About these ads

1-15 May 2014 Cyber Attacks Timeline

May 27, 2014 1 comment

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines Read more…

About these ads

Jan-Apr 2014 Cyber Attacks Statistics

I have been quite busy in the last few months, so, unfortunately, I was not able to keep the pace with the statistics derived from my Cyber Attacks Timelines. However, thanks to the ISMS Forum Spain (Asociación Española para el Fomento de la Seguridad de la Información), I have been invited to take part at the XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos (to be held on May, the 28th in Madrid).

Taking advantage of this awesome opportunity, I have been able to reorganize the data collected so far for the events recorded in 2014.

What I show below, is a synthesis of this work. Further information will be presented in Madrid, and later in my blog. Meanwhile, I hope the information provided will satisfy the readers who kindly asked for an update of the stats.

Let us start with the Daily Attack Trend Chart.

Daily Attack Trend Jan-Apr 2014

Needless to say, the crooks have started this infosec year with the brakes on. Apart from few noticeable examples (for instance the peak on the 20th of April due to the NullCrew collective), the activity is quite low in comparison with the past years (again a full analysis will be shown in Madrid).

Drilling down the Daily Attack Trend:

Daily Attack Trend Drill Down Jan-Apr 2014

Shows a constant ‘bias’ of events related to Cyber Crime with some isolated peaks of Hacktivism. This is also evident from the Motivations Behind Attacks Chart.

Motivations Jan-Apr2014

Here the Cyber Crime dominates the chart, accounting for the 61% of the total events. Nearly twice more than Hactkivism, stuck to a ‘modest’ 31%. On the other hand Cyber Espionage and Cyber Warfare are quite stable at the values of 2013 when they were respectively at the 5% and 4% (but do not get carried away, the end of the year is far away and there is time to change along the way).

And the fall of Hacktivism finds another indirect confirm in the Distribution of Attack Techniques Chart:

Attack Techniques Jan-Apr2014Apparently fewer and fewer information is disclosed, so nearly one fifth of the recorded attacks if of uncertain origin. However both DDoS and SQLi confirmed the decreasing trend. On the other hand Account Hijacking maintains its growing trend (was 9% in 2013).

Last but not least, the Distribution of Targets chart:Targets Jan-Apr2014Targets belonging to industry rank at number one with the nearly 30% of occurrences, well ahead of governmental targets (at number two with nearly 19%) and organizations (at number three with nearly 12%). The others are behind (luckily for them).

Well, that’s all folks… At least so far… As I said before further data will follow…

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta

16-30 April 2014 Cyber Attacks Timeline

It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).

Apparently this second half has shown a decreasing trend (who knows, maybe the Easter has brought good intentions), nonetheless there have been some noticeable events such as the breach to AOL Mail affecting potentially 50 million users, the breach to Eircom and the interesting trend of attacks against educational institutions (Universities of Virginia, Iowa, North Carolina Wilmington).

In this general decreasing trend, even the attacks motivated by hacktivism have shown a consistent reduction in volume and impact (the Syrian Electronic Army has admitted to be in vacation).

Nothing else of particularly significant to mention but the continual cyber skirmishes between India and Pakistan. Although interesting from an analytic  perspective, the attacks were ‘limited’ to defacements, and hence the overall impact was modest.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2014 Cyber Attacks Timelines Read more…

1-15 April 2014 Cyber Attacks Timeline

And here it is the timeline reporting the Cyber Attacks happened during the first half of April 2014, a month probably long remembered within the Infosec Chronicles for the discovery of the terrible Heartbleed bug (two attacks have been recorded, so far, related to this devastating vulnerability).

Besides the infamous Heartbleed, the most important events of this timeline are related to Cyber Crime. Germany in particular had a bad surprise, with the discovery of a list of 18 million compromised e-mail accounts and passwords, affecting all major German Internet service providers. The list of the remarkable targets also includes Lacie, victim of a malware putting at risk the users who performed on-line purchases from the company web site, the Harley Medical Group (500,000 accounts potentially compromised) and, once again, South Korea where unknown hackers were able to steal the personal information of about 200,000 credit card users, racking up fraudulent charges of about $115,ooo.

The feared wave of cyber attacks against Israel, promised by several Anonymous affiliated hacktivists for the 7th of April, did not happen. The impact of the attacks was limited and in many cases several old leaks were ‘recycled’.

Last but not least, Germany’s Space Research Center in Cologne, was the victim of a targeted attack. Suspects point to China.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Apr 2014 Cyber Attacks Timelines Read more…

16-31 March 2014 Cyber Attacks Timeline

And here we are with the second part of the Cyber Attacks Timeline (first part here).

The prize for the most noticeable breach of the month goes in Korea, where a 31-year-old man has been arrested for infiltrating the account of 25 million users of Never, a local Internet Portal (actually it happened several months ago but was unveiled in this month). Other noticeable events include the trail of attacks against several Universities (Maryland, Auburn, Purdue, Wisconsin-Parkside), the compromising of personal information of 550,000 employees and users of Spec’s, the leak of 158,000 forum users of Boxee.tv and 95,000 users of Cerberus and, finally, a breach targeting the California Department of Motor Vehicles. Last but not least, even the infamous Operation Windigo has deserved a mention in the timeline.

Moving to Hacktivism, chronicles report of a couple of hijackings performed, as usual, by the Syrian Electronic Army, a couple of operations carried on by the Russian Cyber Command and a (probably fake) attack by someone in disguise of Anonymous Ukraine, claiming to to have leaked 7 million Russian Credit Cards. Probably a recycle of old leaks.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 Mar 2014 Cyber Attacks Timelines Read more…

1-15 March 2014 Cyber Attacks Timeline

March 31, 2014 2 comments

And here we are with the timeline of the main Cyber Attacks happened during the first half of March.

Even if globally the number of attacks seems to keep on its decreasing trend, one event in particular will probably be remembered in the chronicles of 2014: definitely the breach to KT Corp. in Korea (12 million customers compromised) deserves a special mention (despite this is not the only one in this first half of the month), even if, apparently, the authors have been immediately busted.

Other interesting trends include the long trail of attacks against Bitcoin Exchange sites (the equivalent of $700.000 has been vaporized by hackers in this two weeks) and an anomalous number of attacks against Universities (North Dakota, Johns Hopkins and Central Oklahoma).

Moving to hacktivism, the landscape has been predictably influenced by the events happening in Ukraine (chronicles report of several attacks in Ukraine, Russia, Poland and also a DDoS against some NATO web sites).

The temperature on the Cyber Espionage front remains high, most of all in India where a local newspaper has unveiled some details related to an operation compromising 50 computers belonging to the Defense Research and Development Organization.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 Mar 2014 Cyber Attacks Timeline

Read more…

16-28 February 2014 Cyber Attacks Timeline

Here is the list of the main Cyber Attacks happened during the second half of February 2014 (Part I here). As you will soon discover, unlike the previous months, the activity in this second half of February has shown a sensible decrease both in number and in size in comparison with the previous months.

One of the few exception to this decreasing trend is  the University of Maryland, that was the victim of a cyber attack that led to the compromising of more than 300,o00 records.

Apparently even the hacktivists have slowed down their attacks with few exceptions (the Syrian Electronic Army and some sporadic actions executed by hackers affiliated to Anonymous.

Interestingly the cyber espionage front has been the more interesting with a couple of remarkable events (a cyber attack against a French aerospace engine maker and the revelation of further details concerning the Iranian attack against a US Navy Computer Network.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-28 Feb 2014 Cyber Attacks Timelines Read more…

Follow

Get every new post delivered to your Inbox.

Join 2,996 other followers