Archive
March 2013 Cyber Attacks Statistics
It is time to summarize the timelines of March (part I and part II) into statistics. Of course this exercise does not aim to be exhaustive but only to provide a snapshot of the current landscape.
The Daily Trend chart shows a decrease of the attacks in the second part of the month with an isolated peak on the 20th: the day of the wiper attack in Korea. Except for this the trend is clearly decreasing
Hacktivism is still on top of the Motivations Behind Attacks chart with 50% of occurrences. Same rank and a value similar to the previous month when it was at 56%. Also March confirms that Cyber Espionage campaigns are becoming more and more frequent (or at least deserve an important coverage on the chronicles). Symptom of a growing attention or simply a media hype?
The Distribution Of Attack Techniques is influenced by the Operation Ababil against U.S. Banks, that has pushed the DDoS at number one with nearly one attack above two during this month. This is very different from the previous month when SQLi led the chart with 34%. Even in this case it is important to notice the growing presence of targeted attacks on the chart (strictly related to the growing coverage of Cyber Espionage campaigns).
Last, but not least, the Distribution of Targets chart shows the financial targets at number one with nearly 30% (a clear influence of the attacks against U.S. Banks). Governmental targets are immediately behind with 25.5%. At number three a (relatively) new entry: target belonging to the news sector gain the bronze medal with the 12.4% of occurrences.
As usual, as I told before, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 March 2013 Cyber Attacks Statistics
Here are the statistics for the main cyber attacks collected during the first half or March and reported inside the corresponding Timeline.
The Daily Trend chart shows quite an heterogeneous shape, with a peak occurring on the 13th mainly due to the wave of defacements against high profiles Philippine governmental targets. Instead the wave of DDoS attacks in the Czech Republic is the cause of the peaks occurred during the 4th, the 6th and the 7th.
The Motivations Behind Attacks chart shows a revamp of Cyber Crime, at number one with the 49% of attacks (against the 31% of the previous month). However the influence of hacktivism remains equally high (48%).
The Distribution Behind Attacks is influenced by the waves of attacks in Czech Republic and by the third phase of the Operation Ababil. As a consequence the DDoS flies at the first place of the chart, slightly above the 50%, and well beyond SQLi that ranks at the second place with “only” 13.2% of occurrences.
But the effect of the wind of hacktivism does not end here. In fact the Distribution of Targets chart puts financial targets at number one with 27.5% of occurrences, immediately above governmental (26.4%) and twice as higher as news media, at number three with 14.3 of occurrences. It is interesting to note the “fall” of the targets belonging to industry, that, in the first two weeks of March, collected a “poor” 9.9% (but maybe this is one of those chart in which the smaller the value, the better it is).
I will never give up repeating that the sample must be taken very carefully and does not pretend to be exhaustive, since it refers only to discovered attacks included in the 1-15 March Cyber Attacks Timeline (the so-called tip of the iceberg). The purpose is only to provide an high level overview of the “cyber landscape”.
In any case, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- February 2013 Cyber Attacks Statistics (hackmageddon.com)
- 1-15 March 2013 Cyber Attacks Timeline (hackmageddon.com)
February 2013 Cyber Attacks Statistics
Quick Update: More and more visitors ask where the data for the statistics is collected from. It is indicated at the end of each post, but for those that do not feel like to read until the bottom: the stats are an aggregation of the corresponding Cyber Attack Timeline of the current month.
Although the number of Cyber Attacks in February has not reached the level of January, the level of attention in this part of the year remains high.
The Daily Trend of Attacks chart clearly shows a peak around the 23th of February, the International Privacy Day, when the Anonymous unleashed their OpBigBrother, concentrating the fire against industries related to Video Surveillance and several Law Enforcement Institutions. Other “trafficked” day of the month were the 3rd and the 15th.
The Motivations Behind Attacks chart confirms the prevalence of hacktivism with 56% of occurrences, exactly the same percentage observed in January. Cyber Crime is stable at number two, even if its percentage dropped from 40% to 31%. It is interesting to notice, month after month, the growing number of Cyber Espionage campaigns discovered.
