The 10 Most Significant Nation-Backed Cyberattacks of 2020

From Australian wildfires to international marches for racial justice to a global pandemic, 2020 will be remembered as a year full of world-shifting events. Although some saw these events as an opportunity to come together for the greater good, others saw an opportunity to attack one another (we’re looking at you, nation-backed hackers). During a year when we relied on the Internet more than ever before, state-sponsored cyberattacks dramatically increased in sophistication and scale. The number of cyberattacks in 2020 may seem countless, but today we’re reviewing the ones that counted the most.

Here’s our list of the 10 most significant state-sponsored cyberattacks of 2020:

10. China Uncovers an 11-Year-Old, US-Backed Cyber Campaign

Chinese cybersecurity firm Qihoo 360 identified an eleven-year-long US-sponsored hacking campaign that impacted numerous domestic industries. According to Qihoo 360, US hackers from the Central Intelligence Agency (CIA) targeted the Chinese airline industry, internet companies, government agencies, and other sectors. Qihoo 360 publicly announcing the CIA-backed cyber operation is China reminding the world that the US is just as guilty of launching cyberattacks as other nations.

9. The Azerbaijani Armenian Conflict Escalates Online

As Armenian separatists and Azerbaijani government forces engaged in particularly violent clashes over the Nagorno-Karabakh region, hackers from both countries brought the conflict into cyberspace. From DDoS attacks against media platforms to defacing state websites, the two nations quickly ramped up the cyberattacks launched against one another. Cisco’s threat intelligence unit even detected a sophisticated cyber campaign that targeted Azerbaijani government IT systems and accessed specific diplomatic passports. These cyberattacks reveal a dark future of hybrid warfare, conducted both in our online and offline worlds.

8. Turkish-Backed Cyberattacks Against EU/Middle Eastern Targets

Western cybersecurity officials accused the Turkish government of launching cyberattacks targeting at least 30 entities in Europe and the Middle East. According to two UK officials and one US official, the ongoing cyber operation targeted government agencies, embassies, security services, and other organizations. The alleged Turkish-backed cyberattack utilized DNS hijacking techniques that intercepted online traffic to victim websites, potentially accessing sensitive data. This hacking campaign reveals how nations will continue to launch cyberattacks unchecked until cyber norms and rules are established.

7. China-Backed Hackers Target the Vatican

American cybersecurity firm Recorded Future detected an alleged Chinese state-sponsored cyberattack against the Vatican. Attributed to the China-backed hacker group RedDelta, the cyberattack broke into the Vatican’s computer network and monitored communications between the Hong Kong diocese and the Vatican. It is believed that the attack aimed to give the Chinese government an advantage in diplomatic negotiations regarding the appointment of bishops and the status of churches in China. This event proves that when it comes to nation-backed cyberattacks, there is no separation between church and state.

6. The WHO Becomes a Major Cyberattack Target

As the WHO focused on getting a handle on the COVID-19 pandemic, it was also defending against state-sponsored cyberattacks. With a more than two-fold increase in cyberattacks, the WHO had to double security staff and hire outside firms to protect their computer systems. This news story proves that even an international agency dedicated to public health is not immune to state-sponsored cyberattacks.

5. Cyberattack Disrupts the New Zealand Stock Exchange

In August, the New Zealand stock exchange was targeted by DDoS cyberattacks for several days. The cyber campaign was so severe that the stock exchange had to close operations at one point, forcing the government to activate the National Security System. Although officials haven’t determined the culprit or the motive behind the cyberattacks, the DDoS campaign has been identified as being launched from an “offshore” location. Whatever the motive, no nation should launch cyberattacks that interfere with the stability of another nation’s financial market.

4. The Israel and Iran Cyber Conflict

This year, Iran and Israel launched cyberattacks against each other’s utilities and ports, impacting their citizens and disrupting crucial services. This incident represents one of the first times that governments quickly engaged in a tit-for-tat cyber conflict in a very public fashion. Previously, government responses to cyberattacks were often carefully planned, such as imposing sanctions instead of launching destructive online attacks. This is an alarming glimpse into how quickly the tension between two powerful countries can escalate into full-blown offensive cyber operations.

3. Russian-backed APT29 Allegedly Targeted COVID-19 Vaccine Research

The United Kingdom, Canada, and the United States publicly accused Russia-backed hackers APT29, a group implicated in the 2016 US election hack, of targeting numerous organizations involved with COVID-19 vaccine development in an alleged attempt to steal research. Even though details are still emerging, there were a rapidly increasing number of cyberattacks against our world’s medical infrastructure during the global pandemic. These types of attacks pose a serious public health risk by undermining research integrity and delaying clinical trials.

2. The SolarWinds Hack

Last year, nation-backed hackers targeted the IT firm SolarWinds, infecting their computer system with malicious code that later spread to the firm’s +15,000 clients. The hacker group gained access to computer systems of numerous Fortune 500 companies and US government departments, including Intel, Cisco Systems, the US Treasury, the Pentagon, and the National Nuclear Security Administration. Several US intelligence agencies later released a statement saying the cyberattack was “likely Russian in origin.” Even though the full extent of the cyberattack is still unknown, the SolarWinds hack is already considered one of the biggest cyberattacks to hit the US government.

1. The World’s First Cyberattack Fatality May Have Occurred

In September 2020, Düsseldorf University Hospital was hit by a ransomware attack, rendering the hospital unable to accept emergency patients. After being re-routed to another hospital over 20 miles away, a German woman in critical condition passed away. The incident sparked an international debate on whether the woman’s death marked the first fatality caused by a cyberattack. Although Cologne’s chief public prosecutor Markus Hartmann determined the attack was not responsible for her death, the tragedy served as a wake-up call to what can happen if cyberattacks are left unchecked by our world leaders.
[SIDE NOTE: Big shout out to Manuel Atug for the fact check!]

There’s clearly a desperate need for a safer, more secure Internet—these attacks are just the tip of the iceberg! But don’t let this discourage you, use it as inspiration to keep fighting. We have the power to protect our shared digital space by calling on world leaders to end cyberwarfare. For the sake of our online and offline world, keep pushing for digital peace.