The role of hackers in history has always been questioned and disputed. While many strongly believe that they are pure evil, others admit that they have guided and inspired security companies to develop smarter, more efficient and reliable systems protecting confidential and highly important data from being stolen or modified. As any community around us, the world of hacking is very diverse, with good intentions often turning into crimes of the global scale and lucrative impulses often taking over common sense. That’s exactly why the world of hackers, like a good detective story, is so irresistibly attractive to a great many of regular users. History has many examples of successful cyber attacks that became industry milestones and the driving force behind collective efforts to improve information security on all levels. In this article, we’ll take an impartial look at some of the most impressive hacks of all times – the crimes that made companies and users across the world become more wary of the potential dangers of digital globalization.

#1

Probably the most notorious hacker of all times, Kevin Mitnick, was not a programming genius, but he was responsible for some of the most hyped cyber attacks in history. He started by tricking the Los Angeles bus punch card equipment to get free rides, continued with phone phreaking and then went serious during an almost 2.5 year long hacking spree, when he broke into numerous computers coast to coast stealing corporate data, scrambling phone networks and even breaking into the national defense warning system. He was eventually busted by the FBI and convicted to five years in prison for trespassing into Digital Equipment Corporation’s (DEC) network and stealing proprietary software. Although Mitnick did succeed in various cyber attacks, including major ones, he admitted that the most powerful weapon he used was “social engineering”, which proves that technological vulnerabilities are not always the weakest link, while attention to detail and healthy suspiciousness can do more than the most advanced security systems out there.

#2

Kevin Poulsen, a.k.a Dark Dante, is another hacking idol. He started his “career” at 17, when he gained access to the Internet’s predecessor, ARPANET. The network was still being developed and he exploited an existing loophole to temporarily gain complete control over the nationwide network. However, he became a real celebrity after his famous trick with LA’s KIIS FM radio, which brought him a brand-new Porsche, among other valuable items, and the fame of a “phone wiz”. The station was running a contest at that time and would give a posh sport ride to the 102th caller. Poulsen successfully hacked into the city’s phone system, seized control of all the lines, blocked all incoming calls and eventually made sure he was the lucky number 102. Indeed, almost all of his hacking coups have been carried out using regular telephone lines. Shortly after the Porsche trick, he reactivated old Yellow Page escort phone numbers for an acquaintance of his who ran a virtual agency. Despite his luck and conspiracy skills, Poulsen was arrested in a supermarket after a nation-wide raid and did five long years in prison to later become a senior editor for Wired News writing about IT security.

#3

Robert Tappan Morris was the person behind the first computer worm known as the “Morris worm” – a self-replicating program that quickly spread over the vast spans of the global network and caused substantial damage to thousands of computer systems. Although the hacker allegedly intended to use the worm to probe the real size of the Internet, his creation brought over 6000 computers worldwide to their knees, making them completely unusable. Morris became the first person to be prosecuted under the 1986 Computer Fraud and Abuse Act and was sentenced to three years of probation, 400 hours of community service and a fine of $10,500.

#4

Adrian Lamo’s hacking into the networks of high-profile organizations like Microsoft and the New York Times made him one of the most renowned hackers in history. He breached the security barriers of major companies and anonymously pointed them at existing vulnerabilities. Although he did not have any malicious intent, his intrusions were not authorized and therefore considered cyber crimes. He never used his home line for any of his provocative attacks, preferring public access points, such as Kinko’s, cafes and libraries – and that’s what earned him the nickname of “homeless hacker”. Always on the move, he successfully hacked companies we all know very well: Yahoo!, Bank of America, Cingular and Citigroup. For a certain period of time, he managed to get away with his vigilante acts, but he made a big mistake after he broke into The New York Times intranet and LexisNexis account containing confidential data about employees, contributors and partners. Although Lamo informed the company about this vulnerability and offered assistance in fixing it, charges were shortly filed against him and the hacker’s desire to help was punished by an ample fine, half a year of home confinement and two years of probation.