SQLi leads the Distribution Of Attack Techniques chart with 34.3% of occurrences, a value similar to the one encountered in January (32.6%) when this category of attacks ranked at number two. One month ago, the first place was for DDoS, which apparently is loosing appeal in February, dropping from the first to the fifth place with a small 8%, far from the 39% of the previous month and also overtaken, by Targeted Attacks (11.7%). The next months will tell us if this is the beginning of a new trend or simply an isolated sporadic event.
Last but not least,industry targets lead the Distribution Of Targets charts. This is a consequence of the spree of attacks against video surveillance industries happened on February the 23rd. Governmental targets confirm their second place with a value (23.7%) close to the one registered during the previous month. Targets belonging to organizations rank at the third place, in front of financial targets.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 and 16-28 February 2013 Cyber Attacks Timelines (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- January 2013 Cyber Attacks Statistics (hackmageddon.com)
- 16-28 February 2013 Cyber Attacks Timeline (hackmageddon.com)
- 1-16 February 2013 Cyber Attacks Timeline (hackmageddon.com)
1-15 February 2013 Cyber Attacks Statistics
It is time for the statistics related to the Cyber Attacks occurred during the first half of January and inserted into the the corresponding timeline.
The Daily Trend of Attacks shows two major peaks, during the 3rd of February (corresponding to the wave of DDoS attacks against Egypt Governmental targets carried on in name of OpEgypt), and just at the end of the month, when the attacks in name of OpKashmir became stronger. A third peak is visible during the 8th and, not a coincidence, it is still due to hacktivism, and in particular to the so-called OpBankUnderAttack.
The Motivations Behind Attacks Chart confirms the trend consolidated in January with Hacktivism still at the top with exactly the same percentage (56%). Cyber Crime Ranks at the second please with one half of the occurrences (28%). It is interesting to notice the Cyber Espionage that has reached its higher value (9%), maybe a consequence of the hype surrounding APT that is characterizing this period. For the first time I also had to insert a new motivation: Art. Frankly I did not find any other way to explain the Democratization of the Offshore Business made by the Italian Artist Paolo Cirio.
SQL Injection keeps on leading the chart related to the Distribution Of Attack Techniques with 31% of occurrences, almost double than DDoS at the second place with 15.6%. It is particularly interesting to notice the presence of Targeted Attacks at the third place, the higher rank ever reached so far. Media hype on the wake of the clamorous attacks of the last days, or a real increased effectiveness of the technologies that allow to detect an increasingly growing number of attacks belonging to this class of threats?
Last but not least, the Distribution of Targets Chart confirms governmental targets at the first place with nearly 30%, immediately followed by, as usual, industries (18.8%) and organizations (12.5%). In any case the level of attention of crooks is also high against targets belonging to the Financial and News sector, which steadily rank respectively at number 4 and 5 of this unwelcome chart with the 10.9% and 9.4%. The others follow….
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 February 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
January 2013 Cyber Attacks Statistics
Here are the statistics related to the Cyber Attacks included inside the January 2013 Cyber Attacks Timelines. A terrible month that has seen an unprecedented number of Cyber Attacks.
The Daily Trend Of Attacks emphasizes the peak in the second half of January, in particular the 24th has seen a surprisingly high rate due to the massive (and last, at least so far) wave of DDoS attacks against the U.S. Banks.
The Motivations Behind Attacks Chart confirms the influence of hacktivism in this early 2013. More than half of the attacks (more precisely the 56%) were motivated by this reason. From this point of view the new year begins in a complete different way than 2012 when, despite the peak of attacks on the wake of the Megaupload shutdown, Cyber Crime led the chart with the 54% (against the 40% motivated by Hacktivism).
Easily predictable, the plenty of attacks against U.S. Banks has brought the DDoS on top of the Distribution Of Attack Techniques Chart with almost the 40% of occurrences. SQLi follows closely with the 33%. It is interesting to notice the relatively high impact of Targeted Attacks (3.8%) mainly due to the sudden disclosure of (purported) Chinese Cyber Attacks against U.S. Media.
