Freeman Spogli Institute for International Studies Program on Energy and Sustainable Development Stanford University


Image of Cover

More Shots Fired on the Cyber Front: Key Takeaways From Operation Troy

Opinion Piece/Newspaper Article

Timothy Junio - Cybersecurity Fellow, CISAC

Published by
The Huffington Post, July 11, 2013

A new report by McAfee Labs has traced years of cyberattacks on South Korean and U.S. military systems to one common hacker group. The group responsible, called "Operation Troy," launched a massive cyberattack against South Korean banks, government and news websites, and early-on, some U.S. government websites. The group also tried to steal national security information. 

Junio comments that the most important lesson from these attacks is that low-capability cyber actors can cause major damage; they do not need Stuxnet-level skills to achieve their goals. Operation Troy was willing to wait patiently for users to make security mistakes; bureaucracy and poor law enforcement ensure that the activity can lay low for years without being detected.