On some level, all of us are waiting for the big one—the hack that downs the internet, paralyzes infrastructure, maybe launches a couple nukes. If that day never arrives, it will be largely thanks to the legions of malefactors who, over the years, have hacked this or that government or corporation and thus forced those institutions to plug up their vulnerabilities, or at least try to. Some of these hacks have been staggering in scope—acts of sabotage and/or theft inconceivable in an unconnected world. But which of these can lay claim to being the most destructive? What was, in other words, the most significant hack of all time? For this week’s Giz Asks, we reached out to a number of experts to find out.
Alexander Klimburg
Author of The Darkening Web: the War for Cyberspace
The answer here invariably depends on your perspective—and probably also your security clearance. But if pressed, I do have a favorite that I think helps set the course of history as well as represent some of the biggest challenges in cyber conflicts. And that hack was the so-called Soviet pipeline attack, which resulted in “the biggest non-nuclear explosion ever seen from space.” This was in 1982 (or 1983, depending on who asked), way before there was the World Wide Web and even before there was the global Internet that we recognize today. Not only was the hack possibly one of the most significant attacks on critical infrastructure, but it also was an information warfare attack, a psychological operation. It therefore shows the duality of cyber conflict better than anything else. And just by chance it happened almost exactly 41 years before the attack on US pipeline company Colonial Pipeline, with all the disruption it entailed. If it really happened.
The story started in a 2004 publication by a key adviser to President Ronald Regan, Thomas Reed, a former Secretary of the Air Force. Reed said that the CIA, which was countering a flood of Industrial espionage attempts by the Soviet KGB aimed at supporting the collapsing economy of the USSR, launched a counter operation called FAREWELL. Central to this operation was to allow the Soviets to steal the technology they were after, but to alter it to make sure that it caused more harm than good—maybe much more harm. In this particular case, the Soviets were after industrial control system software to better manage gas and oil pipelines. The CIA allowed the KGB to steal the software in question, but slipped a “logic bomb” into the code—making sure that at a specific time the system would go haywire. At the appointed time the White House and the satellite analysts were warned not to be too concerned when they saw a large explosion in Siberia—“the biggest non-nuclear explosion ever seen from space,” as it was all part of the plan. This—supposedly—was not the first or the last time the “Poisoned chalice” cyber stratagem was used. But it was devastatingly effective. Supposedly.
There are real doubts that this event ever took place. Until 2012 It was even mocked. However, in 2012, a Canadian TV documentary provided many additional details, and featured a number of credible witnesses—including a former Soviet deputy minister. He said the event took place in 1983, on a different pipeline than Reed suggested, and even caused dozens of fatalities. And then of course there was the issue that Reed’s account was actually publicly re-produced by the CIA’s own academic research organization. Clearly this was a story that someone wanted to be told.
Why? As we know now, when Reed’s account was reproduced by US intelligence they were launching OLYMPIC GAMES, the internal codename for what is now known as the Stuxnet cyberattack on the Iranian uranium enrichment program. It’s possible that someone thought it was important to support the evolving cyber strike with an information warfare attack—to remind certain audiences not only that this had happened before, but that it had been worse. Whether or not it was true, a message may have been sent. But then again, it may have all been a coincidence—a combination of bureaucratic errors and overactive imaginations.
The Soviet pipeline attack may have been the first cyber attack in history—paving the way for the CUCKOOS EGG cyber espionage case a couple of years later. But what it certainly is is an example of how cyber warfare and information warfare can overlap—feed into each other, or even masquerade as each other. This is the most important takeaway from the story—not that attacks on critical infrastructure could occur and be incredibly devastating, but that information warfare—propaganda and covert influencing attacks—are an ever-present shadow of cyber activities. As every true hacker knows, the most effective hacks are those that target human decision making. Technology—and data—are often just enablers to this end.
Read the rest of the article at Gizmodo.
