August 2011 Cyber Attacks Timeline (Part I)
Update Sep 2: August 2011 Cyber Attacks Timeline (Complete List)
It looks like the Dog Days did not stop the Cyber Attacks, which have been particularly numerous during August. This is the reason why I decided to divide my traditional collection in two parts. Today it is the turn of the first half covering the interval 1-15 August.
Following the trail of July, an attack against PCS Consultants, another U.S Government contractor opened this hot month, even if the controversial shady RAT affair monopolized (and keeps on to monopolize) the infosec landscape (and not only during the first half of the month). Easily predictable nearly every endpoint security vendor (and McAfee competitors) tend to minimize the event considering it only the latest example of RAT based cyber attacks with no particular features (see for instance the comment by Sophos, Kaspersky and Symantec).
Analogously the Dog Days did not stop hactivism with the infamous hacking group Anonymous (and its local “chapters”) author of several attacks in different countries and most of all of author of a kind of arm wrestling against BART (Bay Area Rapid Transit), sometimes carried out with questionable methods. Research in Motion was indirectly involved on the Anonymous Campaign during the London Riot, but also Anonymous was hit by (another) defacement attack carried on by Syrian hackers which affected Anonplus, the alternative Social Network.
South Korea was also hit with another massive breach (but the story for SK does not end here).
According to my very personal estimates, based on the Ponemon Institute indications, the cost for the data breach for which enough information was available, is around $ 43 million.
Another U.S. Government contractor, PCS Consultants gets hacked by Anonymous & Antisec. Hackers extract website Database and leak it on the internet via Twitter on Pastebin (as usual!). Leaked Data include Admin’s and 110 users emails, plus passwords in encrypted hashes.
72 hours after the first defacement, Vitrociset, a contractor of Italian Cyber Police, is hacked and defaced again by Anonymous.
|Aug 3||United Nations (Shady RAT)
In an interview to Vanity Fair (as to say, information Security is a fashion), a McAfee Security Researcher declares UN and other international institutions have been victims of a large scale Remote Access Tool based attack from a Foreign Country. The attack is dubbed shady RAT and suspects are directed to China.
|Remote Access Tool|
Anonymous and Colombian Hackers shut down the websites of Colombia’s president, the interior and justice ministry, the intelligence service DAS and the governing party. The hacker attack was meant as a protest against government censorship.
|Aug 3||The SUN and News Corp. InternationalBritain’s Rupert Murdoch-owned tabloid The Sun sends a message to readers warning them that computer hackers may have published their data online after an attack on the paper’s website last month. A hacker styled ‘Batteye‘ claims to have posted details taken from The Sun on the Pastebin.||SQLi?|
|Aug 3||Front National
As a consequence of the Massacre of Oslo, Anonymous France claims to have hacked a server belonging to Front National, leaking a list of 100 leaders of the party
Eight weeks after a hacker cracked its credit card database, the company’s credit card unit in Japan, Citi Card, reported in a message to its user base that “certain personal information of 92,408 customers has allegedly been obtained and sold to a third party illegally.” Estimated cost of the breach is about $19.8 million.
|Aug 6||Law Enforcement Agencies
After the first attack to Law Enforcement Institutions in July, Anonymous and LulzSec, as part of what they define the ShootingSheriffsSaturday, leak again 10 Gb of Data from the same Law Enforcement Agencies, including private police emails, training files, snitch info and personal info. The attack was made in retaliation for anonymous arrests
|Aug 6||SAPPE (Sindacato Autonomo Polizia Penitenziaria)||SQLi?|
|Aug 6||Policia Federal (Brazilian Police)
LulzSec Brazil hacks Brazilian Police and discloses 8 gb of data from what they defined the Pandora’s Box
|USB Key Stolen?|
|Aug 7||Syrian Ministry of Defense
The Syrian Ministry of defense is hacked by Anonymous which defaces the web site and post a note supporting the Syrian people
|Aug 9||Anonplus (Anonymous Social Network)
In retaliation for the defacement of the Syrian Ministry of Defence, a Syrian Group of hackers dubbed Syrian Electronic Army, has defaced (for the third time), Anonplus, the alternative Social Network in phase of deployment by Anonymous, posting several gruesome images.
|Aug 9||Research In Motion
As an (in)direct consequence of the London Riots, a crew of hackers called TeaMp0isoN defaces The Official BlackBerry Blog after RIM has indicated to assist London police, who are investigating the use of the messaging service in organizing riots, with a “very extensive monitoring of the BlackBerry Messenger model”.
| Aug 9
As part of Operation Antisec, LulzSec and Anonymous, release 5gb of documents, photos, audio files and videos, exposing that wich was one of the greatest corruption scandals in the recent history of Brazil
||University Of Wisconsin Milwaukee
The Social Security numbers of 75,000 students and employees at the University of Wisconsin-Milwaukee arE exposed after hackers planted malware in a campus server.ty-of-wisconsin-server. Estimated Cost of the Breach is $16 million.
||Hong Kong Stock Exchange (HKEx)The Hong Kong stock exchange (HKEx) halts trading for seven stocks in the afternoon trading session after its website was attacked during the morning trading session. The seven stocks in question were all due to release sensitive results to the website that could impact the price of their stocks. Initially the attack was believed to have compromised the web site. Later it was discovered to be a DDoS||DDoS|
An hacker called Headpuster, to protest against the sale of user data to a third party operator, hacks Welt.de using an SQL Injection (http://boot24.welt.de/index_welt..php?ac =***) and steals a large amount of data including credit card information of 30,264 users from the database He then publishes censored excerpts. Estimated cost of the breach is around $6.5 million.
||Hong Kong stock exchange (HKEx)
The Hong Kong stock exchange comes under attack for the second day in a row on Thursday. The exchange blamed a Distributed Denial of Service (DDoS) attack against its news web server, hkexnews.hk. A Suspect has been arrested on Aug, the 23rd.
As part of their #OpBART and #Bart-Action in response to a temporary shutdown of cell service in four downtown San Francisco stations to interfere with a protest over a shooting by a BART police officer, Anonymous attacks the myBART.org website belonging to San Francisco’s BART (Bay Area Rapid Transit) system. They perform a SQL injection (SQLi) attack against the site and extract 2,450 records containing names, usernames, passwords (plain text), emails, phone numbers, addresses and zip codes. Estimated Cost of the Breach is $524,300.
||GOMTV.NETAfter SK, Another South Korean service provider reports a large-scale data breach of usernames and passwords for subscribers worldwide. This time, it’s the turn of Seoul-based streaming media service GOMTV to suffer a data-spilling intrusion. According to GOM TV, the breach happened early in the morning of Friday 12 August 2011 Korean time; the company sent out a warning email to its subscribers on Sunday 14 August 2011.||SQLi?|