#5

The coolest kid on the hackers’ block, Jonathan James became the first underage offender who was sentenced to a half a year of in-house arrest with probation (although he eventually did this time in prison for violation of parole). His targets included the most respectable an high-profile organizations, such as NASA and DTRA (Defense Threat Reduction Agency), a special agency within the Department of Defense responsible for reducing the threat to the United States and its allies from weapons of different types, including nuclear, chemical and biological. The software he installed on DTRA’s servers allowed him to intercept personal emails and capture access details of a large number of top-level officials within the agency. In NASA’s case, he simply stole the software that controlled the Space Station’s environment parameters, such as temperature and humidity. NASA estimated the aggregated losses at over 1.7 million dollars, although James remained extremely skeptical about the quality of the space agency’s code and its real value.

#6

Russian hacker Vladimir Levin became the first person in history to rob a bank without a hockey mask, a shotgun and a diamond drill. In 1995, he penetrated Citibank’s security systems and stole 10 million dollars that he later transferred to multiple accounts in Europe in the US. Although this was an elegant job, he was shortly arrested in the UK.

#7

In 1996, an American hacker by the name of Timothy Lloyd managed to inject just six lines of malicious code into the network of Omega Engineering, one of the key suppliers for NASA and the US Navy. Under certain conditions, the “bomb” exploded and completely destroyed the software used in Omega Engineering’s production processes. This time, things got really serious, as the company estimated its losses at a staggering $10 mln.

#8

The Melissa virus became one of the largest Internet pandemics in history. It was written by David Smith from New Jersey with no direct intent to harm other computers, but soon proved to be very efficient in replicating itself, which quickly resulted in clogged communication lines and mail servers going down around the globe. The concept behind this macro virus was very simple. Melissa spread through Microsoft documents (Word and Excel) and mass-mailed itself when infected attachments were downloaded and opened. Third-party variations of Melissa were much more dangerous and targeted critical system files and users’ data. The unfortunate author of the original version, David Smith, was sentenced to 20 months in a federal prison and a fine of 5000 dollars.

#9

Michael Calce, known on the Internet as MafiaBoy, is another prodigy who “joined the dark side” at just 15 and caused one of the most notorious DDoS attacks in history against such companies as Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN between February 6 and Valentine’s Day in 2000. He secured access to 75 computers in 52 networks and launched a massive packet bombardment of these sites. The estimated amount of global economic damages from these attacks reached 1.2 billion, according to industry experts. Due to the hacker’s age, he was only sentenced to 8 months of “open custody”, a year of probation, restricted use of the Internet and a minor fine.

#10

A hacker group called MOD (Masters of Deception) was the ultimate example of how dangerous hackers can be when they act together. From 80s to 90s, this NY-based cybersquad successfully controlled all major telephone and X.25 networks, as well as backbones of the Internet that was gaining popularity at that time. MOD members reached unparalleled mastery in anonymous access to various systems using alternate handles, social engineering, discovery and exploitation of system vulnerabilities and loopholes, misdirection, backdoors and trojan horses. Although the group gained access to a huge array of confidential and secret information, none of it has ever leaked outside the group thanks to MOD’s philosophy and nearly religious principles. As a result of a large-scale operation by FBI and the secret service task force, 5 members of the group were arrested in 1992 and pleaded guilty in court.

The examples above are just the tip of the iceberg. Many more hackers have left their trace in history and demonstrated that knowledge and ingenuity combined with good social skills can lead to tragic outcomes. Since then, computer security has evolved into a separate industry, thousands of products have been released and countless IT security books have been published. However, just as in case with planes, tragedies mostly occur due to human factors – negligence, excessive trust and lack of proper attention to the design of isolated networks containing information that should not go public. Hacking a real and hackers can punish you for not assigning the right priority to IT security in your company or home. When online, trust only your intuition, experience and reliable security tools — and never let strangers cross the line of your online comfort zone.