About these ads
Home > Cyber Attacks Timeline, Cyberwar, Security > August 2011 Cyber Attacks Timeline (Part I)

August 2011 Cyber Attacks Timeline (Part I)


Update Sep 2: August 2011 Cyber Attacks Timeline (Complete List)

It looks like the Dog Days did not stop the Cyber Attacks, which have been particularly numerous during August. This is the reason why I decided to divide my traditional collection in two parts. Today it is the turn of the first half covering the interval 1-15 August.

Following the trail of July, an attack against PCS Consultants, another U.S Government contractor opened this hot month, even if the controversial shady RAT affair monopolized (and keeps on to monopolize) the infosec landscape (and not only during the first half of the month). Easily predictable nearly every endpoint security vendor (and McAfee competitors) tend to minimize the event considering it only the latest example of RAT based cyber attacks with no particular features (see for instance the comment by Sophos, Kaspersky and Symantec).

Analogously the Dog Days did not stop hactivism with the infamous hacking group Anonymous (and its local “chapters”) author of several attacks in different countries and most of all of author of a kind of arm wrestling against BART (Bay Area Rapid Transit), sometimes carried out with questionable methods. Research in Motion was indirectly involved on the Anonymous Campaign during the London Riot, but also Anonymous was hit by (another) defacement attack carried on by Syrian hackers which affected Anonplus, the alternative Social Network.

South Korea was also hit with another massive breach (but the story for SK does not end here).

According to my very personal estimates, based on the Ponemon Institute indications, the cost for the data breach for which enough information was available, is around $ 43 million.

Date Author Description Organization Attack
Aug 1

PCS Consultants

Another U.S. Government contractor, PCS Consultants gets hacked by Anonymous & Antisec. Hackers extract website Database and leak it on the internet via Twitter on Pastebin (as usual!). Leaked Data include Admin’s and 110 users emails, plus passwords in encrypted hashes.


SQLi?
Aug 2
Vitrociset

72 hours after the first defacement, Vitrociset, a contractor of Italian Cyber Police, is hacked and defaced again by Anonymous.


SQLi? Defacement
Aug 3
United Nations (Shady RAT)

In an interview to Vanity Fair (as to say, information Security is a fashion), a McAfee Security Researcher declares UN and other international institutions have been victims of a large scale Remote Access Tool based attack from a Foreign Country. The attack is dubbed shady RAT and suspects are directed to China.


Remote Access  Tool
Aug 3
Colombia

Anonymous and Colombian Hackers shut down the websites of Colombia’s president, the interior and justice ministry, the intelligence service DAS and the governing party. The hacker attack was meant as a protest against government censorship.

DDoS
Aug 3
The SUN and News Corp. InternationalBritain’s Rupert Murdoch-owned tabloid The Sun sends a message to readers warning them that computer hackers may have published their data online after an attack on the paper’s website last month. A hacker styled ‘Batteye‘ claims to have posted details taken from The Sun on the Pastebin. SQLi?
Aug 3
Front National

As a consequence of the Massacre of Oslo, Anonymous France claims to have hacked a server belonging to Front National, leaking a list of 100 leaders of the party


?
Aug 5 ?

Citi Cards Japan (Citigroup)

Eight weeks after a hacker cracked its credit card database, the company’s credit card unit in Japan, Citi Card, reported in a message to its user base that “certain personal information of 92,408 customers has allegedly been obtained and sold to a third party illegally.” Estimated cost of the breach is about $19.8 million.


unfaithful outsourcer
Aug 6 Law Enforcement Agencies

After the first attack to Law Enforcement Institutions in July, Anonymous and LulzSec, as part of what they define the ShootingSheriffsSaturday, leak again 10 Gb of Data from the same Law Enforcement Agencies, including private police emails, training files, snitch info and personal info. The attack was made in retaliation for anonymous arrests


SQLi?
Aug 6
SAPPE (Sindacato Autonomo Polizia Penitenziaria)

Anonymous defaces the Web Site of SAPPE (Independent Union of Prison Guards) and leaves a message on pastebin (here in italian) claiming more rights for detainees


SQLi?
Aug 6
Policia Federal (Brazilian Police)

LulzSec Brazil hacks Brazilian Police and discloses 8 gb of data from what they defined the Pandora’s Box


USB Key Stolen?
Aug 7
Syrian Ministry of Defense

The Syrian Ministry of defense is hacked by Anonymous which defaces the web site and post a note supporting the Syrian people


Defacement
Aug 9
Anonplus (Anonymous Social Network)

In retaliation for the defacement of the Syrian Ministry of Defence, a Syrian Group of hackers dubbed Syrian Electronic Army, has defaced (for the third time), Anonplus, the alternative Social Network in phase of deployment by Anonymous, posting several gruesome images.