Again, the attacks against U.S. Banks push the finance targets on top of the Distribution Of Targets Chart, ten points ahead of Governmental targets that, at least for this time, rank at the second place with the 21% of occurrences. Targets belonging to industry rank at the third place with the 13%.
Even in this promising 2013, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
1-15 January 2013 Cyber Attacks Statistics
Here are the statistics for the Cyber Attacks occurred in the first half of January 2013 and included inside the corresponding Cyber Attack Timeline.
The Daily Trend of January shows a couple of peaks in correspondence of the 3rd and the 10th of January, during the DDoS attacks of the Izz ad-Din al-Qassam Cyber Fighters (another minor peak occurred during the 8th of January. On average the sample included 4.67 attacks per day.
Even the attack by the Islamist collective contributed to the overtake of the hacktivism against cyber crime shown in the Motivations Behind Attacks chart. One attack on two of the sample was done for this purpose, even if the authors with different connotations: from the protests against the infamous video “The Innocence of Muslims”, to the retaliation for the suicide of Aaron Swartz, going through the different operations carried on by the Anonymous.
In any case, the Distribution of Attack Techniques chart shows frequency of DDoS Attacks did not prevent the SQL Injection of being the preferred weapon for cybercrooks with the 35% of occurrences. DDoS is immediately behind with the 27% of occurrences.
However, the Distribution Of Targets chart shows that targets belonging to finance were the most preferred in this period with the 25% of preferences, certainly a consequence of the wave of DDoS attacks against US Banks. Governmental targets are very close with the 24% of occurrences. Industry targets complete the podium with the 13%, just before targets belonging to Organizations and Education, respectively with the 8% and 7%.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
Related articles
- 1-15 January 2013 Cyber Attacks Timeline (hackmageddon.com)
- December 2012 Cyber Attacks Statistics (hackmageddon.com)
December 2012 Cyber Attacks Statistics
December (and hence this 2012) is gone, so it is time to analyze the statistics for the corresponding Cyber Attacks Timelines.
According to the Daily Trend of December, the Christmas break has not stopped the hackers. The trend is quite constant (with a decrease around the end of the month) and with a peak around the 21st of December (the alleged End of the World according to the Mayan Calendar).
The Motivations Behind Attacks chart shows an inversion of tendency in comparison with November. Cyber Crime and Hacktivism had nearly the same impact with respectively the 47% and 46% of occurrences. It is also interesting the presence of Cyber Warfare and Cyber Espionage Campaigns (mainly concentrated in the East).
Also in December, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection, even if with a slightly lower impact than the previous month when it was at the 52%: nearly one attack on three has been carried on with this technique. Instead, in almost one attack on four, there was not enough information. Despite the attacks by Izz ad-Din al-Qassam Cyber Fighters, the weight of DDoS is progressively decreasing (this category ranks at number four with the 17% of occurrences), while, on the other side, the number of discovered targeted attacks is growing. Maybe they are increasingly attracting the attention of Security Researchers.
Again an inversion in comparison with November: the Distribution Of Targets chart shows that in the December cyber-crooks diverted their attention for targets belonging to the Government sector, even if industries and organizations are very close (the peak of the latter is due to the campaign of the Anonymous against the Westboro Baptist Church. It is also interesting to notice the peak of attacks against Financial institutions mainly due to the waves of DDoS attacks against the U.S. Bank.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the December Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- November 2012 Cyber Attacks Statistics (hackmageddon.com)
- October 2012 Cyber Attacks Statistics (hackmageddon.com)
1-15 December 2012 Attack Statistics
Let us gave a look to the landscape of Cyber Attacks, during the first half of December 2012. Apparently cybercrooks are taking a break for Christmas, since, according to my selection Criteria, the number of attacks has shown a small decrease in comparison with the previous months.
The Daily Trend shows an inconstant trend with two peaks around respectively the 3rd December and the 11th and 12th (the latter due to the peak of Cyber Attacks against the US Banks).
The Motivations Behind Attacks chart shows, for the first time since August, the overtake of Hacktivism against Cyber Crime. Let us see if this trend will be confirmed until the end of the year.
