Many readers keep on asking where the information used to create the stats comes from. The answer is always the same: the statistics are created elaborating the timelines that I collect (approximately) on a bi-weekly basis and I publish on this blog (see also the Cyber Attacks Master Index).
It’s time for the second part of the January Cyber Attacks Timeline (Part I here).
In comparison with the first half of the month, in absolute terms, these two weeks have seen a slightly smaller number of attacks. However, even if the general trend has shown a decrease, the hacktivists (most of all the pro-Islamist ones) have been equally very active (and the French evening newspaper Le Monde, fallen under the keystrokes of the infamous Syrian Electronic Army, is the most illustrious victim).
It’s now time for the first chart of this 2015, a year that has begun in the worst way even from an Information Security perspective, given the high number of attacks recorded in the first half of January.
Unfortunately the sad events happened in Paris have inevitably conditioned this period: France has been the target of an unprecedented number of cyber attacks (approximately 19,000) allegedly carried on by Islamist hackers and strictly related with the events of the Charlie Hebdo. Nearly in contemporary, the Anonymous have declared war against the IS-IS and have taken down several Jiahdist sites. In the meantime the pro IS-IS hackers of the Cyber Caliphate have found the time to hijack the Twitter account of the CENTCOM: the US military command that oversees operations in the Middle East.
As I did exactly one year ago, I have consolidated all the stats collected during 2014 with the intention to provide an high level overview of the past year. Of course this data does not pretend be exhaustive, I’d rather prefer to define the charts as macro-indicators of the threat landscape and the corresponding trends, since the sources of the timelines (from which the stats are derived) are open and therefore only show cyber attacks that were discovered and gained space in the news.
As usual, the US dominate the Country Distribution Chart for all the sectors taken into consideration, well ahead all the other countries.
Despite still related to December 2014, here is the first timeline for 2015 covering the main events occurred between the 16th and 31st December 2014 (first part here).
No doubt, this Christmas will be remembered for the unwelcome surprise of the DDoS attack performed by the infamous Lizard Squad against the online services of Sony and Microsoft. An attack that has shattered the dreams of many players, just few minutes after unwrapping their brand new consoles under the Christmas Tree. However, the light that burns twice as bright burns half as long, and inevitably two members of the collective have allegedly been arrested (not before having attempted a Sybil Attack against Tor).
It’s time for the first Cyber Attacks Timeline of December (and the last for 2014).
Of course the attention of the infosec professionals is still concentrated on the devastating cyber attack against Sony happened in November (and the world as we know it, won’t be the same again), nonetheless this first 15 days have shown some remarkable events, not least the news of a breach happened earlier this year to Sony (once again), which went unreported.
Let us begin with the Country Distribution chart that, easy predictable, shows the US on top of all categories. However, globally, even Italy, Canada and UK show up, respectively for Hacktivism (the first two countries) and Cyber Crime (the latter).
The Cyber Monday has just gone, and here we are with the second Cyber Attacks Timeline of November (Part I here).
Even if no massive breaches against retailers have been discovered so far (however do not get carried away since they will probably need several weeks to surface!), this month equally shows some remarkable events for Cyber Crime, Hacktivism and Cyber Espionage.
For the Infosec professionals, this troubled 2014 will be remembered for the trail of gigantic breaches unleashed nearly exactly one year ago, when the real outcome of the infamous Target breach became to emerge. The real extent of the breach was yet to be known, like also the fact that it would not have been an isolated case, but just the beginning of a nightmare.