Top 10 U.S. Government Web Break-ins of All Time

Updated: March 18, 2010

Since the dawn of networked computing, bored kids, foreign patriots and spy agencies have all attacked U.S. government computers. Here are some of their most noteworthy exploits, which prove that no site is so fortified that it can't be attacked by a sufficiently motivated teenager, system administrator or Russian office worker.

Beware the Analyzer! (1998)

In June 2001 Ehud Tenenbaum, a.k.a. "the Analyzer," was sentenced to six months of community service in Israel for penetrating Pentagon computers. Defense officials described Tenenbaum's acts as "the most organized and systematic attack to date" on Defense Department computers. Despite the fact that Tenenbaum exploited a well-known Solaris OS vulnerability that should have been patched, it took a slightly panicky interagency team with a spiffy codename — Solar Sunrise — to finger the then-teenaged hacker. His conviction took years, but before then Tenenbaum volunteered his services in a Middle East cyberwar, helping defend Israeli computers and Web sites against defacements, DoS (denial-of-service attacks) and other mischief.

Russians Are Coming (1999)

In October 1999 U.S. officials revealed that Russian computers had been making large-scale penetrations of Pentagon computers for at least the past year. Persons unknown had been downloading tons of unclassified yet sensitive information to servers just 20 miles outside Moscow, during Russian business hours with pauses for Russian holidays. Cool investigation codename: Moonlight Maze.

Belgrade Calling (1999)

After the U.S. accidentally bombed China's embassy in Belgrade during the Kosovo war, a group calling itself Hong Kong Duo initiated massive DoS attacks against federal sites, forcing down for three days. Meanwhile, the group Level Seven hacked into the U.S. Embassy site in Beijing and defaced it with racist slogans.

The Spy Plane Incident (2001)

Chinese and American hackers declared war after the deadly collision of a U.S. spy plane with a Chinese fighter, which happens just before China's patriotic May Day celebration and the second anniversary of the Belgrade embassy bombing. Chinese hackers known as Honker Union defaced sites at the departments of Interior and Health and Human Services, the U.S. Geological Survey, and NASA.

Enter the Mujahideen (2001)

After 9/11, al-Qa'ida sympathizers defaced sites at NOAA's Office of High Performance Computing and Communications and NIH's National Human Genome Research Institute. Flaunting Saudi flags but writing in Urdu, the anonymous groups told Americans to "be prepared to die."

Cylon in the UK (2001)

In November 2002 the Dept. of Justice charged Gary McKinnon of London with three counts of attacking computers at the Earle Naval Weapons Station in New Jersey, which supplies munitions to the U.S. Atlantic fleet. In a scenario straight out of Battlestar Galactica, McKinnon allegedly deleted key files needed to power some of the station's computers, with his last attack allegedly occurring on September 23, 2001. McKinnon also allegedly penetrated about 100 computers at the Defense Department, Army, Air Force and NASA before being indicted. Amazingly, the British refused to prosecute what U.S. officials called "the biggest military hack of all time," McKinnon wasn't cleared for extradition until July, 2006, however, due to British officials' concerns that he might be tried without representation under current U.S. policies. In February 2007 McKinnon appealed his extradition to yet another British court, so stay tuned.

When DSL Just Won't Do (2002)

One case the British did prosecute was then-teenaged Joseph McElroy, who in 2004 was found guilty of breaking into 17 computers at the Fermi National Accelerator Laboratory, a high-energy particle physics research facility near Chicago. His intrusion triggered a three-day, full-scale alert at Fermilab, although McElroy claimed he was only trying to use the lab's computers to download films and music.

The Zombie Master (2005)

Jeanson James Ancheta of Downey, Calif. not only created and maintained a network of 400,000 zombie computers from which to launch distributed denial of service (DDoS) attacks, he rented the network to spammers. Unfortunately for Ancheta, his zombies attacked computers at the U.S. Naval Air Warfare Center, earning him a 57-month prison sentence.

Faur from Romania (2006)

In December 2006 Victor Faur, 26, of Arad, Romania was indicted in Los Angeles for conspiracy and nine counts of computer intrusion. Faur is accused of hacking into about 150 U.S. government computers at NASA, the Energy Department and the Navy, forcing the feds to rebuild these systems to the tune of $1.4 million-plus. Faur will be delivered to a Stateside courtroom following his trial in Romania on - surprise!- separate computer-related charges.

Titan Rain (ongoing)

Attackers have siphoned unclassified information from the U.S. departments of Defense, Energy, Homeland Security and State for several years. It may be a coordinated Chinese-government attack, but it could be other attackers using Chinese networks as cover. Two additional mysteries here: Why investigators gave the case such a cool codename—Titan Rain—and why important unclassified information isn't better-protected to begin with.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more