Defacement
Aug 9
Research In Motion

As an (in)direct consequence of the London Riots, a crew of hackers called TeaMp0isoN defaces The Official BlackBerry Blog after RIM has indicated to assist London police, who are investigating the use of the messaging service in organizing riots, with a “very extensive monitoring of the BlackBerry Messenger model”.


SQLi?
Aug 9
Operation Satiagraha

As part of Operation Antisec, LulzSec and Anonymous, release 5gb of documents, photos, audio files and videos, exposing that wich was one of the greatest corruption scandals in the recent history of Brazil


SQLi?
Aug 10 ?
University Of Wisconsin Milwaukee

The Social Security numbers of 75,000 students and employees at the University of Wisconsin-Milwaukee arE exposed after hackers planted malware in a campus server.ty-of-wisconsin-server. Estimated Cost of the Breach is $16 million.


APT
Aug 10 ?
Hong Kong Stock Exchange (HKEx)The Hong Kong stock exchange (HKEx) halts trading  for seven stocks in the afternoon trading session after its website was attacked during the morning trading session. The seven stocks in question were all due to release sensitive results to the website that could impact the price of their stocks. Initially the attack was believed to have compromised the web site. Later it was discovered to be a DDoS
DDoS
Aug 12 Headpuster
Welt.de

An hacker called Headpuster, to protest against the sale of user data to a third party operator, hacks Welt.de using an SQL Injection (http://boot24.welt.de/index_welt..php?ac =***) and steals a large amount of data  including credit card information of 30,264 users from the database He then publishes censored excerpts. Estimated cost of the breach is around $6.5 million.


SQLi?
Aug 12 ?
Hong Kong stock exchange (HKEx)

The Hong Kong stock exchange comes under attack for the second day in a row on Thursday. The exchange blamed a Distributed Denial of Service (DDoS) attack against its news web server, hkexnews.hk. A Suspect has been arrested on Aug, the 23rd.


DDoS
Aug 14
Mybart.org

As part of their #OpBART and #Bart-Action in response to a temporary shutdown of cell service in four downtown San Francisco stations to interfere with a protest over a shooting by a BART police officer, Anonymous attacks the myBART.org website belonging to San Francisco’s BART (Bay Area Rapid Transit) system. They perform a SQL injection (SQLi) attack against the site and extract 2,450 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes. Estimated Cost of the Breach is $524,300.


SQLi
Aug 15 ?
GOMTV.NETAfter SK, Another South Korean service provider reports a large-scale data breach of usernames and passwords for subscribers worldwide. This time, it’s the turn of Seoul-based streaming media service GOMTV to suffer a data-spilling intrusion. According to GOM TV, the breach happened early in the morning of Friday 12 August 2011 Korean time; the company sent out a warning email to its subscribers on Sunday 14 August 2011.
SQLi?
About these ads
  1. Temp Name
    August 30, 2011 at 8:46 pm

    Extremely thorough charts. The best I could find on the net, please keep up the good work!

  2. August 30, 2011 at 9:10 pm

    I remember a few years ago when I first undertook a quest to learn about hacking, penetration testing,…there was virtually nothing going on. Anonymous, lulzsec,…and the rest of this shit did not yet exist. It was a wonderfull time for me. I must admit I had a good time just tinkering on my computer every day as if nothing else existed in the whole wide world. Of course at times it seemed very mundane but I was not really looking for excitement. Now this shit storm has come and I just waiting for it to pass so that I can return again to what I was doing before in peace and isolation.

  1. August 30, 2011 at 3:10 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 2,898 other followers