About these ads

1-15 June 2014 Cyber Attacks Timeline

It just looks like attackers are enjoying the beginning of the Summer, since the first half of June confirms the decreasing trends.

The controversial 2014 World Cup has revived the hacktivists, and in particular the Anonymous collective who kicked off the Operation OpWorldCup, targeting Brazilian Governmental institutions and Sponsors of the World Cup.

Looking at the Cyber Crime, the most remarkable event of the month is the extortion attempt against  Belgian and French customers of Domino’s Pizza (650,000 users affected). It is also worth to mention the wave of DDoS attacks against Feedly and Evernote, in the first case motivated by extortion, and also the compromising of a US Army database in South Korea.

Last but not least, chronicle report the details of two Cyber Espionage Operations: Operation Molerat, originating allegedly from Middle East, and yet another one from China, discovered by Crowdstrike and attributed to a group dubbed Putter Panda.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 June 2014 Cyber Attacks Timeline

Read more…

About these ads

May 2014 Cyber Attack Statistics

Update on 19/06/2013: I had to update the graph since, in compiling the first timeline of June, I discovered two attacks that apparently fell off my radar: the DDoS attacks to Moz and Plenty of Fish.

I found the time to aggregate the timelines of May (part I and part II) to derive some interesting stats. As a general rule, since many readers often pose the same questions, all the stats are derived from the Cyber Attacks Timelines I publish (almost) bi-weekly.

As I noticed previously in these pages, looks like attackers are just waiting for the Summer, since the number of events in May has experienced a sensible decreease.

The Daily Trend Of Attacks chart shows quite a linear trend with two small peaks around the 15 and 30 May. Overall the activity appears quite limited.

Trend May 2014

Cyber Crime rocks! This is the outcome of the Distribution of Attacks chart, showing a 67% of attacks carried on for criminal purposes. Particularly interesting is also the 11% of reported attacks related to Cyber Espionage.

Motivations May 2014

And in (too) many cases the reason of the attacks is unknown. At least this is what the Distribution of Attack Techniques chart states. Other interesting findings include the rise of Account Hijackings and the noticeable 9% of Targeted Attack (an high incidence this month, undoubtedly related to the similar high incidence of Cyber Espionage).

Techniques May 2014

And last but not least, the Distribution of Targets chart shows a predominance of attacks against Industry (41%), twice the occurrences related to Governmental targets (20%). Targets belonging to Educational institutions rank at number three with “only” the 9%.

Distribution May 2014

Drilling down the Industrial targets provides further interesting findings. Cyber Crime rules and, maybe not a coincidence, targets related to E-Commerce rank at number one (after all this was the month of the Ebay breach) together with software industries (18.2% both). Entertainment rank at number three with 13.6% each.

Industry May 2014

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks included in my timelines. The sample does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”, or at least of the ones that gained space in the media (yes, using an abused expression this is just the tip of the Iceberg).

Of course follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timeline

Here we are with the second part of the timeline of May (first part here).

Summer is coming here, and looks like attackers prefer to spend more  time in the beach rather than in front of their keyboards. In fact the number of reported attack is confirming its decreasing trend, at least for this part of the year.

Nonetheless, the second part of may has brought some noticeable events, such as the attack to Ebay (potentially 145 million accounts compromised), the attack against the Avast! Forum (400,000 records compromised) and the Arkansas State University (“only” 50,000 records). Other noticeable (and funny) event includes the hack of a San Francisco road sign by a prankster announcing the attack by Godzilla!

Cyber Spies were indeed pretty active in this period. Chronicles report of the Operation Clandestine Fox, a cyber attack against several industries in Australia, an undisclosed utility attacked in the US, a three year social network poisoning campaign sponsored by Iran and, last but not least, the alleged attack against the $12.7 million supercomputer in New Zealand from Chinese attackers.

Instead the operations from Law Enforcement Agencies against Hacktivists seem to be effective, the number of attacks motivated by hacktivism is dramatically reducing.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 May 2014 Cyber Attacks Timelinesv2

Read more…

4 Years of Cyber Attacks

I would like to thank once again ISMS Forum Spain for having invited me at their XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos.

I was part of a very interesting panel “Fighting Cyber Threats” during which I was given the opportunity to show some stats collected from my blog.

Here’ s the presentation I showed. Hope it is useful to spread awareness.

Please read carefully the caveats. As always the data cannot be exhaustive, nevertheless they are useful to provide an overview of what’s going on!

1-15 May 2014 Cyber Attacks Timeline

May 27, 2014 1 comment

Here we have with the list of the most significant Cyber Attacks happened in the first half of April (according to my very own point of view).

There are few doubts about the fact that Orange is the winner of the unwelcome prize for the most noticeable breach after the theft of the information of 1.3 million users.

