Time Line of Major Global Cyber Incidents 2010-2011"Whatever We're Doing Isn't Working," CSIS's James Lewis Says
Though his list covers only the past 15 months, Lewis said cybersecurity first came to the attention of the public 15 years ago, noting that the first major policy for cybersecurity, Presidential Decision Directive 63, appeared in 1998.
"In the intervening years, there has been much discussion and a few new ideas," he said. "We can get a sense of the state of cybersecurity and whether there has been any progress the U.S. by reviewing major cybersecurity events that have occurred since the start of 2010." They are:
January 2010: Google announced that an attack had penetrated its networks, along with the networks of more than 80 other US high-tech companies. The goal of the penetrations, which Google ascribed to China, were to collect technology, gain access to activist G-mail accounts and to Google's password management system.
January 2010: At the same time, Intel experienced a harmful cyberattack.
January 2010: Global financial services firm Morgan Stanley experienced a "very sensitive" break-in to its network by the same hackers who attacked Google, according to leaked e-mails.
March 2010: A number of successful cyberattacks against NATO and European Union networks have increased significantly over the past 12 months, the international organizations revealed.
March 2010: Australian authorities say there were more than 200 attempts to hack into the networks of the legal defense team for executives from Australian energy company Rio Tinto, to gain inside information on the trial defense strategy.
April 2010: Hackers break into classified systems at the Indian Defense Ministry and Indian embassies around the world, gaining access to Indian defense and armament planning.
May 2010: A leaked memo from the Canadian Security and Intelligence Service says, "Compromises of computer and combinations networks of the government of Canada, Canadian universities, private companies and individual customer networks have increased substantially. ... In addition to being virtually unattributable, these remotely operated attacks offer a productive, secure and low-risk means to conduct espionage."
October 2010: Stuxnet, a complex piece of malware designed to interfere with Siemens industrial control systems discovered in Iran, Indonesia and elsewhere, results in significant physical damage to the Iranian nuclear program.
October 2010: The Wall Street Journal reports that hackers using Zeus malware, available in cybercrime black markets for about $1,200, were able to steal over $12 million from five banks in the United States and Britain.
December 2010 British Foreign Minister William Hague reported last month attacks by a foreign power on the British Foreign Ministry, a defense contractor and other British interests. The attack succeeded by pretending to come from the White House.
January 2011: The Canadian government reports a major cyberintrusion involving the Defense Research and Development Canada, a research agency for the departments of National Defense Finance and the Treasury Board, Canada's main economic agencies. The intrusions forced the Finance Department and the Treasury Board to disconnect from the Internet.
March 2011: Hackers penetrate French government computer networks in search of sensitive information on upcoming G-20 meetings.
March 2011: South Korea said that foreign hackers penetrated its defense networks in an attempt to steal information on the American-made Global Hawk unmanned aircraft, provided to Korea as it considers whether to buy the aircraft.
"This is not a record of success," Lewis said. "Whatever we are doing is not working. ... Many of the reports and essays we see emerging now will advocate tired ideas in order to block change rather than increase cybersecurity. While individual government agencies have made strenuous efforts to improve our cyberdefenses, as a nation, despite all the talk, we are still not serious about cybersecurity."