The Distribution Of Attacks chart confirms that SQL Injection confirms to be the weapon preferred by Cyber Attackers with nearly one third of the occurrences (the value reaches nearly the 40% if one sums also the cases in which the attack seems to have been carried on with this technique but no enough evidences have been collected). In my opinion it is also important to notice the presence in the chart of several attacks perpetrated exploiting application vulnerabilities, but also the growing presence of targeted attacks (as usual you can find the details on the corresponding Cyber Attack Timeline.
Instead, at least for the first half of the month, the Distribution of Targets chart seems quite fragmented. Governmental targets lead the chart, but Financial, Industrial and Organizational targets are very close. Maybe the fragmentation depends from the partial sample. The second half of December will tell us if cybercrooks will concentrate their attacks against a specific sector.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.
November 2012 Cyber Attacks Statistics
From an information security perspective, November has been a month with two faces. The first part of the month has been characterized by hacktivism, nevertheless the Cyber Crime has reached an unprecedented level with the 69% of occurrences.
Let us begin with the Daily Trend chart. This chart confirms the influence of cyber attacks motivated by hacktivism in the first half of the month that explain the peak around the 5th of November.
Despite the peak of attacks motivated by hacktivism occurred in the first half of the November, the Motivations Behind Attacks chart confirms the predominance of Cyber Crime with nearly the 69% of occurrences, followed by Hacktivism with the 28%. This growing trend of Cyber Crime is in line with the previous months even if the frequency has reached an unprecedented value (the higher so far).
Also in November, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection. Nearly one attack on two has been carried on with this technique. It is also interesting to notice the presence of DNS Poisoning: November has brought three attacks executed with this method.
The Distribution Of Targets chart shows the preference of cyber-crooks for targets belonging to the Industry sector. Even if the difference with governmental targets is only one point (19% against 18%), this is in contrast with the previous month where the ranks were exactly opposed (governmental targets led the chart with the 31%). Educational targets are “stable” at the 11% (were the 13% during the previous month). Curiously this month has registered a peak of attacks against Torrent sites.
As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the November Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- 1-15 November 2012 Cyber Attacks Statistics (hackmageddon.com)
- October 2012 Cyber Attacks Statistics (hackmageddon.com)
1-15 November 2012 Cyber Attacks Statistics
This November 2012 seems really to be endless from an Information Security Perspective. We have assisted so far to a remarkable number of Cyber Attacks.
As usual is it time to provide the partial snapshot of November taken from the corresponding Cyber Attack Timeline and covering the first half of the month. Please notice that the stats below do not include the following events:
- The massive leak of Team Ghostshell for ProjectBlackStar (2.5 million accounts leaked from different targets in Russia);
- The Cyber Attacks executed by the Anonymous and the other affiliated collectives for OpIsrael.
The above attacks have been executed on a much wider scale so counting the singe events would be senseless. Anyway other Sites have done an excellent Job for the aggregated stats of those attacks, see for instance OZDC.net for Project Black Star, and OpIsrael.
With this in mind let us proceed to examine the Daily Trend Of Attacks. Please notice the peak of November 5 (no need to comment it!):
Of course the Motivations Chart reflects this trend with the 60% of the attacks considered in my sample led by hackitivism. Apparently no different motivations than Hacktivism and Cyber Crime have been observed in this period.
I use not to take into considerations defacements, but this time their impact on the past two weeks has been very high. This is clearly shown in the Techniques Chart, where they rank at the first place, together with SQL Injection, with the 33% of occurrences:
As usual, the Target chart shows that Governmental targets rank at number one, immediately followed by targets belonging to Industry. Please notice the peak of Torrent Sites. This is due to the waves of DDoS Attacks carried on by Zeiko Anonymous, only because he has not been able to obtain an invite to a close torrent forum. Nothing to add: the reasons for hacking may range from Cyberwar to “simple” whims.
Please, as usual, take the sample very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).
Related articles
- October 2012 Cyber Attacks Statistics (hackmageddon.com)
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
