February, 1998. Air Force and Navy computers are hit by malicious code that sniffed out a hole in a popular enterprise software operating system, patched its own entry point—then did nothing. Some attacks are routed through the United Arab Emirates while the U.S. is preparing for military action in Iraq. Turns out the attacks were launched by two teenagers in Cloverdale, Calif., and an Israeli accomplice who called himself the "Analyzer."
March, 1998, through 1999. Attackers use special code to gain access to Web sites at the Defense Dept., NASA, the Energy Dept., and weapons labs across the country. Large packets of unclassified data are stolen. "At times, the end point [for the data] was inside Russia," says a source familiar with the investigation. The sponsor of the attack has never been identified. The Russian government denied any involvement.
2004. Hackers believed to be in China access classified data stored on computer networks of defense contractor Lockheed Martin, Sandia National Labs, and NASA. The intrusions are identified by Shawn Carpenter, a cyber security analyst at Sandia Labs. After he reports the breaches to the U.S. Army and FBI, Sandia fires him. Carpenter later sues Sandia for wrongful termination. In February, 2007, a jury awards him $4.7 million.
2007. A new form of attack, using sophisticated technology, deluges outfits from the State Dept. to Boeing. Military cyber security specialists find the "resources of a nation-state behind it" and call the type of attack an "advanced persistent threat." The breaches are detailed in a classified document known as an Intelligence Community Assessment. The source of many of the attacks, allege U.S. officials, is China. China denies the charge.