HCSS
  • Home
  • Research
    • Research
      • All Publications
    • Trending Topics
      • Europe in the Indo-Pacific Hub
      • Climate & Security
      • Energy & Natural Resources
      • Cyber Policy and Resilience
      • Initiative on the Future of Transatlantic Relations
      • PROGRESS / Strategic Monitor
    • All Topics
      • Defense & International Security
      • Global Power Shifts
      • National Security Strategy
      • Energy
      • Environment & Climate
    • All Topics
      • RuBase
      • Governance & International Organization
      • Technology & Innovation
      • Sustainability & Resource Scarcity
    • All Topics
      • Minerals & Metals
      • Emerging Economies
      • Terrorism Piracy & Crime
      • Food
      • Water & Land
  • News
    • Podcasts
    • Columns
    • Events
  • Services
    • The HCSS Datalab
      • Climate Security Risk Monitor
    • Strategic Capability Gaming
    • Studio HCSS
    • Strategic Analysis
    • Summer Schools
    • IDCSS 2021
      • About
      • Cyber Resilience Game
      • 2021 Challenges
      • Program 2021
      • Organizers
      • FAQ
      • Apply
  • About Us
    • Experts
    • Contact
    • Press & Media Inquiries
    • Jobs
    • Partners & Clients
    • IMCCS
    • Global Futures Foundation
  • Search
  • Menu Menu

News

Alexander Klimburg in Gizmodo: What’s the Most Significant Hack in History?

June 22, 2021

On some level, all of us are waiting for the big one—the hack that downs the internet, paralyzes infrastructure, maybe launches a couple nukes. If that day never arrives, it will be largely thanks to the legions of malefactors who, over the years, have hacked this or that government or corporation and thus forced those institutions to plug up their vulnerabilities, or at least try to. Some of these hacks have been staggering in scope—acts of sabotage and/or theft inconceivable in an unconnected world. But which of these can lay claim to being the most destructive? What was, in other words, the most significant hack of all time? For this week’s Giz Asks, we reached out to a number of experts to find out.

Alexander Klimburg

Author of The Darkening Web: the War for Cyberspace

The answer here invariably depends on your perspective—and probably also your security clearance. But if pressed, I do have a favorite that I think helps set the course of history as well as represent some of the biggest challenges in cyber conflicts. And that hack was the so-called Soviet pipeline attack, which resulted in “the biggest non-nuclear explosion ever seen from space.” This was in 1982 (or 1983, depending on who asked), way before there was the World Wide Web and even before there was the global Internet that we recognize today. Not only was the hack possibly one of the most significant attacks on critical infrastructure, but it also was an information warfare attack, a psychological operation. It therefore shows the duality of cyber conflict better than anything else. And just by chance it happened almost exactly 41 years before the attack on US pipeline company Colonial Pipeline, with all the disruption it entailed. If it really happened.

The story started in a 2004 publication by a key adviser to President Ronald Regan, Thomas Reed, a former Secretary of the Air Force. Reed said that the CIA, which was countering a flood of Industrial espionage attempts by the Soviet KGB aimed at supporting the collapsing economy of the USSR, launched a counter operation called FAREWELL. Central to this operation was to allow the Soviets to steal the technology they were after, but to alter it to make sure that it caused more harm than good—maybe much more harm. In this particular case, the Soviets were after industrial control system software to better manage gas and oil pipelines. The CIA allowed the KGB to steal the software in question, but slipped a “logic bomb” into the code—making sure that at a specific time the system would go haywire. At the appointed time the White House and the satellite analysts were warned not to be too concerned when they saw a large explosion in Siberia—“the biggest non-nuclear explosion ever seen from space,” as it was all part of the plan. This—supposedly—was not the first or the last time the “Poisoned chalice” cyber stratagem was used. But it was devastatingly effective. Supposedly.

There are real doubts that this event ever took place. Until 2012 It was even mocked. However, in 2012, a Canadian TV documentary provided many additional details, and featured a number of credible witnesses—including a former Soviet deputy minister. He said the event took place in 1983, on a different pipeline than Reed suggested, and even caused dozens of fatalities. And then of course there was the issue that Reed’s account was actually publicly re-produced by the CIA’s own academic research organization. Clearly this was a story that someone wanted to be told.

Why? As we know now, when Reed’s account was reproduced by US intelligence they were launching OLYMPIC GAMES, the internal codename for what is now known as the Stuxnet cyberattack on the Iranian uranium enrichment program. It’s possible that someone thought it was important to support the evolving cyber strike with an information warfare attack—to remind certain audiences not only that this had happened before, but that it had been worse. Whether or not it was true, a message may have been sent. But then again, it may have all been a coincidence—a combination of bureaucratic errors and overactive imaginations.

The Soviet pipeline attack may have been the first cyber attack in history—paving the way for the CUCKOOS EGG cyber espionage case a couple of years later. But what it certainly is is an example of how cyber warfare and information warfare can overlap—feed into each other, or even masquerade as each other. This is the most important takeaway from the story—not that attacks on critical infrastructure could occur and be incredibly devastating, but that information warfare—propaganda and covert influencing attacks—are an ever-present shadow of cyber activities. As every true hacker knows, the most effective hacks are those that target human decision making. Technology—and data—are often just enablers to this end.

Read the rest of the article at Gizmodo.

  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail

Experts

Alexander Klimburg

Related News

Related Content

  1. Cyber Deterrence Final
  2. Promises and Perils of Minumum Cyber Deterrence Posture (HCSS 2022)
  3. HCSS_Assessing_Cyber_Security

Office Address

  • The Hague Centre for Strategic Studies
  • Lange Voorhout 1
  • 2514 EA The Hague
  • The Netherlands

Contact Us

  • Telephone: +31(70) 318 48 40
  • E-mail: info@hcss.nl
  • IBAN NL10INGB0666328730
  • BIC INGBNL2A
  • VAT NL.8101.32.436.B01
  • Contact

Legal & Privacy

  • Disclaimer & Privacy
  • Terms & Conditions (NL) 
  • Terms & Conditions (ENG) 
  • Responsible Disclosure Policy

Follow us

© The Hague Centre for Strategic Studies
    PR & Communication Internship (start date: 2 August 2021)New Threats, New Responsibilities: Europe and its Security
    Scroll to top

    GDPR Consent

    Your privacy is important to us. Here you can set which consent you are allowing us with regards to the collection of general information, the placing of cookies of the collection of personal information. You can click 'Forget my settings' at the bottom of this form to revoke all given consents.

    Privacy policy | Close
    Settings

    GDPR Consent Settings

    Your privacy is important to us. Here you can set which consent you are allowing us with regards to the collection of general information, the placing of cookies of the collection of personal information. You can click 'Forget my settings' at the bottom of this form to revoke all given consents.

    Website statistics collect anonymized information about how the site is used. This information is used to optimize the website and to ensure an optimal user experience.

    View details

    Functional cookies are used to ensure the website works properly and are neccessary to make the site function. These cookies do not collect any personal data.  

    View details
    Forget my settings Deleted!