Other interesting events related to Cyber Crime include the breach of Bitly, the famous URL shortening service and a new heist against a virtual currency wallet (this time the victim is Doge Vault, one of the most popular online repositories for the cryptocurrency Dogecoin).

Moving to Cyber Espionage, this month reports two interesting events, the theft of Data related to the Ukraine crisis from the Belgian Foreign Ministry, and the discovery of Operation Saffron Rose, a long-term campaign against western defense contractor carried on by a team of Iranian hackers dubbed Ajax Security Team.

Last but not least, among the hacktivists, chronicles report of  a new action of the infamous Syrian Electronic Army (against four accounts of The Wall Street journal) and the usual skirmishes between Pakistani and Indian hackers (but is questionable in my opinion to determine if those events can be classified as part of a harmless cyber war or are rather mutual actions between hactivists acting on opposite sides).

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 May 2014 Cyber Attacks Timelines Read more…

Jan-Apr 2014 Cyber Attacks Statistics

I have been quite busy in the last few months, so, unfortunately, I was not able to keep the pace with the statistics derived from my Cyber Attacks Timelines. However, thanks to the ISMS Forum Spain (Asociación Española para el Fomento de la Seguridad de la Información), I have been invited to take part at the XV Jornada Internacional de ISMS Forum: La Sociedad Digital, entre Confianza y Ciber-riesgos (to be held on May, the 28th in Madrid).

Taking advantage of this awesome opportunity, I have been able to reorganize the data collected so far for the events recorded in 2014.

What I show below, is a synthesis of this work. Further information will be presented in Madrid, and later in my blog. Meanwhile, I hope the information provided will satisfy the readers who kindly asked for an update of the stats.

Let us start with the Daily Attack Trend Chart.

Daily Attack Trend Jan-Apr 2014

Needless to say, the crooks have started this infosec year with the brakes on. Apart from few noticeable examples (for instance the peak on the 20th of April due to the NullCrew collective), the activity is quite low in comparison with the past years (again a full analysis will be shown in Madrid).

Drilling down the Daily Attack Trend:

Daily Attack Trend Drill Down Jan-Apr 2014

Shows a constant ‘bias’ of events related to Cyber Crime with some isolated peaks of Hacktivism. This is also evident from the Motivations Behind Attacks Chart.

Motivations Jan-Apr2014

Here the Cyber Crime dominates the chart, accounting for the 61% of the total events. Nearly twice more than Hactkivism, stuck to a ‘modest’ 31%. On the other hand Cyber Espionage and Cyber Warfare are quite stable at the values of 2013 when they were respectively at the 5% and 4% (but do not get carried away, the end of the year is far away and there is time to change along the way).

And the fall of Hacktivism finds another indirect confirm in the Distribution of Attack Techniques Chart:

Attack Techniques Jan-Apr2014Apparently fewer and fewer information is disclosed, so nearly one fifth of the recorded attacks if of uncertain origin. However both DDoS and SQLi confirmed the decreasing trend. On the other hand Account Hijacking maintains its growing trend (was 9% in 2013).

Last but not least, the Distribution of Targets chart:Targets Jan-Apr2014Targets belonging to industry rank at number one with the nearly 30% of occurrences, well ahead of governmental targets (at number two with nearly 19%) and organizations (at number three with nearly 12%). The others are behind (luckily for them).

Well, that’s all folks… At least so far… As I said before further data will follow…

As usual, please bear in mind that the sample must be taken very carefully since it refers only to discovered attacks, published in the news, and included in my timelines. The sample cannot be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Enhanced by Zemanta

16-30 April 2014 Cyber Attacks Timeline

It’s time for the report of the cyber activity in April. As usual this post summarizes the main events between 16 and 30 April, whereas the first part covering the attacks between 1 and 15 April 2014 can be found here (ok, actually there’s one attack I had to include in this timeline, dated 10 April).

Apparently this second half has shown a decreasing trend (who knows, maybe the Easter has brought good intentions), nonetheless there have been some noticeable events such as the breach to AOL Mail affecting potentially 50 million users, the breach to Eircom and the interesting trend of attacks against educational institutions (Universities of Virginia, Iowa, North Carolina Wilmington).

In this general decreasing trend, even the attacks motivated by hacktivism have shown a consistent reduction in volume and impact (the Syrian Electronic Army has admitted to be in vacation).

Nothing else of particularly significant to mention but the continual cyber skirmishes between India and Pakistan. Although interesting from an analytic  perspective, the attacks were ‘limited’ to defacements, and hence the overall impact was modest.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-30 Apr 2014 Cyber Attacks Timelines Read more…

Follow

Get every new post delivered to your Inbox.

Join 3,094 other followers