In this video, you will learn to describe the second major factor that contributed to the rise of cybersecurity attention in the US. The next step or the next big thing that happens that change almost everything for the last 20 years was the 9/11. The 9/11 obviously was something physical, was couple of planes that crashed into the Twin Towers in New York. But one of the things that the US government tried to understand also was, first of all, how this could happen, how the coordination between different parts happens. What happen if there is a 9/11 but not necessarily on the physical world, but on the technology? Something like the destruction of the power plant or the destruction of electricity network or the power network into or in any major or important city. One of the important things to keep an eye on right now is the use of technology for almost anyone. So basically anyone right now has a cell phone. Anyone can access data. Anyone can upload and download data from the Internet. We are going to talk about this specific topic in a couple of minutes, but that's something important to understand. We have access to the technology. In those years, in the Reagan years, not everybody has access to that technology. But right now, anyone could actually start and attack using their cellphone, using their computer in their home. So that's something important also to understand, the use of technology. Here we have some nice early operations regarding cybersecurity in the nation, state, or a cyberwar to be specific. One nice operation was Clipper Chip operation developed by the NSA. In simple words, this operation was something that those guys in the NSA tried to incorporate like a chip into any landline for phones in most of the US homes to try to spy the communications. Obviously that project, that operation didn't go well, didn't receive any approval from the Congress. But since the last leaks from Edward Snowden, we already know that, well, it's not Clipper Chip, the operation that goes into operation. It was something different that catch not just communications over the landlines, but also communications over emails and other communication methods. Moonlight Maze was an operation actually that's pretty important to understand. In the year 2000, Newsweek report create a series of reports regarding the Moon Maze story. In simple words, Moon Maze operation was the process to collect or dump passwords from Unix and Linux servers, not just from the NSA, but also from the NASA, the Department of Defense, and a couple of other organizations in the United States. This operation was one of the first things that happened on the cybersecurity warfare arena. Well, at this moment, there is no indicator or there is no relaxation for nation or for someone in another country that perform this attack. But it's supposed to be that the Russians that perform these operations. The tool that they use to launch this attack was something lucky tool. One particular thing that happened with this operation is the attackers use a lot of proxies. So they, in fact, computers around the world, especially in United States, and they hide their real connection using those computers. So when they start, sorry. When the US government start looking and monitoring the unauthorized access and the activities on those networks on the NSA, on the NASA, on the Department of Defense networks, they collect information not from the real attackers. They collect information from the proxies that the attackers are actually using. Another operation, the Solar Sunrise. This operation is important. This operation has one interesting component here. First of all, this operation was a series of attacks to the Department of Defense computer networks. It launched on February of '98. Essentially, they exploit a known vulnerability on operating system, on the network of the Department of Defense. They use or they start the attack following a series of steps. Actually that's part of the interesting part of the operation. They tried to determinate or understand if the vulnerability that the attacker wants to exploit exists on the network. If the vulnerability exist, they exploit a vulnerability. They implant in a program like backdoor or a sniffer to gather data or to get information from the network. The system lift the backdoor and the sniffer there and return later to retrieve the collected data. The attackers launched not just this attack for the Department of Defense network, but also for the Air Force, Navy, the Marine Corps, and also in another countries such as Israel, France, Germany, and they target some of the key parts of the network. They tried to dump also passwords and documents from the technological or from the infrastructure on the networks that they attack. But the interesting part here is who launch this attack? It was something, I don't know, maybe the terrorist, maybe a rogue state such as Iraq or something like that. Well, no. Actually the attack was launched by two teenagers from California. Actually one of the teenagers was from Israel. So this is a good example of things that could happen even if we are not dealing with the nation state cyber command on what things could happen if we do not secure our network. The Buckshoot Yankee was categorized as the most significant breach of the US military computers ever by the Secretary of Defense, Willian J. Lynn. This operation was part of a series of compromises on the year 2008. Everything starts with USB drive inserted into a computer in the Middle East military based operation. They used Trojan called Agent.BTZ, and the Trojan, the worm keep or stay on the network for 14 months until the IT security staff from the military clean the infection. No one, at this moment, has attributed the attack. It seems like it's from China, but there is no real accusation right now on the courts. So that's one important major security breach and security operation, or cyberwarfare operation from the last 10-15 years. Then we have some other examples. Desert Storm operation on the early '90s and the Bosnia war. Actually wars are not necessarily cyberwars, but there is a component for the cyberwar there. For example on the Desert Storm, some of the radars that Saddam Hussein used to try to alert their military forces that airplanes are coming to destroy bases or things like that. Some of the radars are destroyed or are tampered with fake formation. So that's one of the things that the US military command used to successfully attack some of their key military buildings of Saddam Hussein. On Bosnia, there was a lot of cyber operations. But things like, for example, fake news, fake information delivered to the militaries in the field, things like that, was used in Bosnia.
