing online.
Every month, it seems, a mammoth cyberattack sponsored by a nation state comes to light. In recent years, more than 20 countries have announced their intent to launch or beef up their offensive cyber capabilities. The result is a burgeoning digital arms race that presents a major threat to the security of our data.
Here's a look at the countries that have garnered the most headlines during the past few years and a comparison of how their cyber-offensive capabilities stack up. Our assessment is, of course, based only on known attacks. Attribution is tricky. It's difficult, forensically, to distinguish nation-state attacks from those of independent groups -- even more so when China and Russia use state hackers and also pay freelancers when they gain access to useful systems.
We've ranked a selection of attacks and the players accused of launching them. Amid the intrigue and mystery, one thing is clear -- the online world is becoming an increasingly dangerous place.
The thicker the line, the more severe the attack. The map is also colour coded, with pink nations having a high offensive capacity and white or yellow nations a less lethal cyber arsenal.
United States2001-2015: Target: the world. Seriously, the NSA's reach appears to be limitless, according to documents leaked by Edward Snowden, which describe a vast hacking operation aimed at subverting the internet's infrastructure. Outcome: Global paranoia and a subsequent reduction in security for all.
United States2007: The US launched the Stuxnet worm against Iran to sabotage that country's nuclear program. Outcome: Stuxnet succeeded in briefly setting back the Iranian nuclear programme. The attack set a precedent for cyberwarfare: countries now launch digital assaults to resolve political disputes.
China2009-2011: China allegedly hacked Google, RSA Security and others to get source code. Outcome: The hackers who breached RSA obtained core data used in the company's two-factor authentication scheme used by governments and corporations.
China2014: China breached several databases belonging to the US Office of Personnel Management. Outcome: The hackers stole sensitive data, including Social Security numbers, relating to more than 21 million people who had been interviewed for government background checks.
United Kingdom2009-2013: The UK hacked Google's and Yahoo's undersea cables to siphon unencrypted traffic. Outcome: According to documents leaked by Edward Snowden, the UK accessed data through taps of undersea cables belonging not just to these companies, but to major telecoms too.
United Kingdom2012: The UK's Government Communications Headquarters (GHHQ) hacked Belgacom to monitor all mobile traffic passing through its routers. Outcome: Although the hack successfully penetrated the network, the telecom has never been clear about whether the attackers intercepted customer traffic.
North Korea2014: Sony Pictures Entertainment was attacked. The US attributed it to North Korea and applied additional sanctions against the country and specific officials. Outcome: The attackers nabbed gigabytes of internal data and comms, which they later posted online.
Israel2014: Israel allegedly hacked Russian security firm Kaspersky Lab to obtain intel on its research about nation-state attacks. It also struck venues in Europe where the UN Security Council met to negotiate Iran's nuclear programme. Outcome: The attackers may well have obtained intel about Kaspersky's research.
Israel2012: Suspected of launching the Wiper attack against the Iranian oil ministry and the National Iranian Oil Company. Outcome: The malware wiped hard-drive data, then erased system files, causing the machines to crash and preventing them from rebooting. Iran insisted it had data backups.
Iran2012: Iran allegedly launched a virus called Shamoon against oil conglomerate Saudi Aramco's computers. US officials blame Iran for the attack but have not produced evidence. Outcome: Shamoon wiped 30,000 machines and destroyed files, while preventing reboots.
North Korea2013: Computers in South Korea were struck by a logic bomb that caused data deletion as well as preventing rebooting. South Korea blamed North Korea for the attack but it has never produced solid evidence. Outcome: Two broadcast-media companies and at least three banks were affected.
Russia2014: Russia allegedly hacked the US State Department and the White House. Outcome: The attackers had access to unclassified emails for President Obama as well as non-public details about his schedule.
Russia2015: TV5Monde, a French-language broadcaster, is hacked -- reportedly by Russia. A group calling itself the CyberCaliphate took credit, but French officials have pointed the finger at the Kremlin. Outcome: The hackers blacked out broadcasting for several hours and posted messages expressing support for ISIS to the TV channel's social-media accounts.
Iran2011-2012: Iran launched a series of denial-of-service attacks on US banks. Although Izz ad-Din al-Qassam Cyber Fighters took responsibility, US officials claimed Iran was retaliating for Stuxnet and UN sanctions. Outcome: The attacks consumed resources, but no long-term damage was reported.
This article was originally published by WIRED UK
