In honor of Hack Week, we’re looking back on some classic hacks and their architects and, just for fun, pitting them against one another in the world cup of hacks. These nominees were gathered from the /Policy community (with apologies to worthy contenders not mentioned). Here is some background to inform your votes. Consideration should be given to skill, style and impact.
Gary McKinnon (2002) — Hacked the Pentagon in search of evidence of UFOs. It was called the biggest military hack of all time, although his intentions seemed pretty innocent.
Stuxnet (2009) — An epic attack apparently designed to cripple Iran’s nuclear weapons program. It relied on flash drives and human error to penetrate walled off networks. It also raises serious concerns. Former NSA and CIA director Gen. Michael Hayden, no friend to hackers and normally a staunch defender of U.S. military policy, had this caution: “There are those out there who can take a look at this… and maybe even attempt to turn it to their own purposes.”
Lulzsec (2011) — Made a splash taking down and replacing some big sites including, most famously, the CIA’s home page.
Kevin Mitnick (1990s) — Became well known when prosecutors decided to throw the book at him. The punishment didn’t seem to fit the crime, a preview of things to come. Mitnick’s specialty was social engineering.
Cyberattack on Estonia (2007) — A hack believed to originate in Russia took an entire country offline.
Captain Crunch (1960s) — Legendary phreaker/hacker who pioneered the Blue Box and helped define the hacker ethos and culture.
Mudge (1992-2000) — Peiter C. Zatko, better known as Mudge, is a network security expert, open source programmer, writer, and a hacker. He was the most prominent member of the high profile hacker think tank the L0pht as well as the long-lived computer and culture hacking cooperative the Cult of the Dead Cow.
Night Dragon (2011) — Chinese hackers working regular business hours shifts stole sensitive intellectual property from energy companies for as long as four years using relatively unsophisticated intrusion methods in an operation dubbed “Night Dragon.”
News International Phone Hacking (1990s-2011) — In a public scandal that threatened to bring down one of the world’s largest media conglomerates, it was discovered that employees of Rupert Murdoch’s business empire hacked the phones of a murdered schoolgirl, the British Royal Family, victims of the London tube bombings, and others.
Sony Hack (2014) — A cyber-invasion brought Sony Pictures to its knees and terrified corporate America.
IRS Hack (2015) — A 2015 cyber hack of the IRS potentially gained access to personal data from more than 700,000 taxpayer accounts.
U.S. OPM Hack (2015) — The Office of Personnel Management data breach has been called the greatest theft of sensitive personnel data in history. The hack wasn’t the biggest in terms of sheer numbers (18 million compared to the Anthem hack of 80 million users), but the target is key: a database of U.S. government employees.
MafiaBoy (2000) — At age 15, this Canadian hacker took down Yahoo!, eBay, eTrade, Buy.com, Amazon, CNN and Dell in the same week, costing those companies an estimated $1.7 billion in lost revenue. It was, at the time, declared the biggest hack in history.
ILOVEYOU (2000) — A computer worm that attacked tens of millions of Windows personal computers on and after 4 May 2000 local time in the Philippines, when it started spreading as an email message with the subject line “ILOVEYOU.” It may not be the biggest, but this worm helped shock the world into realizing how vulnerable their computers were.
geohot (2007-) — George Hotz is an American hacker who figured out how to jailbreak the iPhone, a relatively uptight mobile platform popular in North America.